Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
Updated: 58 min 21 sec ago
Dell SonicWall Scrutinizer versions 11.0.1 and below setUserSkin/deleteTab SQL injection / remote code execution exploit that leverages a vulnerability found by Brandon Perry in July of 2014.
Microsoft Windows blue screen of death exploit that leverages a privilege escalation vulnerability as defined in CVE-2016-0051.
manager.skype.com suffered from a filter bypass vulnerability.
WordPress Event Registration plugin version 6.02.02 suffers from cross site scripting and remote SQL injection vulnerabilities.
PHPWebFTP version 3.3b suffers from cross site scripting vulnerabilities.
This Metasploit module exploits a shell command injection in the way "delegates" (commands for converting files) are processed in ImageMagick versions <= 7.0.1-0 and <= 6.9.3-9 (legacy). Since ImageMagick uses file magic to detect file format, you can create a .png (for example) which is actually a crafted SVG (for example) that triggers the command injection. Tested on Linux, BSD, and OS X. You'll want to choose your payload carefully due to portability concerns. Use cmd/unix/generic if need be.
This Metasploit module exploits a remote code execution feature of the Ruby on Rails framework. This feature is exposed if the config.web_console.whitelisted_ips setting includes untrusted IP ranges and the web-console gem is enabled.
IPFire versions prior to 2.19 Update Core 101 suffer from cross site request forgery, cross site scripting, and remote command execution vulnerabilities.
Threaded USENET news reader version 3.6-23 suffers from a stack buffer overflow vulnerability.
DynaTrace UEM versions 6.3.x, 6.2.x, and 6.1.x suffer from a cookie manipulation vulnerability that can cause a server-side crash.
OXID eShop Community Edition version 4.9.7 suffers from path traversal and privilege escalation vulnerabilities.
Swagger Editor version 2.9.9 suffers from a cross site scripting vulnerability.
NetCommWireless HSPA 3G10WVE suffers from authentication bypass and remote code execution vulnerabilities.
libxml versions prior to 2.9.3 suffer from a stack overflow vulnerability when parsing a malicious file.
Zabbix Agent version 3.0.1 suffers from a remote shell command injection vulnerability via mysql.size.
Linux 4.4 suffers from a use-after-free vulnerability in double-fdput().
Fuzzing packed executables with McAfee's LiveSafe version 14.0 on Windows found a signedness error parsing sections and relocations.
Linux suffers from a reference count overflow using BPF maps.
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs.
CMS Made Simple versions prior to 2.1.3 and 1.12.2 suffer from a web server cache poisoning vulnerability.