Home / Exploit
black-hat-logo

Exploit

EXPLOIT DATABASE

PACKETSTORM DATABASE

  • 25 February 2017: Packet Fence 6.5.1 - Files ≈ Packet Storm
    PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  • 25 February 2017: Ansvif 1.6.2 - Files ≈ Packet Storm
    Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
  • 25 February 2017: Mandos Encrypted File System Unattended Reboot Utility 1.7.15 - Files ≈ Packet Storm
    The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
  • 25 February 2017: MVPower DVR Shell Unauthenticated Command Execution - Files ≈ Packet Storm
    This Metasploit module exploits an unauthenticated remote command execution vulnerability in MVPower digital video recorders. The 'shell' file on the web interface executes arbitrary operating system commands in the query string. This Metasploit module was tested successfully on a MVPower model TV-7104HE with firmware version 1.8.4 115215B9 (Build 2014/11/17). The TV-7108HE model is also reportedly affected, but untested.
  • 25 February 2017: AlienVault OSSIM/USM Remote Code Execution - Files ≈ Packet Storm
    This Metasploit module exploits object injection, authentication bypass and ip spoofing vulnerabilities all together. Unauthenticated users can execute arbitrary commands under the context of the root user. By abusing authentication bypass issue on gauge.php lead adversaries to exploit object injection vulnerability which leads to SQL injection attack that leaks an administrator session token. Attackers can create a rogue action and policy that enables to execute operating system commands by using captured session token. As a final step, SSH login attempt with a invalid credentials can trigger a created rogue policy which triggers an action that executes operating system command with root user privileges. This Metasploit module was tested against following product and versions: AlienVault USM 5.3.0, 5.2.5, 5.0.0, 4.15.11, 4.5.0 AlienVault OSSIM 5.0.0, 4.6.1
  • 25 February 2017: Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution - Files ≈ Packet Storm
    This Metasploit module exploits a command injection vulnerability in the Trend Micro IMSVA product. An authenticated user can execute a terminal command under the context of the web server user which is root. Besides, default installation of IMSVA comes with a default administrator credentials. saveCert.imss endpoint takes several user inputs and performs blacklisting. After that it use them as argument of predefined operating system command without proper sanitation. However,due to improper blacklisting rule it's possible to inject arbitrary commands into it. InterScan Messaging Security prior to 9.1.-1600 affected by this issue. This Metasploit module was tested against IMSVA 9.1-1600.
  • 25 February 2017: Red Hat Security Advisory 2017-0323-01 - Files ≈ Packet Storm
    Red Hat Security Advisory 2017-0323-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system.
  • 25 February 2017: Red Hat Security Advisory 2017-0324-01 - Files ≈ Packet Storm
    Red Hat Security Advisory 2017-0324-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system.
  • 25 February 2017: Debian Security Advisory 3792-1 - Files ≈ Packet Storm
    Debian Linux Security Advisory 3792-1 - Ben Hayak discovered that objects embedded in Writer and Calc documents may result in information disclosure.
  • 25 February 2017: Joomla Community Quiz 4.3.5 SQL Injection - Files ≈ Packet Storm
    Joomla Community Quiz component version 4.3.5 suffers from a remote SQL injection vulnerability.
  • 25 February 2017: Joomla Intranet Attendance Track 2.6.5 SQL Injection - Files ≈ Packet Storm
    Joomla Intranet Attendance Track component version 2.6.5 suffers from a remote SQL injection vulnerability.
  • 25 February 2017: Joomla Wisroyq 1.6 SQL Injection - Files ≈ Packet Storm
    Joomla Wisroyq component version 1.6 suffers from a remote SQL injection vulnerability.
  • 25 February 2017: Joomla JO Facebook Gallery 4.5 SQL Injection - Files ≈ Packet Storm
    Joomla JO Facebook Gallery component version 4.5 suffers from a remote SQL injection vulnerability.
  • 25 February 2017: Joomla JooDatabase 3.1.0 SQL Injection - Files ≈ Packet Storm
    Joomla JooDatabase component version 3.1.0 suffers from a remote SQL injection vulnerability.
  • 25 February 2017: Joomla Community Polls 4.5.0 SQL Injection - Files ≈ Packet Storm
    Joomla Community Polls component version 4.5.0 suffers from a remote SQL injection vulnerability.

CERT VULNERABILITY DATABASE

SECURITYFOCUS DATABASE