Результаты поиска

Samsung Devices KNOX Extensions - OTP Service Heap Overflow /** Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=935 As a part of the KNOX extensions available on Samsung devices, Samsung provides a new service which allows the generation of OTP tokens. The tokens themselves...

Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow /** Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=938 As a part of the KNOX extensions available on Samsung devices, Samsung provides a TrustZone trustlet which allows the generation of OTP...

Serva 3.0.0 - HTTP Server Denial of Service #!/usr/bin/env python # # # Serva 3.0.0 HTTP Server Module Remote Denial of Service Exploit # # # Vendor: Patrick Masotta # Product web page: http://www.vercot.com # Affected version: 3.0.0.1001 (Community, Pro, 32/64bit) # # Summary: Serva is a...

iOS 10.1.x - Certificate File Memory Corruption Source: https://cxsecurity.com/issue/WLB-2016110046 iOS 10.1.x Remote memory corruption through certificate file Credit: Maksymilian Arciemowicz from https://cxsecurity.com...

Microsoft Internet Explorer 9 - IEFRAME CSelectionInteractButtonBehavior::_UpdateButtonLocation Use-After-Free (MS13-047) <!-- Source: http://blog.skylined.nl/20161212001.html Synopsis A specially crafted web-page can trigger a use-after-free vulnerability in Microsoft Internet Explorer 9. I...

EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation Title: EasyPHP Devserver Insecure File Permissions Privilege Escalation Application: EasyPHP Devserver Versions Affected: 16.1 Vendor URL: http://www.easyphp.org/ Discovered by: Ashiyane Digital Security Team ~ Micle...

10-Strike Network File Search Pro 2.3 - Local Buffer Overflow (SEH) #!python ##################################################################################### # Exploit title: 10-Strike Network File Search Pro 2.3 Registration code SEH exploit # Date: 2016-12-10 # Vendor homepage...

PHP 5.2.3 imap (Debian Based) - 'imap_open' disable_functions Bypass <?php # https://antichat.com/threads/463395/#post-4254681 # echo '1234567890'>/tmp/test0001 $server = "x -oProxyCommand=echo\tZWNobyAnMTIzNDU2Nzg5MCc+L3RtcC90ZXN0MDAwMQo=|base64\t-d|sh}"...

Splunk Enterprise 6.4.3 - Server-Side Request Forgery ''' ( , ) (, . '.' ) ('. ', ). , ('. ( ) ( (_,) .'), ) _ _, / _____/ / _ \ ____ ____ _____ \____ \==/ /_\ \ _/ ___\/ _ \ / \ / \/ | \\ \__( <_> ) Y Y \ /______ /\___|__ / \___...

Pozzo & Lucky, The phantom Shell. Stego in TCP/IP (part-2) 40897.pdf

Art of Anti Detection - Introduction To AV & Detection Techniques 40900.pdf

Roundcube 1.2.2 - Remote Code Execution Roundcube 1.2.2: Command Execution via Email ============================================ You can find the online version of the advisory here: https://blog.ripstech.com/2016/roundcube-command-execution-via-email/ Found by Robin Peraglie with RIPS...

Microsoft Internet Explorer 9 - MSHTML CDispNode::InsertSiblingNode Use-After-Free (MS13-037) (1) <!-- Source: http://blog.skylined.nl/20161207001.html Synopsis A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Internet Explorer 9. I did not investigate...

Microsoft Internet Explorer 9 - MSHTML CDispNode::InsertSiblingNode Use-After-Free (MS13-037) (2) <!-- Source: http://blog.skylined.nl/20161208001.html Synopsis A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Internet Explorer 9. I did not investigate...

Dell OpenManage Network Manager 6.2.0.51 SP3 - Multiple Vulnerabilities ''' KL-001-2018-009 : Dell OpenManage Network Manager Multiple Vulnerabilities Title: Dell OpenManage Network Manager Multiple Vulnerabilities Advisory ID: KL-001-2018-009 Publication Date: 2018.11.05 Publication URL...

Netgear R7000 - Command Injection # Exploit Title: Netgear R7000 - Command Injection # Date: 6-12-2016 # Exploit Author: Acew0rm # Contact: https://twitter.com/Acew0rm1 # Vendor Homepage: https://www.netgear.com/ # Category: Hardware # Version: V1.0.7.2_1.1.93 -Vulnerability An...

Teaching an Old Dog (not that new) Tricks. Stego in TCP/IP made easy (part-1) 40891.pdf

Edge SkateShop - Authentication bypass # Exploit Title: Edge SkateShop Authentication Bypass # Date: 6/12/2016 # Exploit Author: Delilah # Vendor HomePage: http://www.sourcecodester.com/php/10964/basic-shopping-cartphpmysql.html # Software Link...

Dual DHCP DNS Server 7.29 - Denial of Service # Title : Dual DHCP DNS Server 7.29 Buffer Overflow (Dos) # Date : 07/12/2016 # Author : R-73eN # Tested on: Dual DHCP DNS Server 7.29 on Windows 7 SP1 (32bit) # Vendor : http://dhcp-dns-server.sourceforge.net/ # Software ...

Atlassian Jira - (Authenticated) Upload Code Execution (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include...

Microsoft Edge - CMarkup::EnsureDeleteCFState Use-After-Free (MS15-125) Source: http://blog.skylined.nl/20161201001.html Synopsis A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Edge. I did not investigate this vulnerability thoroughly, so I cannot...

Microsoft Internet Explorer 9 - CDoc::ExecuteScriptUri Use-After-Free (MS13-009) <!-- Source: http://blog.skylined.nl/20161202001.html Synopsis A specially crafted web-page can trigger a use-after-free vulnerability in Microsoft Internet Explorer 9. I did not investigate this vulnerability...

Microsoft Internet Explorer 9 - 'jscript9' JavaScriptStackWalker Memory Corruption (MS15-056) <!-- Source: http://blog.skylined.nl/20161206001.html Synopsis A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Internet Explorer 9. A pointer set up to point...

Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' Race Condition Privilege Escalation /* chocobo_root.c linux AF_PACKET race condition exploit exploit for Ubuntu 16.04 x86_64 vroom vroom *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= user@ubuntu:~$ uname -a Linux...

Google Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=928 Bitmap objects can be passed between processes by flattening them to a Parcel in one process and un-flattening them in another. In...