198 matches found
ntop-ng 2.0.151021 - Privilege Escalation
Vulnerability title: ntop-ng = 2.0.151021 - Privilege Escalation Author: Dolev Farhi Contact: dolev at flaresec.com Vulnerable version: 2.0.151021 Fixed version: 2.2 Link: ntop.org Date 27.11.2015 CVE-2015-8368 Product Details: ntopng is the next generation version of the original ntop, a network...
PHP 5.45.55.6 - SplDoublyLinkedList Unserialize() Use-After-Free
PHP 5.45.55.6 - SplDoublyLinkedList Unserialize Use-After-Free Yet Another Use After Free Vulnerability in unserialize with SplDoublyLinkedList Taoguang Chen - Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplDoublyLinkedList object...
PHP 5.4/5.5/5.6 - 'Unserialize()' Use-After-Free
Use After Free Vulnerabilities in unserialize Taoguang Chen Write Date: 2015.7.31 Release Date: 2015.9.4 Multiple use-after-free vulnerabilities were discovered in unserialize with Serializable class that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely. Affect...
PHP 5.4/5.5/5.6 - SplObjectStorage 'Unserialize()' Use-After-Free
Yet Another Use After Free Vulnerability in unserialize with SplObjectStorage Taoguang Chen Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplObjectStorage object's deserialization and crafted object's wakeup magic method that can be...
PHP 5.45.55.6 - SplObjectStorage Unserialize() Use-After-Free
PHP 5.45.55.6 - SplObjectStorage Unserialize Use-After-Free Yet Another Use After Free Vulnerability in unserialize with SplObjectStorage Taoguang Chen Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplObjectStorage object's...
SubDomain Analyzer - Get detailed information of a domain
The "SubDomain Analyzer" tool written in Python language. The purpose of "SubDomain Analyzer" getting full detailed information of selected domain. The "SubDomain Analyzer" gets data from domain by following steps: 1. Trying to get the zone tranfer file. 2. Gathers all information from DNS record...
PHP SPL ArrayObject Use-After-Free
Use After Free Vulnerability in unserialize with SPL ArrayObject Taoguang Chen - Write Date: 2015.7.30 - Release Date: 2015.8.7 A use-after-free vulnerability was discovered in unserialize with SPL ArrayObject object's deserialization that can be abused for leaking arbitrary memory blocks or...
PHP SoapFault Type Confusion
Type Confusion Infoleak Vulnerability in unserialize with SoapFault Taoguang Chen - Write Date: 2015.3.1 - Release Date: 2015.4.28 A type confusion vulnerability was discovered in unserialize with SoapFault object's toString magic method that can be abused for leaking arbitrary memory blocks...
Fedora 20 : ettercap-0.8.2-1.fc20 (2015-4020)
0.8.2-Ferri Bug Fix !! Fixed some openssl deprecated functions usage !! Fixed log file ownership !! Fixed mixed output print !! Fixed dropprivs function usage !! Fixed nopromisc option usage. !! Fixed missing break in parser code. !! Improved redirect commands !! Fix truncated VLAN packet headers...
Fedora 22 : ettercap-0.8.2-1.fc22 (2015-4009)
0.8.2-Ferri Bug Fix !! Fixed some openssl deprecated functions usage !! Fixed log file ownership !! Fixed mixed output print !! Fixed dropprivs function usage !! Fixed nopromisc option usage. !! Fixed missing break in parser code. !! Improved redirect commands !! Fix truncated VLAN packet headers...
PHP unserialize() Use-After-Free
Use After Free Vulnerability in unserialize Taoguang Chen - Write Date: 2015.2.3 - Release Date: 2015.3.20 A use-after-free vulnerability was discovered in unserialize with a specially defined object's wakeup magic method that can be abused for leaking arbitrary memory blocks or execute arbitrary...
PHP DateTime Use After Free Vulnerability
Exploit for php platform in category dos / poc Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod...
PHP DateTimeZone Type Confusion Infoleak
Type Confusion Infoleak Vulnerability in unserialize with DateTimeZone Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A Type Confusion Vulnerability was discovered in unserialize with DateTimeZone object's wakeup magic method that can be abused for leaking arbitrary memory blocks...
Dirs3arch v0.3.0 - HTTP(S) Directory/File Brute Forcer
dirs3arch is a simple command line tool designed to brute force hidden directories and files in websites. It's written in python3 3 and all thirdparty libraries are included. Operating Systems supported Windows XP/7/8 GNU/Linux MacOSX Features Multithreaded Keep alive connections Support for...
Windows OLE Package Manager SandWorm Exploit
Proof of concept exploit builder for the OLE flaw in packager.dll. !/usr/bin/env python import os import zipfile import sys ''' Very quick and ugly SandWorm CVE-2014-4114 exploit builder Exploit Title: CVE-2014-4114 SandWorm builder Built to run on: Linux/MacOSX Date: 17/10/2014 Exploit Author:...
Microsoft Windows - OLE Package Manager SandWorm
Microsoft Windows - OLE Package Manager SandWorm !/usr/bin/env python import os import zipfile import sys ''' Full Exploit: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/35019.tar.gz Very quick and ugly SandWorm CVE-2014-4114 exploit builder Exploit Title:...
The latest Bash vulnerability patch Junior programme-vulnerability warning-the black bar safety net
Bash broke the remote parsing command execution vulnerability, CVE-2 0 1 4-6 2 7 1, the spread of major Linux distributions and MacOSX systems. Vulnerability can be directly in the Bash support the Web CGI environment remote execution of arbitrary commands. bash is injected after the public...
Safari SVGPathSegList Use-After-Free Exploit
Remote command execution exploit works on Windows XP/Vista/7 and MacOSX Snow Leopard. This is private exploit. You can buy it at https://0day.today...
UFO: Alien Invasion 2.2.1 - IRC Client Remote Code Execution - OSX Snow Leopard (ROP)
No description provided by source. !/usr/bin/python UFO: Alien Invasion v2.2.1 IRC Client Remote Code Execution - MacOSX OS X Snow Leopard: d1dn0t OS X Leopard: dookie Windows PoC: Jason Geffner http://www.exploit-db.com/exploits/14013 import sys, socket, struct WRITEABLE = 0x8fe66448...
presto! pagemanager <= 9.01 - Multiple Vulnerabilities
No description provided by source. Luigi Auriemma Application: Presto! PageManager http://www.newsoftinc.com/products/productpage.php?PId=5 Versions: = 9.01 Platforms: Windows, MacOSX Bugs: A Heap-overflow B Arbitray files downloading C Denial of Service Exploitation: remote Date: 14 Mar 2012...