984 matches found
openSUSE: Security Advisory for go1.10 (openSUSE-SU-2018:4255-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Erlang Port Mapper Daemon Cookie RCE
The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie RCE is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location. This module requires Metasploit: https://metasploit.com/download Current source...
CVE-2018-19922
Persistent Cross-Site Scripting XSS in the advancedsetupwebsiteblocking.html Website Blocking page of the Actiontec C1000A router with firmware through CAC004-31.30L.95 allows a remote attacker to inject arbitrary HTML into the Website Blocking page by inserting arbitrary HTML into the 'TodUrlAdd...
Cmd and Conquer: De-DOSfuscation with flare-qdb
When Daniel Bohannon released his excellent DOSfuscation paper, I was fascinated to see how tricks I used as a systems engineer could help attackers evade detection. I didn’t have much to contribute to this conversation until I had to analyze a hideously obfuscated batch file as part of my job on...
ZyXEL ZyWALL USG Cross-Site Request Forgery Vulnerability
ZyXEL ZyWALL USG is a network security firewall appliance from Hopkins ZyXEL Technology. A cross-site request forgery vulnerability exists in ZyXEL ZyWALL USG version 2.12 AQQ.2 and 3.30 AQQ.7. A remote attacker can exploit this vulnerability by adding user accounts with the help of the 'cmd'...
CVE-2018-19184
CVE-2018-19184 affects Go Ethereum (geth) prior to or including 1.8.17, specifically in cmd/evm/runner.go. The vulnerability allows an attacker to trigger a denial-of-service (SEGV) through specially crafted bytecode, as documented in multiple sources (NVD entry for CVE-2018-19184 and SUSE/GHSA e...
CVE-2017-17550
The vulnerability is in ZyXEL ZyWALL USG devices (2.12 AQQ.2 and 3.30 AQQ.7) where a CSRF flaw in the cgi-bin/zysh-cgi cmd action allows an attacker to add a user account. This newly created account could subsequently be used to perform stored XSS, as described in multiple sources. Affected softw...
Arm Whois 3.11 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: Arm Whois 3.11 - Buffer Overflow SEH Exploit Author: Yair Rodríguez Aparicio 0-day DoS exploit, Semen Alexandrovich Lyhin 1-day fully working exploit Vendor Homepage: http://www.armcode.com/ Software Link:...
CVE-2018-9359
In processl2capcmd of l2cmain.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0...
Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'expect' class MetasploitModule 'Morris Worm sendmail Debug Mode Shell Escape', 'Description' = %q This module exploits sendmail's well-known historical debug mo...
Radan-http service for Linux remote code execute Exploit
Injection into a web application Hack all servers have webapp open port 8088 Ok so the web application attack has 2 steps. 1: Create a new application done with post request to /newappication, 2: Now once we done that we can execute commands inside of it. Usage Info 1 You need to scan ip list wit...
PT-2018-6263 · Insteon · Insteon Hub
Name of the Vulnerable Software and Affected Versions: Insteon Hub 2245-222 version 1012 Description: The issue arises from specially crafted commands sent through the PubNub service, which can cause a stack-based buffer overflow, overwriting arbitrary data. This is triggered by sending an...
Design/Logic Flaw
phpLDAPadmin 1.2.2 allows LDAP injection via a crafted serverid parameter in a cmd.php?cmd=loginform request, or a crafted username and password in the login panel...
Prime95 29.4b8 Stack Buffer Overflow
Exploit Title: Prime95 Local Buffer Overflow SEH Date: 13-4-2018 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Vendor Homepage: https://www.mersenne.org/ Software Link: https://www.mersenne.org/download/download Version: 29.4b8 Tested on: Windows 10 Pro x64 SPANISH Windows 7 Ho...
Prime95 29.4b8 - Stack Buffer Overflow (SEH)
Prime95 29.4b8 - Stack Buffer Overflow SEH Exploit Title: Prime95 Local Buffer Overflow SEH Date: 13-4-2018 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Vendor Homepage: https://www.mersenne.org/ Software Link: https://www.mersenne.org/download/download Version: 29.4b8 Tested...
Vayne-RaT - An Advanced C# .NET RAT
Vayne-RaT is Free and Open SourceRemote Administration Tool Coded In C. Features: Multi-Threaded CMD Shell File Manager Download & Upload Remote Desktop Password Recovery Assembly Builder Scan-Time Crypter FUD Requirements Stub Coded In .NET 2.0 Mono.Cecil.dll Dissembler Lib.dll BunifuUIv1.52.dll...
CVE-2014-3114
The EZPZ One Click Backup ezpz-one-click-backup plugin 12.03.10 and earlier for WordPress allows remote attackers to execute arbitrary commands via the cmd parameter to functions/ezpz-archive-cmd.php...
CVE-2017-13281
In avrcparsbrowsingcmd of avrcparstg.cc, there is a possible stack buffer overflow due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1...
CVE-2018-9156
AXIS P1354 IP camera (Firmware 5.90.1.1) is affected by CVE-2018-9156 due to an upload page that does not verify file types, enabling a webshell upload via fileUpload.shtml for a custom .shtml file. The shell can be interpreted by Apache mod_include (
ESXi Detection via VMWare Tools CMD execution
Binary data vmwareesxidetection.nbin...