Windows x86 WinExec("cmd.exe",0) shellcode.
5245247fea76192187cd8f574dd39fb5fc2d6b0378a310c25c0acb910a8a6b8fThe League of Legends installer would install the League of Legends screensaver along with a service. The service would be called 'lolscreensaver'. This particular service was misconfigured such that the service binary path was unquoted. When the screensaver is installed to 'C:\Riot Games', the issue is not exploitable. However, during the installation process, users are able to specify a directory to install to. When a user chooses to install this to say an external drive, this becomes exploitable.
1c3a2785a3461ccc741c244d0eb3a6544f42521626f9be71e8b639b2934e73f1The League of Legends screensaver was installed with insecure file permissions. It was found that all folder and file permissions were incorrectly configured during installation. It was possible to replace the service binary.
23513002a36231e12b2425e27ca297ffc2ec5ef5d2b1992de4beb86e92bf577156 bytes small Linux/x86 /bin/nc -le /bin/sh -vp13337 shellcode.
f38639b856b54a21a142f8d5fa661e93546391a1dc6e55a3853c9cd7c1dd1961This Metasploit module exploits a well known remote code execution exploit after establishing encrypted control communications with a Data Protector agent. This allows exploitation of Data Protector agents that have been configured to only use encrypted control communications. This exploit works by executing the payload with Microsoft PowerShell so will only work against Windows Vista or newer. Tested against Data Protector 9.0 installed on Windows Server 2008 R2.
d6104ee164909d896d2db7f3faa4bb142889d586dbc1d543620408ee9bbbccf2Adobe Reader suffers from a CoolType unlimited out-of-bounds stack manipulation vulnerability via the BLEND operator.
0bef84a6288c206410a709191dc9c42a4f640915006898dad18dad76444b452aRed Hat Security Advisory 2016-1207-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data.
94fcc13961bb040ea0f4d2d1fce70c38aed4322503e29ff01294a9416f5fa12cDebian Linux Security Advisory 3596-1 - Several vulnerabilities were discovered in spice, a SPICE protocol client and server library.
6e544a5ab3da6f4fc590a236d64b6e7f3a14dbc5ffd86752051aa8ac69b5e3aaRed Hat Security Advisory 2016-1206-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform- as-a-Service solution designed for on-premise or private cloud deployments. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Security Fix: The Jenkins continuous integration server has been updated to upstream version 1.651.2 LTS that addresses a large number of security issues, including open redirects, a potential denial of service, unsafe handling of user provided environment variables and several instances of sensitive information disclosure.
6a7d81f63b629a182f9c5efd962222fa2de0c411ea4866159614c9c1366ad1e9Ubuntu Security Notice 2994-1 - It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. CVE-2016-3627,CVE-2016-3705, It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
d6e325f629f850398a495c2c2034b48bfa2518d4fd884ffd7c3e826672ff174fRed Hat Security Advisory 2016-1205-01 - The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Security Fix: A memory allocation flaw, leading to a heap-based buffer overflow, was found in spice's smartcard interaction, which runs under the QEMU-KVM context on the host. A user connecting to a guest VM using spice could potentially use this flaw to crash the QEMU-KVM process or execute arbitrary code with the privileges of the host's QEMU-KVM process.
930d98110860d2796a0f946db501717e8f5099ba8c04b6a1c80beecc2f3cfbaaRed Hat Security Advisory 2016-1204-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Security Fix: A memory allocation flaw, leading to a heap-based buffer overflow, was found in spice's smartcard interaction, which runs under the QEMU-KVM context on the host. A user connecting to a guest VM using spice could potentially use this flaw to crash the QEMU-KVM process or execute arbitrary code with the privileges of the host's QEMU-KVM process.
8a04cdaff042fff44f3f4c78a48933af4d346a06194a31eab8bb9a2a217f76e7GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability. This is the previous stable release.
fd3386e8e72725980bcd7f40949aa0121dcb7650b5147c6490e794555ed25859Electroweb Online Examination System version 1.0 suffers from a remote SQL injection vulnerability.
ba9cad5dc2aff449dbb2ccc4fe7070588d5410c8ecbf2320119f38d13d1c0750Apache Continuum version 1.4.2 suffers from command injection and cross site scripting vulnerabilities.
33753b859896ef529d7220d4783017ba4819ff23e9203b674af3f8b5ff78b5f1Joomla JobGrokApp component version 3.1-1.2.55 suffers from a remote SQL injection vulnerability.
c6e24a78b3acd12c8113b6555072e359ad21ff814a3c8efb8dc253c6e40dbfbfDream Gallery version 1.0 suffers from a cross site request forgery vulnerability.
579c35b0e6ccee9c73ef7786009bd7d9f59ec8b263cf6c2ce2b63ae1d04967e9PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
b47d8d016988b7ff823cbc8515adc3fed35e1b5f40073ec4cec73d4771c301e6Sun Secure Global Desktop and Oracle Global Desktop version 4.61.915 remote shellshock code execution exploit.
35ec240c60b7255eaaf64467d8712fa76be5b375b7a5237d5221f43ac829bf35
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed