安全文章 / 文章资料 / Exploits

首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

热门关键字：　shell 　88888 　art 　vitter 　linux

		当前位置：主页>安全文章>文章资料>Exploits>列表


	Microsoft Windows 7 Kernel - 'win32k!xxxClientLpkDrawTextEx' Stack Memory Disclo
	日期：2017-05-16 14:20:43 点击：149 评论：0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1182 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 7 (other platforms untested) indirectly t


	Microsoft Windows 10 Kernel - nt!NtTraceControl (EtwpSetProviderTraits) Pool Mem
	日期：2017-05-16 14:19:41 点击：384 评论：0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1161 We have discovered that the handler of the nt!NtTraceControl system call (specifically the EtwpSetProviderTraitsUm functionality, opcode 0x1E) discloses portions of uninitiali


	Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor
	日期：2017-05-16 14:16:43 点击：24 评论：0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed (on Windows 7 32-bit) that for unclear reasons, the kernel-mode structure containing the default DACL of system processes' tokens (lsass.exe, services.exe, ..


	Larson VizEx Reader 9.7.5 - Local Buffer Overflow (SEH)
	日期：2017-05-16 14:15:52 点击：31 评论：0
#!/usr/bin/python # Exploit Title : Larson VizEx Reader 9.7.5 - Local Buffer Overflow (SEH) # Date : 14/05/2017 # Exploit Author : Muhann4d # CVE: CVE-2017-8927 # Vendor Homepage : http://www.cgmlarson.com/ # Software Link : http://download.freedown


	Halliburton LogView Pro 10.0.1 - Local Buffer Overflow (SEH)
	日期：2017-05-16 14:10:26 点击：18 评论：0
#!/usr/bin/python # Exploit Title : Halliburton LogView Pro 10.0.1 - Local Buffer Overflow (SEH) # Date : 2017-05-14 # Exploit Author : Muhann4d # CVE : CVE-2017-8926 # Vendor Homepage : http://www.halliburton.com # Software Link : http://www.hallibu


	Quest Privilege Manager pmmasterd Buffer Overflow
	日期：2017-05-15 17:12:39 点击：25 评论：0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Exploit::Remote::Tcp def initialize(info =


	miniupnpc 2.0.20170421 Denial Of Service
	日期：2017-05-15 17:10:53 点击：118 评论：0
Author: github.com/tintinwebRef: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798Version: 0.6Date: May 1st, 2017Tag: miniupnp miniupnpc getHTTPResponse chunked encoding integer signedness errorOverview--------Name: miniupnpcVendor: Th


	Vanilla Forums < 2.3 - Remote Code Execution
	日期：2017-05-15 17:07:30 点击：57 评论：0
#!/bin/bash # # __ __ __ __ __ # / / ___ ____ _____ _/ / / / / /___ ______/ /_____ __________ # / / / _ / __ `/ __ `/ / / /_/ / __ `/ ___/ //_/ _ / ___/ ___/ # / /___/ __/ /_/ / /_/ / / / __ / /_/ / /__/ , / __/ / (__ ) # /_____/___/__, /__,_/_/


	Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) - Double-free usb-midi S
	日期：2017-05-15 17:05:07 点击：49 评论：0
Source: https://xairy.github.io/blog/2016/cve-2016-2384 Source: https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-2384 Source: https://www.youtube.com/watch?v=lfl1NJn1nvo Exploit-DB Note: This requires physical access to the machine, as w


	Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE' & 'SO_RCVBUFFORCE' Local Privilege
	日期：2017-05-15 16:27:36 点击：145 评论：0
// CAP_NET_ADMIN - root LPE exploit for CVE-2016-9793 // No KASLR, SMEP or SMAP bypass included // Affected kernels: 3.11 - 4.8 // Tested in QEMU only // https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793 // // Usage: // # gcc -pthrea


	Linux Kernel 4.8.0 - Packet Socket Local root Privilege Escalation
	日期：2017-05-12 14:58:05 点击：65 评论：0
// A proof-of-concept local root exploit for CVE-2017-7308. // Includes a SMEP SMAP bypass. // Tested on 4.8.0-41-generic Ubuntu kernel. // https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-7308 // // Usage: // user@ubuntu:~$ uname -a //


	OpenVPN 2.4.0 - Unauthenticated Denial of Service
	日期：2017-05-12 14:55:30 点击：114 评论：0
#!/usr/bin/env python3 ''' $ ./dos_server.py $ sudo ./openvpn-2.4.0/src/openvpn/openvpn conf/server-tls.conf ... Fri Feb 24 10:19:19 2017 192.168.149.1:64249 TLS: Initial packet from [AF_INET]192.168.149.1:64249, sid=9a6c48a6 1467f5e1 Fri Feb 24 10:1


	Microsoft IIS WebDav ScStoragePathFromUrl Overflow
	日期：2017-05-11 15:21:31 点击：200 评论：0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ManualRanking include Msf::Exploit::Remote::HttpClient def initia


	SAP SAPCAR 721.510 - Heap-Based Buffer Overflow
	日期：2017-05-11 15:06:01 点击：42 评论：0
''' Source: https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability 1. Advisory Information Title: SAP SAPCAR Heap Based Buffer Overflow Vulnerability Advisory ID: CORE-2017-0001 Advisory URL: http://www.coresecuri


	Dolibarr 4.0.4 SQL Injection / XSS / Weaknesses
	日期：2017-05-11 14:52:58 点击：90 评论：0
=== FOXMOLE - Security Advisory 2017-02-23 ===Dolibarr ERP CRM - Multiple Issues~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Affected Versions=================Dolibarr 4.0.4Issue Overview==============Vulnerability Type: SQL Injection, Cross Site Scripting,


	ASUS Routers CSRF / Information Disclosure
	日期：2017-05-11 14:51:32 点击：56 评论：0
[Original post here:https://wwws.nightwatchcybersecurity.com/2017/05/09/multiple-vulnerabilities-in-asus-routers/]SummaryVarious models of ASUS RT routers have several CSRF vulnerabilitiesallowing malicious sites to login and change settings in the


	wolfSSL 3.10.2 - x509 Certificate Text Parsing Off-by-One
	日期：2017-05-10 15:14:29 点击：103 评论：0
TALOS-2017-0293 WOLFSSL LIBRARY X509 CERTIFICATE TEXT PARSING CODE EXECUTION VULNERABILITY MAY 8, 2017 CVE-2017-2800 SUMMARY An exploitable off-by-one write vulnerability exists in the x509 certificate parsing functionality of wolfSSL library version


	Oracle GoldenGate 12.1.2.0.0 - Unauthenticated Remote Code Execution
	日期：2017-05-10 15:13:21 点击：82 评论：0
#!/usr/bin/env python # Sources: # https://silentsignal.hu/docs/S2_Oracle_GoldenGate_GOLDENSHOWER.py # https://blog.silentsignal.eu/2017/05/08/fools-of-golden-gate/ # # GOLDENSHOWER - Oracle GoldenGate unauthenticated RCE by Silent Signal # # Tested


	LogRhythm Network Monitor - Authentication Bypass / Command Injection
	日期：2017-05-10 15:11:58 点击：21 评论：0
# Exploit Title: LogRhythm Network Monitor Auth Bypass Root RCE # Public Disclosure Date: 24 Apr 2017 # Author: Francesco Oddo # Reference: http://security-assessment.com/files/documents/advisory/Logrhythm-NetMonitor-Advisory.pdf # Software Link: htt


	Veritas Netbackup 8.0 File Write / Remote Code Execution / Bypass
	日期：2017-05-10 14:26:44 点击：153 评论：0
Veritas Netbackup 8.0 - Multiple Vulnerabilities-------------------------------------------------Introduction============Multiple vulnerabilities were identified in Veritas Netbackup (https://www.veritas.com/product/backup-and-recovery/netbackup-8).

共637页/12733条记录首页上一页 [74] [75] [76] 77 [78] [79] [80] 下一页末页

本月热点文章

本月推荐文章

相关分类

Exploits

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved