Hack Tools/Exploits

Packetstorm Last 10 Files

  1. TRENDnet SecurView Wireless Network Camera TV-IP422WN Buffer Overflow - The TRENDnet UltraCam ActiveX Control UltraCamX.ocx suffers from a stack buffer overflow vulnerability when parsing large amount of bytes to several functions in UltraCamLib, resulting in memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code. Versions TV-IP422WN and TV-IP422W are affected.
  2. libFLAC 1.3.0 Stack Overflow / Heap Overflow / Code Execution - The libFLAC project, an open source library implementing reference encoders and decoders for native FLAC and Ogg FLAC audio content, suffers from multiple implementation issues. In particular, a stack overflow and a heap overflow condition, which may result in arbitrary code execution, can be triggered by passing a maliciously crafted .flac file to the libFLAC decoder. Versions 1.3.0 and below are affected.
  3. Mozilla Firefox 3.6 mChannel Use-After-Free - Mozilla Firefox 3.6 is prone to a use-after-free vulnerability in OBJECT mChannel that allows an attacker to execute arbitrary code.
  4. Docker Privilege Escalation - Docker versions prior to 1.3.2 suffer from privilege and container escalation vulnerabilities.
  5. Ubuntu Security Notice USN-2417-1 - Ubuntu Security Notice 2417-1 - Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. A flaw was discovered with the handling of the invept instruction in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. Various other issues were also addressed.
  6. Ubuntu Security Notice USN-2421-1 - Ubuntu Security Notice 2421-1 - A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). Various other issues were also addressed.
  7. Advertisement: SolarWinds Log & Event Manager - Need root-cause analysis, log management, and compliance monitoring? SolarWinds(r) LEM is smart security for any IT pro. Download a free trial
  8. Ubuntu Security Notice USN-2420-1 - Ubuntu Security Notice 2420-1 - A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). Various other issues were also addressed.
  9. Ubuntu Security Notice USN-2419-1 - Ubuntu Security Notice 2419-1 - A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). Various other issues were also addressed.
  10. Ubuntu Security Notice USN-2416-1 - Ubuntu Security Notice 2416-1 - Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). Various other issues were also addressed.

Packetstorm Tools

  1. AIEngine 1.0 - AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  2. Maligno 1.4 - Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
  3. Capstone 3.0 - Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.
  4. Clam AntiVirus Toolkit 0.98.5 - Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
  5. DAVOSET 1.2.3 - DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
  6. Fwknop Port Knocking Utility 2.6.4 - fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
  7. Advertisement: SolarWinds Log & Event Manager - Need root-cause analysis, log management, and compliance monitoring? SolarWinds(r) LEM is smart security for any IT pro. Download a free trial
  8. Packet Fence 4.5.1 - PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  9. Hesperbot Detection Scanner 1.0 - Hesperbot Scanner is a windows binary that is able to detect the Hesperbot banking trojan by fingerprinting memory and looking for things that traditional antivirus software fails to catch early during the malware campaigns.
  10. DAVOSET 1.2.2 - DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Packetstorm Exploits

  1. TRENDnet SecurView Wireless Network Camera TV-IP422WN Buffer Overflow - The TRENDnet UltraCam ActiveX Control UltraCamX.ocx suffers from a stack buffer overflow vulnerability when parsing large amount of bytes to several functions in UltraCamLib, resulting in memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code. Versions TV-IP422WN and TV-IP422W are affected.
  2. Mozilla Firefox 3.6 mChannel Use-After-Free - Mozilla Firefox 3.6 is prone to a use-after-free vulnerability in OBJECT mChannel that allows an attacker to execute arbitrary code.
  3. KMPlayer 3.9.1.130 Denial Of Service - KMPlayer version 3.9.1.130 suffers from an integer division by zero denial of service vulnerability.
  4. PHP 5.x / Bash Shellshock Proof Of Concept - This is a proof of concept that demonstrates how the Bash shellshock vulnerability can be used in PHP to bypass disable_functions, safe_mode, etc.
  5. WordPress wpDataTables 1.5.3 SQL Injection - WordPress wpDataTables plugin versions 1.5.3 and below suffer from a remote SQL injection vulnerability.
  6. WordPress wpDataTables 1.5.3 Shell Upload - WordPress wpDataTables versions 1.5.3 and below suffer from a remote shell upload vulnerability.
  7. Advertisement: SolarWinds Log & Event Manager - Need root-cause analysis, log management, and compliance monitoring? SolarWinds(r) LEM is smart security for any IT pro. Download a free trial
  8. TP-Link TL-WR740N Denial Of Service - The TP-Link WR740N Wireless N Router network device is exposed to a denial of service vulnerability when processing a HTTP GET request. This issue occurs when the web server (httpd) fails to handle a HTTP GET request over a given default TCP port 80. Resending the value 'new' to the 'isNew' parameter in 'PingIframeRpm.htm' script to the router thru a proxy will crash its httpd service denying the legitimate users access to the admin control panel management interface. To bring back the http srv and the admin UI, a user must physically reboot the router.
  9. RobotStats 1.0 Cross Site Scripting - RobotStats version 1.0 suffers from an html injection vulnerability.
  10. RobotStats 1.0 SQL Injection - RobotStats version 1.0 suffers from a remote SQL injection vulnerability.

Securiteam Exploits

  1. Multiple Cobham Products Information Disclosure Vulnerabilities - Cobham SAILOR 900 VSAT; SAILOR FleetBroadBand 150, 250, and 500; EXPLORER BGAN; and AVIATOR 200, 300, 350, and 700D devices do not properly restrict password recovery, which allows attackers to obtain administrative privileges by leveraging physical access or terminal access to spoof a reset code.
  2. OpenStack Neutron L3-Agent Remote Denial Of Service Vulnerabilities - The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.
  3. Oracle Java SE 6u75 Remote Security Code Execution Vulnerabilities - vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX.
  4. Oracle WebCenter Portal Remote Security Code Execution Vulnerabilities - vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect integrity via unknown vectors related to Portlet Services.
  5. PHP '/ext/standard/info.c' Type Confusion Information Disclosure Vulnerabilities - The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a "type confusion" vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php.