Tuneclone 2.20 SEH Buffer Overflow
Posted by deepcore under exploit (No Respond)
Tuneclone version 2.20 local SEH buffer overflow exploit.
Archive for June, 2019
Linux Race Condition Use-After-Free
Posted by deepcore under exploit (No Respond)
Linux suffers from a use-after-free via a race condition between modify_ldt() and #BR exception.
BlogEngine.NET 3.3.6 / 3.3.7 XML Injection
Posted by deepcore under exploit (No Respond)
BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from an XML external entity injection vulnerability.
WebERP 4.15 SQL Injection
Posted by deepcore under exploit (No Respond)
WebERP version 4.15 suffers from a remote SQL injection vulnerability.
[papers] Sony PlayStation Vita (PS Vita) – Trinity: PSP Emulator Escape
Posted by deepcore under Security (No Respond)
[remote] EA Origin < 10.5.38 – Remote Code Execution
Posted by deepcore under Security (No Respond)
[papers] Threat Hunting – Hunter or Hunted
Posted by deepcore under Security (No Respond)
BlogEngine.NET 3.3.6 / 3.3.7 dirPath Directory Traversal / Remote Code Execution
Posted by deepcore under exploit (No Respond)
BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from dirPath directory traversal and remote code execution vulnerabilities.
BlogEngine.NET 3.3.6 / 3.3.7 Theme Cookie Directory Traversal / Remote Code Execution
Posted by deepcore under exploit (No Respond)
BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from theme Cookie directory traversal and remote code execution vulnerabilities.
Cisco Prime Infrastructure Runrshell Privilege Escalation
Posted by deepcore under exploit (No Respond)
This Metasploit modules exploits a vulnerability in Cisco Prime Infrastructure’s runrshell binary. The runrshell binary is meant to execute a shell script as root, but can be abused to inject extra commands in the argument, allowing you to execute anything as root.