>> TAG: #0day

Core FTP 2.0 build 653 – ‘PBSZ’ Denial of Service (PoC)

Linux/x86 – Polymorphic execve(/bin/sh) Shellcode (63 bytes)

Liferay CE Portal < 7.1.2 ga3 – Remote Command Execution (Metasploit)

OpenKM 6.3.2 < 6.3.7 – Remote Command Execution (Metasploit)

Flexpaper PHP Publish Service 2.3.6 – Remote Code Execution

Linux Kernel 4.4 (Ubuntu 16.04) – ‘snd_timer_user_ccallback()’ Kernel Pointer Leak

NetSetMan 4.7.1 – Local Buffer Overflow (SEH Unicode)

Linux/x86 – MMX-XOR Encoder / Decoder execve(/bin/sh) Shellcode (44 bytes)

PRTG Network Monitor 18.2.38 – Authenticated Remote Code Execution

McAfee ePO 5.9.1 – Registered Executable Local Access Bypass