DB: 2016-12-05

2016-12-05 05:01:20 +00:00 · 2016-12-05 05:01:20 +00:00 · aa4fced35c
commit aa4fced35c
parent 0a2e79b884
2 changed files with 10 additions and 11 deletions
--- a/files.csv
+++ b/files.csv
@ -5254,9 +5254,9 @@ id,file,description,date,author,platform,type,port
 40685,platforms/windows/dos/40685.html,"Microsoft Internet Explorer 9 - MSHTML CAttrArray Use-After-Free (MS14-056)",2016-11-02,Skylined,windows,dos,0
 40687,platforms/hardware/dos/40687.txt,"SunellSecurity NVR / Camera - Denial of Service",2016-11-02,qwsj,hardware,dos,0
 40691,platforms/windows/dos/40691.html,"Microsoft Internet Explorer 11 - MSHTML CView::CalculateImageImmunity Use-After-Free",2016-11-02,Skylined,windows,dos,0
-40695,platforms/linux/dos/40695.c,"Memcached 1.4.33 - PoC (1)",2016-11-01,"p0wd3r / dawu",linux,dos,0
-40696,platforms/linux/dos/40696.c,"Memcached 1.4.33 - PoC (2)",2016-11-01,"p0wd3r / dawu",linux,dos,0
-40697,platforms/linux/dos/40697.c,"Memcached 1.4.33 - PoC (3)",2016-11-01,"p0wd3r / dawu",linux,dos,0
+40695,platforms/linux/dos/40695.c,"Memcached 1.4.33 - 'Crash' PoC",2016-11-01,"p0wd3r / dawu",linux,dos,0
+40696,platforms/linux/dos/40696.c,"Memcached 1.4.33 - 'Add' PoC",2016-11-01,"p0wd3r / dawu",linux,dos,0
+40697,platforms/linux/dos/40697.c,"Memcached 1.4.33 - 'sasl' PoC",2016-11-01,"p0wd3r / dawu",linux,dos,0
 40699,platforms/windows/dos/40699.txt,"Axessh 4.2 - Denial of Service",2016-11-03,hyp3rlinx,windows,dos,0
 40703,platforms/windows/dos/40703.pl,"Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial of Service",2016-11-08,"Todor Donev",windows,dos,0
 40722,platforms/windows/dos/40722.html,"Microsoft Internet Explorer 9 - MSHTML CPtsTextParaclient::CountApes Out-of-Bounds Read",2016-11-07,Skylined,windows,dos,0
@ -8572,7 +8572,7 @@ id,file,description,date,author,platform,type,port
 40107,platforms/windows/local/40107.rb,"Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) (Metasploit)",2016-07-13,Metasploit,windows,local,0
 40145,platforms/windows/local/40145.txt,"Rapid7 AppSpider 6.12 - Privilege Escalation",2016-07-25,LiquidWorm,windows,local,0
 40118,platforms/windows/local/40118.txt,"Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)",2016-06-22,"Brian Pak",windows,local,0
-40132,platforms/windows/local/40132.txt,"Wowza Streaming Engine 4.5.0 - Privilege Escalation (1)",2016-07-20,LiquidWorm,windows,local,0
+40132,platforms/windows/local/40132.txt,"Wowza Streaming Engine 4.5.0 - Local Privilege Escalation",2016-07-20,LiquidWorm,windows,local,0
 40141,platforms/bsd/local/40141.c,"NetBSD mail.local(8) - Privilege Escalation (NetBSD-SA2016-006)",2016-07-21,akat1,bsd,local,0
 40148,platforms/windows/local/40148.py,"Mediacoder 0.8.43.5852 - '.m3u' SEH Exploit",2016-07-25,"Karn Ganeshen",windows,local,0
 40151,platforms/windows/local/40151.py,"CoolPlayer+ Portable 2.19.6 - '.m3u' Stack Overflow (Egghunter + ASLR Bypass)",2016-07-25,"Karn Ganeshen",windows,local,0
@ -15030,13 +15030,13 @@ id,file,description,date,author,platform,type,port
 40064,platforms/linux/remote/40064.txt,"GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution",2016-07-06,"Dawid Golunski",linux,remote,0
 40067,platforms/linux/remote/40067.rb,"Nagios XI Chained - Remote Code Execution (Metasploit)",2016-07-06,Metasploit,linux,remote,80
 40108,platforms/linux/remote/40108.rb,"Riverbed SteelCentral NetProfiler/NetExpress - Remote Code Execution (Metasploit)",2016-07-13,Metasploit,linux,remote,443
-40113,platforms/linux/remote/40113.txt,"OpenSSHd 7.2p2 - Username Enumeration (1)",2016-07-18,"Eddie Harari",linux,remote,22
+40113,platforms/linux/remote/40113.txt,"OpenSSHd 7.2p2 - Username Enumeration (PoC)",2016-07-18,"Eddie Harari",linux,remote,22
 40119,platforms/linux/remote/40119.md,"DropBearSSHD 2015.71 - Command Injection",2016-03-03,tintinweb,linux,remote,0
 40120,platforms/hardware/remote/40120.py,"Meinberg NTP Time Server ELX800/GPS M4x V5.30p - Remote Command Execution / Escalate Privileges",2016-07-17,b0yd,hardware,remote,0
 40846,platforms/android/remote/40846.html,"Android - 'BadKernel' Remote Code Execution",2016-11-28,"Guang Gong",android,remote,0
 40125,platforms/multiple/remote/40125.py,"Axis Communications MPQT/PACS 5.20.x - Server-Side Include (SSI) Daemon Remote Format String",2016-07-19,bashis,multiple,remote,0
 40130,platforms/php/remote/40130.rb,"Drupal Module RESTWS 7.x - Remote PHP Code Execution (Metasploit)",2016-07-20,"Mehmet Ince",php,remote,80
-40136,platforms/linux/remote/40136.py,"OpenSSHd 7.2p2 - Username Enumeration (2)",2016-07-20,0_o,linux,remote,22
+40136,platforms/linux/remote/40136.py,"OpenSSHd 7.2p2 - Username Enumeration",2016-07-20,0_o,linux,remote,22
 40138,platforms/windows/remote/40138.py,"TFTP Server 1.4 - WRQ Buffer Overflow (Egghunter)",2016-07-21,"Karn Ganeshen",windows,remote,69
 40142,platforms/php/remote/40142.php,"Apache 2.4.7 + PHP 7.0.2 - openssl_seal() Uninitialized Memory Code Execution",2016-02-01,akat1,php,remote,0
 40144,platforms/php/remote/40144.php,"Drupal Module Coder < 7.x-1.3 / 7.x-2.6 - Remote Code Execution (SA-CONTRIB-2016-039)",2016-07-23,Raz0r,php,remote,0
@ -15077,7 +15077,7 @@ id,file,description,date,author,platform,type,port
 40619,platforms/hardware/remote/40619.py,"TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)",2016-10-21,"Hacker Fantastic",hardware,remote,0
 40633,platforms/hardware/remote/40633.py,"Komfy Switch with Camera DKZ-201S/W - WiFi Password Disclosure",2016-10-26,"Jason Doyle",hardware,remote,0
 40643,platforms/hardware/remote/40643.txt,"InfraPower PPS-02-S Q213V1 - Hard-Coded Credentials",2016-10-28,LiquidWorm,hardware,remote,0
-40651,platforms/windows/remote/40651.py,"Rumba FTP Client 4.x - Stack buffer overflow (SEH)",2016-10-31,"Umit Aksu",windows,remote,0
+40651,platforms/windows/remote/40651.py,"Rumba FTP Client 4.x - Stack Buffer Overflow (SEH)",2016-10-31,"Umit Aksu",windows,remote,0
 40670,platforms/windows/remote/40670.py,"PCMan FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow",2016-10-31,ScrR1pTK1dd13,windows,remote,0
 40674,platforms/windows/remote/40674.py,"Freefloat FTP Server 1.0 - 'ABOR' Command Buffer Overflow",2016-11-01,Ger,windows,remote,0
 40672,platforms/windows/remote/40672.py,"Freefloat FTP Server 1.0 - 'RMD' Command Buffer Overflow",2016-11-01,Karri93,windows,remote,0
@ -36626,7 +36626,7 @@ id,file,description,date,author,platform,type,port
 40126,platforms/php/webapps/40126.txt,"NewsP Free News Script 1.4.7 - User Credentials Disclosure",2016-07-19,"Meisam Monsef",php,webapps,80
 40127,platforms/php/webapps/40127.txt,"newsp.eu PHP Calendar Script 1.0 - User Credentials Disclosure",2016-07-19,"Meisam Monsef",php,webapps,80
 40129,platforms/python/webapps/40129.txt,"Django CMS 3.3.0 - (Editor Snippet) Persistent Cross-Site Scripting",2016-07-20,Vulnerability-Lab,python,webapps,80
-40133,platforms/multiple/webapps/40133.html,"Wowza Streaming Engine 4.5.0 - Privilege Escalation (2)",2016-07-20,LiquidWorm,multiple,webapps,8088
+40133,platforms/multiple/webapps/40133.html,"Wowza Streaming Engine 4.5.0 - Remote Privilege Escalation",2016-07-20,LiquidWorm,multiple,webapps,8088
 40134,platforms/multiple/webapps/40134.html,"Wowza Streaming Engine 4.5.0 - Cross-Site Request Forgery (Add Advanced Admin)",2016-07-20,LiquidWorm,multiple,webapps,8088
 40135,platforms/multiple/webapps/40135.txt,"Wowza Streaming Engine 4.5.0 - Multiple Cross-Site Scripting",2016-07-20,LiquidWorm,multiple,webapps,8088
 40137,platforms/php/webapps/40137.html,"WordPress Plugin Video Player 1.5.16 - SQL Injection",2016-07-20,"David Vaartjes",php,webapps,80
@ -36722,7 +36722,7 @@ id,file,description,date,author,platform,type,port
 40467,platforms/php/webapps/40467.txt,"PHP Classifieds Rental Script - Blind SQL Injection",2016-10-06,OoN_Boy,php,webapps,0
 40468,platforms/php/webapps/40468.txt,"B2B Portal Script - Blind SQL Injection",2016-10-06,OoN_Boy,php,webapps,0
 40469,platforms/php/webapps/40469.txt,"MLM Unilevel Plan Script 1.0.2 - SQL Injection",2016-10-06,N4TuraL,php,webapps,0
-40470,platforms/php/webapps/40470.txt,"Just Dial Clone Script - SQL Injection (1)",2016-10-06,OoN_Boy,php,webapps,0
+40470,platforms/php/webapps/40470.txt,"Just Dial Clone Script - 'fid' SQL Injection",2016-10-06,OoN_Boy,php,webapps,0
 40475,platforms/php/webapps/40475.txt,"Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)",2016-10-07,Besim,php,webapps,0
 40479,platforms/php/webapps/40479.txt,"Entrepreneur Job Portal Script 2.06 - SQL Injection",2016-10-07,OoN_Boy,php,webapps,0
 40480,platforms/php/webapps/40480.txt,"miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)",2016-10-09,Besim,php,webapps,0
@ -36773,7 +36773,7 @@ id,file,description,date,author,platform,type,port
 40595,platforms/php/webapps/40595.txt,"SPIP 3.1.2 Template Compiler/Composer - PHP Code Execution",2016-10-20,Sysdream,php,webapps,80
 40596,platforms/php/webapps/40596.txt,"SPIP 3.1.1 / 3.1.2 - File Enumeration / Path Traversal",2016-10-20,Sysdream,php,webapps,80
 40597,platforms/php/webapps/40597.txt,"SPIP 3.1.2 - Cross-Site Request Forgery",2016-10-20,Sysdream,php,webapps,80
-40612,platforms/php/webapps/40612.txt,"Just Dial Clone Script - SQL Injection (2)",2016-10-21,"Arbin Godar",php,webapps,0
+40612,platforms/php/webapps/40612.txt,"Just Dial Clone Script - 'srch' SQL Injection",2016-10-21,"Arbin Godar",php,webapps,0
 40614,platforms/php/webapps/40614.py,"FreePBX 13 - Remote Command Execution / Privilege Escalation",2016-10-21,"Christopher Davis",php,webapps,0
 40620,platforms/php/webapps/40620.txt,"Zenbership 107 - Multiple Vulnerabilities",2016-10-23,Besim,php,webapps,0
 40626,platforms/hardware/webapps/40626.txt,"Orange Inventel LiveBox 5.08.3-sp - Cross-Site Request Forgery",2016-10-24,BlackMamba,hardware,webapps,0
--- a/platforms/linux/dos/40696.c
+++ b/platforms/linux/dos/40696.c
@ -4,7 +4,6 @@ import struct
 import socket  
 import sys

-
 MEMCACHED_REQUEST_MAGIC = "\x80"  
 OPCODE_ADD = "\x02"  
 key_len = struct.pack("!H",0xfa)