[FD] CVE-2017-11741 Local root privesc in Hashicorp vagrant-vmware-fusion <= 4.0.23

A couple of weeks ago I disclosed a local root privesc in Hashicorp's vagrant-vmware-fusion plugin: https://m4.rkw.io/blog/cve20177642-local-root-privesc-in-hashicorp-vagrantvmwarefusion--4020.html The initial patch they released was 4.0.21 which unfortunately contained a bug that prevented it

[FD] CVE-2017-1500 - Relected XSS in IBM WorkLight OAuth Server Web Api

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 ☾ Reflected Cross-Site Scripting in IBM Worklight OAuth Server Web Api ☽ ☾ Table of Contents ☽ = 0. Overview 1. Detailed Description 2. Proof Of Concept 3. Solution 4. Disclosure Timeline

[FD] [No CVE assigned] SMBLoris Windows/Samba SMB service DoS PoC

PoC (runs under Linux): https://gist.github.com/marcan/6a2d14b0e3eaa5de1795a763fb58641e https://twitter.com/marcan42/status/892706927720808449 https://twitter.com/marcan42/status/892716247502082051 https://twitter.com/marcan42/status/892785957849645056 Original disclosure: https://smblor

[FD] [CVE-2017-11320] Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337

// Device : Technicolor TC7337 // Vulnerable URL : https://your.rou.ter.ip/wlscanresults.html // XSS through SSID : '> ( Exactly 32 bytes u_u ) // ^ // 5char domains are running |'src' does not requires quotes , and passing the URL with ony '//' // out, grab you