Twenty Year Anniversary
Showing 1 - 14 of 14 RSS Feed

Files from Andrey B. Panfilov

Email addressandrew at panfilov.tel
First Active2015-07-07
Last Active2017-10-14
Opentext Documentum Content Server File Hijack / Privilege Escalation
Posted Oct 14, 2017
Authored by Andrey B. Panfilov

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) does not properly validate input of the PUT_FILE RPC command which allows any authenticated user to hijack arbitrary file from the Content Server filesystem. Because some files on the Content Server filesystem are security-sensitive this security flaw leads to privilege escalation.

tags | exploit, arbitrary
advisories | CVE-2017-15012
MD5 | 58c1b1e2a0aa3b4d86d6fb406b6bfe31
Opentext Documentum Content Server Privilege Escalation
Posted Oct 14, 2017
Authored by Andrey B. Panfilov

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) contains a design gap that allows any authenticated user the ability to replace content of security-sensitive dmr_content objects (for example, dmr_content related to dm_method objects) and gain superuser privileges.

tags | exploit
advisories | CVE-2017-15013
MD5 | e969855a8deab50d08f621a22b9000c9
Opentext Documentum Content Server File Download
Posted Oct 14, 2017
Authored by Andrey B. Panfilov

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) contains a design gap that allows authenticated user to download arbitrary content files regardless of the attacker's repository permissions.

tags | exploit, arbitrary
advisories | CVE-2017-15014
MD5 | 77919afb274537f00addfc4378c1136d
Opentext Documentum Content Server Privilege Escalation
Posted Oct 14, 2017
Authored by Andrey B. Panfilov

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) allows for privilege escalation via traversal attacks leveraged through uploaded tar files.

tags | exploit
advisories | CVE-2017-15276
MD5 | 27902a71e9682ee28a5fded33ce8cf58
OpenText Documentum Content Server SQL Injection
Posted Apr 25, 2017
Authored by Andrey B. Panfilov

OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dm_bp_transition docbase method with a user-created dm_procedure object, as demonstrated by use of a backspace character in an injected string. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2513. This code is a proof of concept exploit.

tags | exploit, remote, arbitrary, sql injection, proof of concept
advisories | CVE-2014-2513, CVE-2015-4533, CVE-2017-7221
MD5 | ed0b1a8a36df7ddba8be8a3ed4dee545
OpenText Documentum Content Server Privilege Evaluation
Posted Apr 19, 2017
Authored by Andrey B. Panfilov

OpenText Documentum Content Server suffers from a privilege evaluation issue using crafted RPC save commands. Two proof of concepts included.

tags | exploit, proof of concept
advisories | CVE-2017-7220
MD5 | 26b6a71c9dc0176316872546a0152528
OpenText Documentum Content Server 7.3 SQL Injection
Posted Feb 16, 2017
Authored by Andrey B. Panfilov

OpenText Documentum Content Server version 7.3 suffers from a remote SQL injection vulnerability due to a previously announced fix being incomplete.

tags | exploit, remote, sql injection
advisories | CVE-2014-2520, CVE-2017-5585
MD5 | 5efb710e1eda455dd6f12a81a1afde33
OpenText Documentum D2 4.x Remote Code Execution
Posted Feb 15, 2017
Authored by Andrey B. Panfilov

OpenText Documentum D2 version 4.x contains vulnerable BeanShell (bsh) and Apache Commons libraries and accepts serialized data from untrusted sources, which leads to remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2017-5586
MD5 | 9020d53ba090038ddb344bcc3dfcf946
EMC Documentum WDK-Based Applications Code Execution / Traversal
Posted Jul 4, 2016
Authored by Andrey B. Panfilov

All EMC Documentum WDK-based applications (Taskspace, Webtop, Documentum Administrator, EPFM) contain an extremely dangerous web component – API Tester. It allows for path traversal, arbitrary code execution, and privilege escalation attacks.

tags | advisory, web, arbitrary, code execution, file inclusion
advisories | CVE-2014-0629, CVE-2016-0914
MD5 | fdc4e6effab0853d058f82e44183e822
EMC Documentum Content Server Privilege Escalation
Posted Aug 19, 2015
Authored by Andrey B. Panfilov

EMC Documentum Content Server failed to fully address privilege escalation vulnerabilities as noted in CVE-2015-4532.

tags | exploit, vulnerability
systems | linux
advisories | CVE-2015-4532
MD5 | f077c7b66a88a4d79bd35466aceeea97
EMC Documentum Content Server Code Execution
Posted Aug 18, 2015
Authored by Andrey B. Panfilov

EMC Documentum Content Server suffers from an arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
advisories | CVE-2015-4532
MD5 | 59cc7b7a6b4898a9f1276c6f109ec9a9
EMC Documentum Content Server Privilege Escalation
Posted Aug 18, 2015
Authored by Andrey B. Panfilov

EMC Documentum Content Server suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2011-4144, CVE-2014-4622, CVE-2015-4531
MD5 | 5c0122dc8495467fa151ccc21f62caaa
EMC Documentum Content Server CVE-2014-2513 Bad Fix
Posted Jul 9, 2015
Authored by Andrey B. Panfilov

The fix for the EMC Documentum Content Server vulnerability as highlighted in CVE-2014-2513 appears to be partial and still exploitable via slightly modified means.

tags | exploit
advisories | CVE-2014-2513
MD5 | 92d43a13b7d0b0d4f1a4f180ed5eef60
EMC Documentum Content Server ESA-2014-105 Fail
Posted Jul 7, 2015
Authored by Andrey B. Panfilov

A vulnerability exists in the EMC Documentum Content Server which allows an authenticated user to elevate privileges, hijack Content Server filesystem, or execute arbitrary commands by creating malicious dm_job objects. Although ESA-2014-105 claimed to remediate this issue, it persists.

tags | exploit, arbitrary
systems | linux
advisories | CVE-2014-4626
MD5 | 3c5534f71cf98accfe6458c9df5ebddf
Page 1 of 1
Back1Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    5 Files
  • 22
    Sep 22nd
    2 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close