This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions < 2.3.1.2. This issue is caused because the ParametersInterceptor allows for the use of parentheses which in turn allows it to interpret parameter values as OGNL expressions during certain exception handling for mismatched data types of properties which allows remote attackers to execute arbitrary Java code via a crafted parameter.
e56bcff70dfc308ffd717452aab966d54c1fdec14e8544d8df4198054ba401b9This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions < 2.2.0. This issue is caused by a failure to properly handle unicode characters in OGNL extensive expressions passed to the web server. By sending a specially crafted request to the Struts application it is possible to bypass the "#" restriction on ParameterInterceptors by using OGNL context variables. Bypassing this restriction allows for the execution of arbitrary Java code.
f3dc9c6ae8fc8270cc4ef71f82c223ad04ea9e8725f94ee4894465c9a0bfbc4bStruts2/XWork suffers from a remote command execution vulnerability.
4bfaf1025cecb689d125b743ac0333bad9a7f8606514866a6849cf570bfdb557Spring Framework suffers from an arbitrary code execution vulnerability. Versions affected include 3.0.0 to 3.0.2, 2.5.0 to 2.5.6SEC01 (community releases) and 2.5.0 to 2.5.7 (subscription customers).
464c70a443ef9692530dbda478e34f5a3956fde33c6de1caa81b62e0cc7ac632OWASP Stinger and Struts servlet input validation filters suffer from a bypass vulnerability.
03451f25df2b90ee11c15c5234a31fe6413bc3463e77a6f3140b03dc0f79b315HITBSecConf2006 Presentation - Yet Another Web Application Testing Toolkit (YAWATT).
a35cbde25a9caa5e6325a5bfbf04887f6e92677113767b8f0aa24425004a6546OpenCMS versions 6.2.1, 6.2, 6.0.3, and 6.0.4 are vulnerable to multiple access control and input validation vulnerabilities. Other versions may be vulnerable as well. Authenticated users can perform attacks allow arbitrary file access, viewing the source of JSP files, the uploading of malicious files, and more.
dae1da08286e5fcadd45f3c2651460bce4ec4265bc744b87f052a7a66a30c060Blogger's personal page redirection mechanism contains a classic HTTP response splitting vulnerability in the "Location" HTTP header. The problem occurs due to use of unsanitized user-supplied data in the "Location" HTTP header, which enables attacker to inject CRLF(%0d%0a) characters thus splitting server's response taking full control over the contents of second HTTP response. Exploitation of the vulnerability can lead to cross-site scripting (XSS), cache poisoning and phishing attacks.
b1bba7cc5beca200d483fb1ac898c490176fc394f70bf51480e8ff51ed266fc0The Linux orinoco driver included in kernel versions less than 2.6.13.4 pads Ethernet frames with uninitialized data, thus allowing remote attackers to obtain parts of memory which may contain sensitive information.
943689f13a94d8b3a143d68cf86a1f8f2fadbb9507737199b7abdf735e62255aSTIFWare Evolution - Meder and Fyodor have been working on their concept of common framework to unify offensive part of heterogeneous security data and security tools into a single unit - security tools framework. The presentation deals with the evolution of STIF framework into what they call now STIF-ware - a set of STIF relevant modules that would allow the computer security hobbists to build, control and monitor the distributed network of automated hacking agents, guided by set of goals and targets, assigned to the system.
44117ca91c39d4c41ac5c5a1d266ffce5d633d4eb8ddac4389eee2d5417e9085Xprobe2 is a remote active OS fingerprinting tool which uses advanced techniques such as fuzzy logic.
12a9d0a2f38da8bb74c9e1cd96b2019802632cf55f8948384aafd417bb79a164Xprobe2 0.2.2 is a remote active OS fingerprinting tool which uses advanced techniques such as fuzzy logic.
bfe28acfadb1c41490347ff80010ed5272e944a5815887a49a8c7804009fd2f5Xprobe2 is a remote active operating system fingerprinting tool. Xprobe2 uses advanced techniques, such as the usage of fuzzy logic to match fingerprinting results with the tool's signature database and unique fingerprinting methods to provide accurate results.
a7c860e4e8a3594085cb1bdd36e217130c0b305b4b86ba63af7e86675be16fc9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed