This Metasploit module abuses the "Command" trap in Zabbix Server to execute arbitrary commands without authentication. By default the Node ID "0" is used, if it doesn't work, the Node ID is leaked from the error message and exploitation retried. According to the vendor versions prior to 1.6.9 are vulnerable. The vulnerability has been successfully tested on Zabbix Server 1.6.7 on Ubuntu 10.04.
c4c37ca2fbeb9dc136f6ed37edc9e1410341536d23168c981616809399bccf93Kojoney versions prior to 0.0.4.2 suffer from a remote denial of service vulnerability.
a877fb5d19fecba22603df6557ffba4026cac256b572c537cf59dc8df9a77783Zabbix Server suffers from code execution and remote SQL injection vulnerabilities. Code execution is patched in version 1.8 and SQL injection is patched in 1.6.8. A couple of denial of service vulnerabilities were also addressed.
84a607aba724e8f8a6fdc18f1dec5e0dfc3bdde2737bca88ab0a43d3c6ce8a46Zabbix Agent versions prior to 1.6.7 suffer from a code execution vulnerability.
e2030524e07abdd33c9e9a78db8cc442ef828f1fae7394e48ba12760686c38b1This Metasploit module exploits a command execution vulnerability in the PGP plugin of SquirrelMail.
e9f76a373cf2b76303d467d4d1a6fc540c5d667126b63377a38fb49df378c89cNovell eDirectory versions below 8.7.3 SP 10 and versions below 8.8.2 suffer from a denial of service related vulnerability. Details are provided.
eeea4524358956b07a0e7eeded52faf98ec81fc4f410f5baddfeed09f6a64217Novell eDirectory versions 8.7.x through 8.8.1 suffer from an arbitrary access vulnerability due to client-side access control when using the SOAP interface.
d8c1e0d178bbdf6fe231b6d7a8501982ac654b9dcb8aa71c053c93e60e6ed971Metasploit module for the buffer overflow vulnerability in Apache mod_jk version 1.2.20. Written to work on Win23.
efe145dee4b7080b59ab059e6c8b9dd4a32fc76e8f62346dc54be9192176437fphpMyVisites versions prior to 2.2 stable suffer from cross site scripting, HTTP response splitting, and local file inclusion flaws.
34f74cdcafeaf7a2c88c13c040bac637888b5cbfab8d3963056479c384f38e34Kiwi CatTools versions below 3.2.0 Beta suffer from a tftp directory traversal flaw.
f24b397c3a60f7cac26cc72cf4d151f5a77f52aa1cf369d990ece2310ac3b320SAP Web AS version 6.40 enserver.exe file downloader exploit.
6fc6be7f8634a3f1767a2c1d7f800816395514d2a9e81ed5454ab706e121fcd3Multiple vulnerabilities exist in SAP Web AS version 6.40 below patch 136 and 7.00 below patch 66. These flaws allow for remote file disclosure, remote denial of service attacks, and local privilege escalation.
6d8c1611200e2a882c87da2d5ee436861cc00c8981f1be917241380181404cddLinux port of the exploit for the gwrd bug in SAP versions below 4.6D patch 1767 and versions below 6.40 patch 4. Allows for remote command execution. Shell script version.
a55846c9b05cc9ff91e04c28793f07962b4beb73e490fe87b6e190bb5bb7e3feLinux port of the exploit for the gwrd bug in SAP versions below 4.6D patch 1767 and versions below 6.40 patch 4. Allows for remote command execution. Perl version.
df146978b0f9a1b8ac7a1f5975813e0c7bf897e1d0e696c46d6776c344a2cb75Utility to test users and passwords with RfcOpenEx on SAP systems. Now deprecated in favor of THC Hydra.
1946d7911a05a58e4cf9b1d70b1079af14fb8417e1bdb2b35075b7435c397425SAP RFC_SYSTEM_INFO information disclosure exploit that leaks OS type, real IP address, SAP version, and more.
ca1725ccfc90166e4942d16984052e553aa51c664b897e451b960846453bdb8dTwo byte UDP denial of service exploit for SAP version below 6.40 patch 6.
e42dd9d291b31a04e667954b494c51fa65832c345991b7336dd4ea1b98caf196The SAP Web Application Server suffers from denial of service, remote file disclosure, and local privilege escalation vulnerabilities.
de3975dce143466971026afe72001d10efca62500cacd7004d823edece217251Ethereal versions 0.10.10 and below SMB dissector remote denial of service exploit. Tested on 0.9.4 and 0.10.10.
4bfdc3de77cde29503fcc4e4486eb5b7f814eb9ba623b7c983982dfc0e0ee4fa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed