exploit the possibilities
Showing 1 - 25 of 43 RSS Feed

Files from Digital Defense

Email addresssupport at ddifrontline.com
First Active2007-09-25
Last Active2013-05-09
Actuate 10 Service Pack 1 Fix 4 File Retrieval / Directory Browsing
Posted May 9, 2013
Authored by Digital Defense, r@b13$, Dennis Lavrinenko, Bobby Lockett | Site digitaldefense.net

Actuate 10 Service Pack 1 Fix 4 suffers from remote file disclosure and directory browsing vulnerabilities.

tags | advisory, remote, vulnerability
SHA-256 | 20f5382aefd34220826737b2d0e7ea3fb4a7ec3a49b5fdab183fc24092a462cc
Dell EqualLogic PS6110X Directory Traversal
Posted Apr 15, 2013
Authored by Digital Defense, r@b13$, Evan Sylvester | Site digitaldefense.net

The Dell EqualLogic PS6110X is vulnerable to a directory traversal. A remote unauthenticated attacker can leverage this vulnerability to traverse out of the web root and retrieve arbitrary system files. Firmware versions 6.0.0 through 6.0.3 are affected.

tags | advisory, remote, web, arbitrary, root
SHA-256 | 2455d3ceee803187d508e685d6023afa0a1801f0804da78d4e891a45372511f2
EverFocus EPARA264-16X1 Directory Traversal
Posted Mar 15, 2013
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The EverFocus EPARA264-16X1 DVR allows unauthenticated remote users to retrieve arbitrary system files that are located outside of the web root through a directory traversal on port 80. Firmware version 1.0.2 is affected.

tags | advisory, remote, web, arbitrary, root
SHA-256 | 9498ec7c2d7d5276591c2ebc8509ab56201a5acf174aead7063bf8fe2488c95c
DALIM Dialog Server 6.0 Local File Inclusion
Posted Mar 7, 2013
Authored by Digital Defense, r@b13$, 0x00string, Ryan Oliver | Site digitaldefense.net

The DALIM Dialog Server contains a local file inclusion vulnerability within the 'logfile' file viewing component. An authenticated remote attacker can use this weakness to view arbitrary files from the DALIM Dialog Server's root file system. Version 6.0 is affected.

tags | advisory, remote, arbitrary, local, root, file inclusion
SHA-256 | dca9725360ef2d286f6870673bf57ab52e554f8c9c03ee26b0ef0a2ba420a63d
VMware View Connection Server Directory Traversal
Posted Dec 15, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The tunnel-server component of the VMware View Connection Server fails to ensure that each requested URL refers to a file that is both located within the web root of the server and is of a type that is allowed to be served. A remote unauthenticated attacker can use this weakness to retrieve arbitrary files from the affected server's underlying root file system. This can be accomplished by submitting URL encoded HTTP GET requests that traverse out of the affected subdirectory. Vulnerable versions are VMware View 5.x prior to version 5.1.2 and VMware View 4.x prior to version 4.6.2.

tags | advisory, remote, web, arbitrary, root
advisories | CVE-2012-5978
SHA-256 | 14e01b0fa8f4481ea0b38ddb0478d93a93097b2da5dc0b8af3f6b84b2bbe854a
Novell GroupWise Agents Arbitrary File Retrieval
Posted Sep 23, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The HTTP interfaces for Novell GroupWise 8.0.2 Post Office Agent, Message Transfer Agent, and GroupWise Internet Agent are vulnerable to an arbitrary file retrieval condition due to a failure to properly filter certain crafted directory traversal sequences. An unauthenticated remote attacker can leverage this flaw to retrieve files with the privileges of the vulnerable agent. Novell has provided solutions for this issue in the form of GroupWise 8.0 SP3 as well as in the latest GroupWise 2012 SP1 release.

tags | advisory, remote, web, arbitrary
advisories | CVE-2012-0419
SHA-256 | e3c9147383f5501cbaf78656fc4be6934d837f6efbec3b31cc32dac0b7201f56
SolarWinds Network Performance Monitor Blind SQL Injection
Posted Jun 19, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The SolarWinds Orion Network Performance Monitor 9.1 and prior contains a blind SQL injection flaw on the 'Login.asp' page. An attacker can leverage this flaw to execute arbitrary SQL commands and extract sensitive information from the backend database using standard blind SQL injection exploitation techniques.

tags | advisory, arbitrary, sql injection, asp
SHA-256 | f4297d4df9c7cacbca1f10534a0d4c968fff5b9b90fe6f1cbd3316b6cc0ac1d1
SCLIntra Enterprise SQL Injection / Authentication Bypass
Posted May 29, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

Multiple SQL injection vectors and an authentication bypass were discovered in SCLIntra Enterprise. An attacker can leverage this flaw to bypass authentication to the application or to execute arbitrary SQL commands and extract information from the backend database using standard SQL exploitation techniques. SCLogic SCLIntra Enterprise version 5.5.2 on Windows 2003 is affected.

tags | advisory, arbitrary, sql injection
systems | windows
SHA-256 | c7954229b9ce16aaf5f3c60a61787040cfee262c67b973d25aca89a39defc883
Epicor Returns Management SOAP-Based Blind SQL Injection
Posted May 18, 2012
Authored by Digital Defense, r@b13$, Chris Graham | Site digitaldefense.net

Digital Defense, Inc. (DDI) has discovered a blind SQL injection vulnerability in the Epicor Returns Management software SOAP interface. Left unremediated, this vulnerability could be leveraged by an attacker to execute arbitrary SQL commands and extract information from the backend database using standard SQL exploitation techniques. Additionally, an attacker may be able to leverage this flaw to compromise the database server host operating system.

tags | advisory, arbitrary, sql injection
SHA-256 | af6d326b8689f781d6e0c85593aa09136aec99822187d885bfc8880af29789ef
ACTi Web Configurator cgi-bin Directory Traversal
Posted Apr 26, 2012
Authored by Digital Defense, r@b13$, Shmoov | Site digitaldefense.net

The ACTi Web Configurator 3.0 for ACTi IP Surveillance Cameras contains a directory traversal vulnerability within the cgi-bin directory. An unauthenticated remote attacker can use this vulnerability to retrieve arbitrary files that are located outside the root of the web server.

tags | advisory, remote, web, arbitrary, cgi, root
SHA-256 | cd526d96e19262e3b3c0e25617019f84a594ac02d555f92b3a0491802618f9b0
PacketVideo TwonkyServer / TwonkyMedia Directory Traversal
Posted Apr 26, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

Multiple PacketVideo products contain a directory traversal vulnerability within the web server that is running on port 9000. These products are vulnerable to the attack regardless of having configured the "Secured Server Settings" which are available on the Advanced configuration page. Susceptible products include the Twonky 7.0 Special and the TwonkyManager 3.0.

tags | advisory, web
SHA-256 | d7cc75961c0a51603edd705eddc5a0af411e1503f0174c5d5cefe48addcd4c14
SolarWinds Storage Manager SQL Injection
Posted Jan 24, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

SolarWinds Storage Manager Server suffers from a remote SQL injection vulnerability that will allow for authentication bypass.

tags | advisory, remote, sql injection
SHA-256 | a1e28c92e5687a6665abb431cb78157e967e372a4431d34139edb4b3fcb77124
HP JetDirect Device Page Directory Traversal
Posted Jan 9, 2012
Authored by Digital Defense, r@b13$, sxkeebler | Site digitaldefense.net

The HP-ChaiSOE/1.0 embedded web server on certain HP JetDirect printers allows a potential attacker to gain read only access to directories and files outside of the web root, different from CVE-2008-4419. An attacker can leverage this flaw to read arbitrary system configuration files, cached documents, etc. Information obtained from an affected host may facilitate further attacks against the host. Exploitation of this flaw is trivial using common web server directory traversal techniques.

tags | advisory, web, arbitrary, root
advisories | CVE-2011-4785
SHA-256 | bbf0ce50d3dd4baeccc1f6cadb25ebbc0f6568943c21f1edc2430eb89eeed216
KnowledgeTree login.php Blind SQL Injection
Posted Dec 8, 2011
Authored by Digital Defense, r@b13$, sxkeebler | Site digitaldefense.net

The KnowledgeTree login.php login page is vulnerable to a blind SQL injection vulnerability within the username field. An attacker can leverage this flaw to execute arbitrary SQL commands and extract sensitive information from the backend database using standard blind SQL exploitation techniques. Additionally, an attacker may be able to leverage this flaw to compromise the database server host OS.

tags | advisory, arbitrary, php, sql injection
SHA-256 | d3f77e8bceace3fc7ce207fa65ce9c2f16782589248552275d3f46df8cd67399
IBM WebSphere Directory Traversal
Posted Nov 1, 2011
Authored by Digital Defense, r@b13$, sxkeebler, Javier Castro | Site digitaldefense.net

The default installation of the IBM WebSphere Application Server is deployed with a 'help' servlet which is designed to serve supporting documentation for the WebSphere system. When the 'help' servlet processes a URL that contains a reference to a Java plug-in Bundle that is registered with the Eclipse Platform Runtime Environment of the WebSphere Application Server, the 'help' servlet fails to ensure that the submitted URL refers to a file that is both located within the web root of the servlet and is of a type that is allowed to be served. An unauthenticated remote attacker can use this weakness in the 'help' servlet to retrieve arbitrary system files from the host that is running the 'help' servlet. This can be accomplished by submitting a URL which refers to a registered Java plug-in Bundle followed by a relative path to the desired file.

tags | advisory, java, remote, web, arbitrary, root
advisories | CVE-2011-1359
SHA-256 | 4adf33603b356ff3b73d86dd885c7fef8b16304d70e5775f89788b5d0609f5d3
Cisco Unified Contact Center Express Directory Traversal
Posted Oct 27, 2011
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The default deployment of Cisco Unified Contact Center Express (UCCX) system is configured with multiple listening services. The web service that is listening on TCP port 9080, or on TCP port 8080 in versions prior to 8.0(x), serves a directory which is configured in a way that allows for a remote unauthenticated attacker to retrieve arbitrary files from the UCCX root filesystem through a directory traversal attack. It is possible for an attacker to use this vector to gain console access to the vulnerable node as the 'ccxcluster' user, and subsequently escalate privileges.

tags | advisory, remote, web, arbitrary, root, tcp
systems | cisco
advisories | CVE-2011-3315
SHA-256 | 4f61867467d9f947166505f70c2306db6ef9f3380f5efdf8445bb8695e519d32
Metropolis Technologies OfficeWatch Directory Traversal
Posted Oct 3, 2011
Authored by Digital Defense, r@b13$, Chris Graham | Site digitaldefense.net

Metropolis Technologies OfficeWatch enables a web server on TCP port 80 that is susceptible to a directory traversal. An attacker may send a ../ (dot-dot-slash) sequence to traverse out of the web root and access arbitrary files on the host.

tags | advisory, web, arbitrary, root, tcp
SHA-256 | 4aba0388d8f62c4675129cd9356d9b16ec2a4a24eaf06d3eacdd7b61b4eeec3b
ThinVNC Product Suite Arbitrary File Retrieval
Posted Oct 3, 2011
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

Multiple Cybele Software, Inc. products are vulnerable to arbitrary file retrieval and directory traversal vulnerabilities including ThinVNC, ThinRDP, and ThinVNC Access Point 2.0. An unauthenticated remote attacker can submit requests for files that are located outside the root of the web server that is distributed with these Cybele Software, Inc. products.

tags | advisory, remote, web, arbitrary, root, vulnerability
SHA-256 | 56804b5d4ec38a09363d2aa6c3a1d09a4a45a1dc896ccd35b22b89d77e0552cf
Axway SecureTransport /icons/ Directory Traversal
Posted Aug 29, 2011
Authored by Digital Defense, r@b13$, sxkeebler | Site digitaldefense.net

The Axway SecureTransport device contains a directory traversal in the '/icons/' directory. An unauthenticated remote attacker can use this vulnerability to obtain arbitrary files from the root file system of the vulnerable host.

tags | advisory, remote, arbitrary, root
SHA-256 | 1b3c5c1df5ff2ebfb4d989500a0c88455f9836ec0f3075c8f7d42816d3df5526
Digital Defense VRT Advisory 2010.30
Posted Mar 1, 2011
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The Alcatel-Lucent OmniVista 4760 NMS is vulnerable to a directory traversal. This flaw allows remote unauthenticated attackers to retrieve arbitrary files from a vulnerable system.

tags | advisory, remote, arbitrary
SHA-256 | 5a48883e4d200a10e1774f45868e05ed75591ac5a5d9a45c78dfc259425d59a1
Digital Defense VRT Advisory 2009.28
Posted Oct 14, 2010
Authored by Digital Defense, r@b13$, Alan Chin, Alex Kaszczuk, Jose R. Hernandez | Site digitaldefense.net

The rpc.cmsd service in Sun Solaris 10 contains an integer overflow which can allow a malicious unauthenticated user to cause a denial of service, or remotely execute arbitrary code with root privileges.

tags | advisory, denial of service, overflow, arbitrary, root
systems | solaris
SHA-256 | 622cc110f27da012a3cf2c4780330c34468c01f67a11e64e133fa84a0d12ba60
Digital Defense VRT Advisory 2010.29
Posted Jul 2, 2010
Authored by Digital Defense, r@b13$, Edward Bullard, James Robertson | Site digitaldefense.net

ALPHA Ethernet Adapter II Web-Manager version 3.40.2 suffers from an authentication bypass vulnerability.

tags | advisory, web, bypass
SHA-256 | eff4e881128a3bf6567575b720a72414d09a20ec50dd6554147c1a487a28a5e5
Digital Defense VRT Advisory 2009.27
Posted Jan 26, 2010
Authored by Digital Defense, r@b13$, Chris Graham, Rob Kraus

The login page of the F2L-3000 version 4.0.0 is vulnerable to SQL Injection. Exploitation of the vulnerability may allow attackers tobypass authentication and access sensitive information stored on the device.

tags | advisory, sql injection
SHA-256 | 0aa31d61a17571c0fb1db50bfa89f614672ac6e1de71f37e6ea906313453af1b
Digital Defense VRT Advisory 2009.26
Posted Jul 13, 2009
Authored by Digital Defense, r@b13$, Geoff Humes | Site digitaldefense.net

The login screen of the LogRover web interface is vulnerable to a SQL Injection which can allow remote attackers to login to the system via an authentication bypass. Version 2.3 for Windows XP is affected.

tags | advisory, remote, web, sql injection
systems | windows
SHA-256 | b832d3ca0b87a2af8dbee8aa316223db6c183bd4783e1738021a348e20ff5c31
Digital Defense VRT Advisory 2009.25
Posted May 21, 2009
Authored by Digital Defense, r@b13$, David Marshall | Site digitaldefense.net

The web interface on tcp port 8090 of IPsession suffers from a SQL injection vulnerability.

tags | advisory, web, tcp, sql injection
SHA-256 | 8ebe731ee60d54089c1f0889cc235ec865a4cae70469a62ae157e32a3770d034
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close