what you don't know can hurt you
Showing 1 - 25 of 43 RSS Feed

Files from Digital Defense

Email addresssupport at ddifrontline.com
First Active2007-09-25
Last Active2013-05-09
Actuate 10 Service Pack 1 Fix 4 File Retrieval / Directory Browsing
Posted May 9, 2013
Authored by Digital Defense, r@b13$, Dennis Lavrinenko, Bobby Lockett | Site digitaldefense.net

Actuate 10 Service Pack 1 Fix 4 suffers from remote file disclosure and directory browsing vulnerabilities.

tags | advisory, remote, vulnerability
MD5 | f84327d7c873dbd27026c81fe62c1355
Dell EqualLogic PS6110X Directory Traversal
Posted Apr 15, 2013
Authored by Digital Defense, r@b13$, Evan Sylvester | Site digitaldefense.net

The Dell EqualLogic PS6110X is vulnerable to a directory traversal. A remote unauthenticated attacker can leverage this vulnerability to traverse out of the web root and retrieve arbitrary system files. Firmware versions 6.0.0 through 6.0.3 are affected.

tags | advisory, remote, web, arbitrary, root
MD5 | 6280cee1a3452918810f2c0d025c5c3c
EverFocus EPARA264-16X1 Directory Traversal
Posted Mar 15, 2013
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The EverFocus EPARA264-16X1 DVR allows unauthenticated remote users to retrieve arbitrary system files that are located outside of the web root through a directory traversal on port 80. Firmware version 1.0.2 is affected.

tags | advisory, remote, web, arbitrary, root
MD5 | 49c790c1495dfb75129d02b5ba76d7d6
DALIM Dialog Server 6.0 Local File Inclusion
Posted Mar 7, 2013
Authored by Digital Defense, r@b13$, 0x00string, Ryan Oliver | Site digitaldefense.net

The DALIM Dialog Server contains a local file inclusion vulnerability within the 'logfile' file viewing component. An authenticated remote attacker can use this weakness to view arbitrary files from the DALIM Dialog Server's root file system. Version 6.0 is affected.

tags | advisory, remote, arbitrary, local, root, file inclusion
MD5 | 4950d055adfb0d31e7d8dad0d79b3a53
VMware View Connection Server Directory Traversal
Posted Dec 15, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The tunnel-server component of the VMware View Connection Server fails to ensure that each requested URL refers to a file that is both located within the web root of the server and is of a type that is allowed to be served. A remote unauthenticated attacker can use this weakness to retrieve arbitrary files from the affected server's underlying root file system. This can be accomplished by submitting URL encoded HTTP GET requests that traverse out of the affected subdirectory. Vulnerable versions are VMware View 5.x prior to version 5.1.2 and VMware View 4.x prior to version 4.6.2.

tags | advisory, remote, web, arbitrary, root
advisories | CVE-2012-5978
MD5 | 758c5abad1f5345fedd9d88ca27b401f
Novell GroupWise Agents Arbitrary File Retrieval
Posted Sep 23, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The HTTP interfaces for Novell GroupWise 8.0.2 Post Office Agent, Message Transfer Agent, and GroupWise Internet Agent are vulnerable to an arbitrary file retrieval condition due to a failure to properly filter certain crafted directory traversal sequences. An unauthenticated remote attacker can leverage this flaw to retrieve files with the privileges of the vulnerable agent. Novell has provided solutions for this issue in the form of GroupWise 8.0 SP3 as well as in the latest GroupWise 2012 SP1 release.

tags | advisory, remote, web, arbitrary
advisories | CVE-2012-0419
MD5 | 8bd4686fbe15c89cc7898086897fe824
SolarWinds Network Performance Monitor Blind SQL Injection
Posted Jun 19, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The SolarWinds Orion Network Performance Monitor 9.1 and prior contains a blind SQL injection flaw on the 'Login.asp' page. An attacker can leverage this flaw to execute arbitrary SQL commands and extract sensitive information from the backend database using standard blind SQL injection exploitation techniques.

tags | advisory, arbitrary, sql injection, asp
MD5 | 571dcd52ac4c489cb59c9bb28b2b5c46
SCLIntra Enterprise SQL Injection / Authentication Bypass
Posted May 29, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

Multiple SQL injection vectors and an authentication bypass were discovered in SCLIntra Enterprise. An attacker can leverage this flaw to bypass authentication to the application or to execute arbitrary SQL commands and extract information from the backend database using standard SQL exploitation techniques. SCLogic SCLIntra Enterprise version 5.5.2 on Windows 2003 is affected.

tags | advisory, arbitrary, sql injection
systems | windows
MD5 | 32a3c18ed6a6020ac4fba84296394069
Epicor Returns Management SOAP-Based Blind SQL Injection
Posted May 18, 2012
Authored by Digital Defense, r@b13$, Chris Graham | Site digitaldefense.net

Digital Defense, Inc. (DDI) has discovered a blind SQL injection vulnerability in the Epicor Returns Management software SOAP interface. Left unremediated, this vulnerability could be leveraged by an attacker to execute arbitrary SQL commands and extract information from the backend database using standard SQL exploitation techniques. Additionally, an attacker may be able to leverage this flaw to compromise the database server host operating system.

tags | advisory, arbitrary, sql injection
MD5 | 755a65afc10d5474042e3617ff61f528
ACTi Web Configurator cgi-bin Directory Traversal
Posted Apr 26, 2012
Authored by Digital Defense, r@b13$, Shmoov | Site digitaldefense.net

The ACTi Web Configurator 3.0 for ACTi IP Surveillance Cameras contains a directory traversal vulnerability within the cgi-bin directory. An unauthenticated remote attacker can use this vulnerability to retrieve arbitrary files that are located outside the root of the web server.

tags | advisory, remote, web, arbitrary, cgi, root
MD5 | 532e6e641a0c8ade262cbaa881911f2b
PacketVideo TwonkyServer / TwonkyMedia Directory Traversal
Posted Apr 26, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

Multiple PacketVideo products contain a directory traversal vulnerability within the web server that is running on port 9000. These products are vulnerable to the attack regardless of having configured the "Secured Server Settings" which are available on the Advanced configuration page. Susceptible products include the Twonky 7.0 Special and the TwonkyManager 3.0.

tags | advisory, web
MD5 | 656ba8c730b2b9e1125a946aadca0dac
SolarWinds Storage Manager SQL Injection
Posted Jan 24, 2012
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

SolarWinds Storage Manager Server suffers from a remote SQL injection vulnerability that will allow for authentication bypass.

tags | advisory, remote, sql injection
MD5 | 8c8cc2d0f83d574e1ff66fdb11d03fc8
HP JetDirect Device Page Directory Traversal
Posted Jan 9, 2012
Authored by Digital Defense, r@b13$, sxkeebler | Site digitaldefense.net

The HP-ChaiSOE/1.0 embedded web server on certain HP JetDirect printers allows a potential attacker to gain read only access to directories and files outside of the web root, different from CVE-2008-4419. An attacker can leverage this flaw to read arbitrary system configuration files, cached documents, etc. Information obtained from an affected host may facilitate further attacks against the host. Exploitation of this flaw is trivial using common web server directory traversal techniques.

tags | advisory, web, arbitrary, root
advisories | CVE-2011-4785
MD5 | 7dfe4ca44a797ab0dafbe716e1150c6c
KnowledgeTree login.php Blind SQL Injection
Posted Dec 8, 2011
Authored by Digital Defense, r@b13$, sxkeebler | Site digitaldefense.net

The KnowledgeTree login.php login page is vulnerable to a blind SQL injection vulnerability within the username field. An attacker can leverage this flaw to execute arbitrary SQL commands and extract sensitive information from the backend database using standard blind SQL exploitation techniques. Additionally, an attacker may be able to leverage this flaw to compromise the database server host OS.

tags | advisory, arbitrary, php, sql injection
MD5 | 9cc42698710a8e4f4f6c68cd40d04275
IBM WebSphere Directory Traversal
Posted Nov 1, 2011
Authored by Digital Defense, r@b13$, sxkeebler, Javier Castro | Site digitaldefense.net

The default installation of the IBM WebSphere Application Server is deployed with a 'help' servlet which is designed to serve supporting documentation for the WebSphere system. When the 'help' servlet processes a URL that contains a reference to a Java plug-in Bundle that is registered with the Eclipse Platform Runtime Environment of the WebSphere Application Server, the 'help' servlet fails to ensure that the submitted URL refers to a file that is both located within the web root of the servlet and is of a type that is allowed to be served. An unauthenticated remote attacker can use this weakness in the 'help' servlet to retrieve arbitrary system files from the host that is running the 'help' servlet. This can be accomplished by submitting a URL which refers to a registered Java plug-in Bundle followed by a relative path to the desired file.

tags | advisory, java, remote, web, arbitrary, root
advisories | CVE-2011-1359
MD5 | bbda60a4066610b477cb344a711398fa
Cisco Unified Contact Center Express Directory Traversal
Posted Oct 27, 2011
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The default deployment of Cisco Unified Contact Center Express (UCCX) system is configured with multiple listening services. The web service that is listening on TCP port 9080, or on TCP port 8080 in versions prior to 8.0(x), serves a directory which is configured in a way that allows for a remote unauthenticated attacker to retrieve arbitrary files from the UCCX root filesystem through a directory traversal attack. It is possible for an attacker to use this vector to gain console access to the vulnerable node as the 'ccxcluster' user, and subsequently escalate privileges.

tags | advisory, remote, web, arbitrary, root, tcp
systems | cisco
advisories | CVE-2011-3315
MD5 | a35722c26845aaa0b0c6b472b18c85de
Metropolis Technologies OfficeWatch Directory Traversal
Posted Oct 3, 2011
Authored by Digital Defense, r@b13$, Chris Graham | Site digitaldefense.net

Metropolis Technologies OfficeWatch enables a web server on TCP port 80 that is susceptible to a directory traversal. An attacker may send a ../ (dot-dot-slash) sequence to traverse out of the web root and access arbitrary files on the host.

tags | advisory, web, arbitrary, root, tcp
MD5 | 2935db7b692f3ccd3f03083af86137c3
ThinVNC Product Suite Arbitrary File Retrieval
Posted Oct 3, 2011
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

Multiple Cybele Software, Inc. products are vulnerable to arbitrary file retrieval and directory traversal vulnerabilities including ThinVNC, ThinRDP, and ThinVNC Access Point 2.0. An unauthenticated remote attacker can submit requests for files that are located outside the root of the web server that is distributed with these Cybele Software, Inc. products.

tags | advisory, remote, web, arbitrary, root, vulnerability
MD5 | 34a20d2c0fd04f07d27b62973123b161
Axway SecureTransport /icons/ Directory Traversal
Posted Aug 29, 2011
Authored by Digital Defense, r@b13$, sxkeebler | Site digitaldefense.net

The Axway SecureTransport device contains a directory traversal in the '/icons/' directory. An unauthenticated remote attacker can use this vulnerability to obtain arbitrary files from the root file system of the vulnerable host.

tags | advisory, remote, arbitrary, root
MD5 | e35a29b1f835b8c6ef3ea3c7e7051e37
Digital Defense VRT Advisory 2010.30
Posted Mar 1, 2011
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The Alcatel-Lucent OmniVista 4760 NMS is vulnerable to a directory traversal. This flaw allows remote unauthenticated attackers to retrieve arbitrary files from a vulnerable system.

tags | advisory, remote, arbitrary
MD5 | c72b908021cbb8ccb139fd2fa9a9429d
Digital Defense VRT Advisory 2009.28
Posted Oct 14, 2010
Authored by Digital Defense, r@b13$, Alan Chin, Alex Kaszczuk, Jose R. Hernandez | Site digitaldefense.net

The rpc.cmsd service in Sun Solaris 10 contains an integer overflow which can allow a malicious unauthenticated user to cause a denial of service, or remotely execute arbitrary code with root privileges.

tags | advisory, denial of service, overflow, arbitrary, root
systems | solaris
MD5 | 843ebb44897c35e76b09d085128a2391
Digital Defense VRT Advisory 2010.29
Posted Jul 2, 2010
Authored by Digital Defense, r@b13$, Edward Bullard, James Robertson | Site digitaldefense.net

ALPHA Ethernet Adapter II Web-Manager version 3.40.2 suffers from an authentication bypass vulnerability.

tags | advisory, web, bypass
MD5 | d580fa25d8c4d174e7e3da32aafee1cf
Digital Defense VRT Advisory 2009.27
Posted Jan 26, 2010
Authored by Digital Defense, r@b13$, Chris Graham, Rob Kraus

The login page of the F2L-3000 version 4.0.0 is vulnerable to SQL Injection. Exploitation of the vulnerability may allow attackers tobypass authentication and access sensitive information stored on the device.

tags | advisory, sql injection
MD5 | 65fa30f3ed6a05bafcd2835c26e753a1
Digital Defense VRT Advisory 2009.26
Posted Jul 13, 2009
Authored by Digital Defense, r@b13$, Geoff Humes | Site digitaldefense.net

The login screen of the LogRover web interface is vulnerable to a SQL Injection which can allow remote attackers to login to the system via an authentication bypass. Version 2.3 for Windows XP is affected.

tags | advisory, remote, web, sql injection
systems | windows, xp
MD5 | fc9466d2f2152310983fd8cd729634fd
Digital Defense VRT Advisory 2009.25
Posted May 21, 2009
Authored by Digital Defense, r@b13$, David Marshall | Site digitaldefense.net

The web interface on tcp port 8090 of IPsession suffers from a SQL injection vulnerability.

tags | advisory, web, tcp, sql injection
MD5 | a9e4c0a0fb5a55991acaf2f0e3c218fe
Page 1 of 2
Back12Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close