This Metasploit module allows remote command execution on the PHP IRC bot pbot by abusing the usage of eval() in the implementation of the .php command. In order to work, the data to connect to the IRC server and channel where find pbot must be provided. The module has been successfully tested on the version of pbot analyzed by Jay Turla, and published on Infosec Institute, running over Ubuntu 10.04 and Windows XP SP3.
af5927c4e9d6a607a05e48844259bb81f722ee9404fcdab77834d99f0a04d614Avast's aswRdr.sys driver does not sanitize user supplied input IOCTL and this may lead to a kernel heap overflow that propagates on the system with a BSOD and offers potential risk of privilege escalation. Proof of concept code included.
b35d3031b9047fb77a41797ff7afab2b0ef69ed1772c46257f660d79981cbdb9Avast Antivirus version 4.8.1351.0 suffers from local denial of service and privilege escalation vulnerabilities.
d6451933802d3df89f2a5ce8ca47d3117537e0d2be76920dab7aa891534c3619TheGreenBow VPN client versions 4.61.003 suffers from a local denial of service vulnerability in tgbvpn.sys.
e0ea557aeaba20df3c36ad63d0a47918f2843ad7fe7be83c63da10582025c08ePGP Desktop version 9.0.6 local denial of service exploit that uses PGPwded.sys.
c96092f65087c0f1d3fccbc4f3fdb6e7ca87e79c536ed76178c5978d2dfd5c2aTheGreenBow IPSec VPN client version 4.10.010 suffers from a vulnerability where login credentials are stored in the clear in memory.
a244bf38a1dc279c4505bd4779d1e7ed16ca5f6267ea5229be1d21174afa6abdXChat version 2.8.4-1 suffers from a password disclosure vulnerability.
03761d56dabf4d589196b54e429b5573f4c4e4b3945864e93bd1843f91fee6ddThe Hamachi VPN client version 1.0.2.5 stores the password in clear text in memory.
833ef2415c5686706ca5e52992923ff84b6e7ec39d43d822b97097dcbb9a584b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed