Twenty Year Anniversary
Showing 1 - 6 of 6 RSS Feed

Files from James Burton

First Active2010-08-03
Last Active2013-04-02
Novell ZENworks Configuration Management Remote Execution
Posted Apr 2, 2013
Authored by James Burton, juan vazquez | Site metasploit.com

This Metasploit module exploits a code execution flaw in Novell ZENworks Configuration Management 10 SP3 and 11 SP2. The vulnerability exists in the ZEnworks Control Center application, allowing an unauthenticated attacker to upload a malicious file outside of the TEMP directory and then make a second request that allows for arbitrary code execution. This Metasploit module has been tested successfully on Novell ZENworks Configuration Management 10 SP3 and 11 SP2 on Windows 2003 SP2 and SUSE Linux Enterprise Server 10 SP3.

tags | exploit, arbitrary, code execution
systems | linux, windows, suse
advisories | CVE-2013-1080, OSVDB-91627
MD5 | 6880855d26d4b493acfa080a98b99059
Microsoft Office SharePoint Server 2007 Remote Code Execution
Posted Jul 30, 2012
Authored by James Burton, juan, Oleksandr Mirosh | Site metasploit.com

This Metasploit module exploits a vulnerability found in SharePoint Server 2007 SP2. The software contains a directory traversal, that allows a remote attacker to write arbitrary files to the filesystem, sending a specially crafted SOAP ConvertFile request to the Office Document Conversions Launcher Service, which results in code execution under the context of 'SYSTEM'. The module uses uses the Windows Management Instrumentation service to execute an arbitrary payload on vulnerable installations of SharePoint on Windows 2003 Servers. It has been successfully tested on Office SharePoint Server 2007 SP2 over Windows 2003 SP2.

tags | exploit, remote, arbitrary, code execution
systems | windows
advisories | CVE-2010-3964, OSVDB-69817
MD5 | aecf7d89719f33bb3c548cb8e12e80ff
Insomnia Security Vulnerability Advisory 110822.1
Posted Aug 22, 2011
Authored by James Burton | Site insomniasec.com

Insomnia Security Vulnerability Advisory - An insecure URL handling vulnerability exists in Pidgin versions 2.9.0 and below that can be exploited to cause remote code execution. This vulnerability requires user interaction in the form of clicking a malicious crafted URL.

tags | advisory, remote, code execution
MD5 | 74bca9d72baaf19abe10db91e58a5e21
Insomnia Security Vulnerability Advisory 110427.1
Posted Apr 28, 2011
Authored by James Burton | Site insomniasec.com

Insomnia Security Vulnerability Advisory - The ODBC service component of IGSS listens on port 20222/tcp by default. The application layer protocol runs over TCP and reads an initial packet that specifies the amount of data to follow. A second read then takes place and the data is copied into a variable length buffer. Next the data is parsed and during this process a buffer overflow occurs on the stack. At minimum this vulnerability leads to denial of service though remote code execution may be possible.

tags | advisory, remote, denial of service, overflow, tcp, code execution, protocol
MD5 | cb316e092edac4fa337afb4fef9267fa
Insomnia Security Vulnerability Advisory 110427.2
Posted Apr 27, 2011
Authored by James Burton | Site insomniasec.com

Insomnia Security Vulnerability Advisory - One of the pages included in the admin interface of Up.time Systems Management software contains a function designed to set the administrator password when the interface is loaded for the first time. After this task has been completed the code which processes this request is left in the page. By sending a specially crafted request a remote attacker can abuse this functionality to bypass the servers authentication mechanism and reset the password for any account.

tags | advisory, remote
MD5 | 5cfd5a8d0646b3f6c1b3827abfdd09d2
Insomnia Security Vulnerability Advisory 100730.1
Posted Aug 3, 2010
Authored by James Burton | Site insomniasec.com

Insomnia Security Vulnerability Advisory - EasyManage Content Management System suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2a4b7602d21f95f51ba30df4653bfc8e
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    2 Files
  • 23
    Apr 23rd
    17 Files
  • 24
    Apr 24th
    36 Files
  • 25
    Apr 25th
    15 Files
  • 26
    Apr 26th
    31 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close