exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from David Jorm

First Active2012-05-24
Last Active2020-03-05
Apache ActiveMQ 5.11.1 Directory Traversal / Shell Upload
Posted Mar 5, 2020
Authored by David Jorm, Erik Wynter | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability (CVE-2015-1830) in Apache ActiveMQ versions 5.x before 5.11.2 for Windows. The module tries to upload a JSP payload to the /admin directory via the traversal path /fileserver/..\\admin\\ using an HTTP PUT request with the default ActiveMQ credentials admin:admin (or other credentials provided by the user). It then issues an HTTP GET request to /admin/<payload>.jsp on the target in order to trigger the payload and obtain a shell.

tags | exploit, web, shell
systems | windows
advisories | CVE-2015-1830
SHA-256 | 962139239272b0ab745f8a302505e5c8a4403aa9a95316d97e92c5946f3bd92f
Apache ActiveMQ 5.11.1 / 5.13.2 Directory Traversal / Command Execution
Posted Dec 3, 2016
Authored by David Jorm

Apache ActiveMQ versions 5.11.1 and 5.13.2 suffer from command execution and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
advisories | CVE-2015-1830, CVE-2016-3088
SHA-256 | af92593cd167e432ea1a2a76dc455bd4c971961c37ff8849eb0989167654bf38
Grandstream GXV3275 SSH Key / Command Execution
Posted Jul 8, 2015
Authored by David Jorm

Grandstream GXV3275 ships with a default root SSH key which could be used a backdoor. It also suffers from an issue where restricted commands can be leveraged to break out into a full shell.

tags | exploit, shell, root
SHA-256 | 8777d199165022b18a0ee07cc81cbb54c5c05857809f7f6f11aeafbc4ec9b526
Apache Standard Taglibs 1.2.1 XXE / Remote Command Execution
Posted Feb 27, 2015
Authored by David Jorm

Apache Standard Taglibs version 1.2.1 suffers from XXE and remote command execution vulnerabilities via the XSL extension in JSTL XML tags.

tags | advisory, remote, vulnerability, xxe
SHA-256 | 8c2ab7316e10682e5ec4ae90bd77f5d88181ffc401373f41d68ce5954d7390c9
Apache Camel Critical Disclosure
Posted Mar 2, 2014
Authored by David Jorm | Site camel.apache.org

The Apache Camel XSLT component allows XSL stylesheets to perform calls to external Java methods. A remote attacker able to submit messages to an xslt Camel route could use this flaw to perform arbitrary remote code execution in the context of the Camel server process.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2014-0003
SHA-256 | 16d61125bccfc6affa82e15c5c566204232ffce7c6669084cb73248d471b2e3e
Apache Camel Resolve Entities Information Disclosure
Posted Mar 2, 2014
Authored by David Jorm | Site camel.apache.org

The Apache Camel XSLT component will resolve entities in XML messages when transforming them using an xslt route. A remote attacker able to submit messages to an xslt route could use this flaw to read files accessible to the running application server and potentially perform other more advanced XXE attacks. Versions affected include Camel 2.11.0 to 2.11.3 and Camel 2.12.0 to 2.12.2.

tags | advisory, remote, xxe
advisories | CVE-2014-0002
SHA-256 | fdf7091172d1b40b3ec4395b99eb19719f939f7a365eba05f6877cc447aea1a5
Apache Commons Compress / Apache Ant Denial Of Service
Posted May 24, 2012
Authored by David Jorm

Apache Commons Compress versions 1.0 through 1.4 and Apache Ant versions 1.5 through 1.8.3 suffer from a denial of service vulnerability. The bzip2 compressing streams in Apache Commons Compress and Apache Ant internally use sorting algorithms with unacceptable worst-case performance on very repetitive inputs. A specially crafted input to Compress' BZip2CompressorOutputStream or Ant's <bzip2> task can be used to make the process spend a very long time while using up all available processing time effectively leading to a denial of service.

tags | advisory, denial of service
advisories | CVE-2012-2098
SHA-256 | 764b4680811098ad5654daa7aacc0274f9de6ab81bef5b8286b792367f7e802c
Page 1 of 1
Back1Next

File Archive:

September 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    2 Files
  • 2
    Sep 2nd
    21 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    17 Files
  • 5
    Sep 5th
    34 Files
  • 6
    Sep 6th
    29 Files
  • 7
    Sep 7th
    11 Files
  • 8
    Sep 8th
    25 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    26 Files
  • 12
    Sep 12th
    23 Files
  • 13
    Sep 13th
    17 Files
  • 14
    Sep 14th
    22 Files
  • 15
    Sep 15th
    16 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    19 Files
  • 19
    Sep 19th
    60 Files
  • 20
    Sep 20th
    23 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    8 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    17 Files
  • 26
    Sep 26th
    3 Files
  • 27
    Sep 27th
    13 Files
  • 28
    Sep 28th
    5 Files
  • 29
    Sep 29th
    12 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close