exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files from otr

First Active2011-12-10
Last Active2015-06-30
CollabNet Subversion Edge Management CSRF
Posted Jun 30, 2015
Authored by otr

The CollabNet Subversion Edge Management Frontend fails to implement any cross site request forgery protection. Fixed in version 5.0. Version 4.0.11 is affected.

tags | advisory, csrf
SHA-256 | 51550678e302e308a0266d2824d45d664b115efd79d9d9699ff2ea9b8606149c
CollabNet Subversion Edge Management Tail LFI
Posted Jun 30, 2015
Authored by otr

The CollabNet Subversion Edge Management Frontend allows authenticated admins to read arbitrary local files via logfile "filename" parameter of the tail action. Fixed in version 5.0. Version 4.0.11 is affected.

tags | exploit, arbitrary, local, file inclusion
SHA-256 | 3a33fc1ca00a370d70ae632d4e5ff2d50d6aebfcfe2f943cfc2b1fac21f6187a
CollabNet Subversion Edge Management Missing Password Check
Posted Jun 30, 2015
Authored by otr

The management frontend does not require the old password for changing the password to a new one. An authenticated attacker may perform password setting attacks via XSRF without knowing the current password. An attacker that stole a Session ID (cookie) is able to gain persistent access by changing the password. Fixed in version 5.0. Version 4.0.11 is affected.

tags | advisory
SHA-256 | b01690bfbbc4be90118e3f7f950ff41e45b8a303eb3e13ca92e517d946087a0a
CollabNet Subversion Edge Management Unsalted Hashes
Posted Jun 30, 2015
Authored by otr

The CollabNet Subversion Edge Management stores passwords as unsalted MD5 hashes. Unsalted MD5 hashes can easily be cracked by brute forcing the password. Fixed in version 5.0. Version 4.0.11 is affected.

tags | advisory
SHA-256 | 8cc3148316f4aa4c7d8a4758a7e89063b6e5b83abbe5c26a33241c18c888460c
CollabNet Subversion Edge Management Multiple Logins
Posted Jun 30, 2015
Authored by otr

The CollabNet Subversion Edge Management web application does not restrict users to be logged in only once and does not provide a configuration option to configure this feature for admins and/or user accounts. Fixed in version 5.0. Version 4.0.11 is affected.

tags | advisory, web
SHA-256 | 136cd2ad53bd137bb66b883f29da54e22164f5784ffa08198eb81b5bca4a4fac
CollabNet Subversion Edge Management Brute Forcing
Posted Jun 30, 2015
Authored by otr

The CollabNet Subversion Edge Management Frontend does not protect against brute forcing accounts. An attacker has infinite tries to guess a valid user password. Fixed in version 5.0. Version 4.0.11 is affected.

tags | advisory, cracker
SHA-256 | c4a5be8f15df488c6909bf4b2ac7dc41e0d49ed272885ca67e0b4f9bf8d4b650
CollabNet Subversion Edge Management listViewItem LFI
Posted Jun 30, 2015
Authored by otr

The CollabNet Subversion Edge Management Frontend allows authenticated admins to read arbitrary local files via logfile "listViewItem" parameter of the "index" action. Fixed in version 5.0. Version 4.0.11 is affected.

tags | exploit, arbitrary, local, file inclusion
SHA-256 | 056057c0fb271eb7d3df3d949644529069ad9b220d3cea13dac2b89f6483c3e0
CollabNet Subversion Edge Management Show LFI
Posted Jun 30, 2015
Authored by otr

The CollabNet Subversion Edge Management Frontend allows authenticated admins to read arbitrary local files via logfile "filename" parameter of the show action. Fixed in version 5.0. Version 4.0.11 is affected.

tags | exploit, arbitrary, local, file inclusion
SHA-256 | a81a00d4e11ec10f5cba3ea70751d59751a88dc2fb69e74a400c31265fe07b31
CollabNet Subversion Edge Management Clickjacking
Posted Jun 30, 2015
Authored by otr

CollabNet Subversion Edge Management Frontend does not implement clickjacking protection. Fixed in version 5.0. Version 4.0.11 is affected.

tags | advisory
SHA-256 | c207b180dc94d5a50e20b860125c9f73e2c49f364c17a3013f7603f8c6f2d141
CollabNet Subversion Edge Management Weak Password Policy
Posted Jun 30, 2015
Authored by otr

The CollabNet Subversion Edge Management does not implement a strong passwordpolicy. Passwords like "aaaaa" are allowed as the only requirement is that the password is at least 5 characters long. Fixed in version 5.0. Version 4.0.11 is affected.

tags | advisory
SHA-256 | f122205e04ea0584d756f4c07ab8c745e0d178bd283e8cbc86963df7402628e9
CollabNet Subversion Edge Management Autocomplete Enabled
Posted Jun 30, 2015
Authored by otr

The CollabNet Subversion Edge management frontend login page password field has autocomplete enabled. This may allow an attacker to retrieve a stored password from the browsers key store. Fixed in version 5.0. Version 4.0.11 is affected.

tags | advisory
SHA-256 | 020e15b4242216e2e5a8d794bda6b2c2bedd387d58410fbce5ecb455fa026919
CollabNet Subversion Edge Management downloadHook LFI
Posted Jun 29, 2015
Authored by otr

The CollabNet Subversion Edge Management Frontend allows authenticated admins to read arbitrary local files via logfile "filename" parameter of the "downloadHook" action. Fixed in version 5.0.

tags | exploit, arbitrary, local, file inclusion
SHA-256 | 37d936d9d7e63a4ff0e4d5ba93bd86e716a8d053ae486aae462f028a417603cc
CollabNet Subversion Edge Management Credential Leak
Posted Jun 29, 2015
Authored by otr

The CollabNet Subversion Edge Management Frontend leaks the unsalted MD5 hash of password of the currently logged in user via a "POST /csvn/user/index" request. An attacker that exploits an XSS or has gained a valid session via other means is able to retrieve the unsalted MD5 hash of the corresponding user and easily crack the hash in order to know the users password. Fixed in version 5.0.

tags | exploit, info disclosure
SHA-256 | 1d88ce5b1e015850cee7a266039f0317d57a1d11a0b2b10402aefdd630149ba1
CollabNet Subversion Edge Management Frontend Privilege Escalation
Posted Jun 29, 2015
Authored by otr

The CollabNet Subversion Edge Management Frontend allows authenticated administrators to escalate their privileges by creating and executing hook scripts. As a result they are able to execute arbitrary commands as the user the Management Frontend is running under without authenticating with valid credentials. Fixed in version 5.0.

tags | exploit, arbitrary
SHA-256 | 6367d80f85ed6df597af815bf79b0b9c35711023632a3e93c0eae53e289e7171
Skype Click To Call 6.2.0.106 Privilege Escalation
Posted Mar 15, 2013
Authored by otr

The default installation of Skype is vulnerable to a local privilege escalation attack that allows an unprivileged attacker to execute arbitrary code with NT AUTHORITY/SYSTEM privileges. Versions 6.2.0.106 and below are affected.

tags | exploit, arbitrary, local
SHA-256 | d220809c5a2ec3bca6b7d83539650b12420bc8778406212fc05cd585e28a6a0f
Empirum Password Obfuscation
Posted Feb 15, 2013
Authored by otr

Empirum version 14.0 from Matrix42 is prone to a trivial password recovery attack that allows users to obtain passwords encrypted with the EmpCrypt.exe.

tags | advisory
SHA-256 | b8bfd848ac2af64d7799cf9258bc83cfefcfe8500dd019f1128511e9ba936b3e
PcwRunAs 0.4 Password Obfuscation Design Flaw
Posted Mar 26, 2012
Authored by otr

The PcwRunAs software available from the PC-Welt website is prone to a trivial password recovery attack that allows local users to obtain passwords encrypted with the pcwRunAsGui.exe. pcwRunAs versions 0.4 and below are affected.

tags | exploit, local
advisories | CVE-2012-1793
SHA-256 | 811b545d5083c227c56986dbdeeac60ef0a1b6690230618e3d3b76f311c4ab12
Torrent-Stats Denial Of Service
Posted Feb 3, 2012
Authored by otr

Torrent-Stats suffers from a denial of service vulnerability in httpd.c.

tags | exploit, denial of service
SHA-256 | 800bc0f63fdba947738b01388e1c4834532ab1fc95c5b2912e467da4293d8011
NX Web Companion Spoofing Arbitrary Code Execution
Posted Jan 25, 2012
Authored by otr

NX Web Companion suffers from a spoofing vulnerability that may allow for arbitrary code execution.

tags | advisory, web, arbitrary, spoof, code execution
SHA-256 | c6dbb4c255fa34d27c7f911a58e314d1f1d2ecc2c658c6db8ccba523adf5f97b
Acpid Privilege Boundary Crossing
Posted Dec 10, 2011
Authored by otr

Local proof of concept exploit that demonstrates a privilege boundary crossing vulnerability in acpid. Written to work on Ubuntu 11.10 and 11.04.

tags | exploit, local, proof of concept
systems | linux, ubuntu
advisories | CVE-2011-2777
SHA-256 | db41e68389796e2550b308a702d82798e2fc58981a4d76192e86c8e6d1ff1029
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close