Showing 1 - 6 of 6

Files Date: 2014-02-01

Packet Storm New Exploits For January, 2014: Posted Feb 1, 2014; Authored by Todd J. | Site packetstormsecurity.com; This archive contains all of the 146 exploits added to Packet Storm in January, 2014.; tags | exploit; systems | linux; SHA-256 | abd91531ce551e9aefb4494643037cb7c7ffe5ce4f916248468aa82c725f3618; Download | Favorite | View

SkyBlueCanvas CMS Remote Code Execution: Posted Feb 1, 2014; Authored by Scott Parish | Site metasploit.com; This Metasploit module exploits an arbitrary command execution vulnerability in SkyBlueCanvas CMS version 1.1 r248-03 and below.; tags | exploit, arbitrary; advisories | CVE-2014-1683; SHA-256 | 465f30d5bfba4e185206983cc43184ffed680479d92c1bd652f44e8aacccdcf9; Download | Favorite | View

Apache Tomcat Manager Code Execution: Posted Feb 1, 2014; Authored by rangercha | Site metasploit.com; This Metasploit module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The compatible payload sets vary based on the selected target. For example, you must select the Windows target to use native Windows payloads.; tags | exploit; systems | windows; advisories | CVE-2009-3843, CVE-2009-4189, CVE-2009-4188, CVE-2010-0557, CVE-2010-4094, CVE-2009-3548, OSVDB-60317, OSVDB-60670, OSVDB-60176; SHA-256 | ad779a3b3a81ba663a7d78a49953b2c7b7c8a37a54e4a557a40f1c67b825aaf4; Download | Favorite | View

Apache Struts Developer Mode OGNL Execution: Posted Feb 1, 2014; Authored by juan vazquez, Johannes Dahse, Andreas Nusser, Alvaro | Site metasploit.com; This Metasploit module exploits a remote command execution vulnerability in Apache Struts 2. The problem exists on applications running in developer mode, where the DebuggingInterceptor allows evaluation and execution of OGNL expressions, which allows remote attackers to execute arbitrary Java code. This Metasploit module has been tested successfully in Struts 2.3.16, Tomcat 7 and Ubuntu 10.04.; tags | exploit, java, remote, arbitrary; systems | linux, ubuntu; advisories | CVE-2012-0394, OSVDB-78276; SHA-256 | d95e5ef29a2fce9c476472748fd55d151658b54e2b3321896da72a713f7e54b9; Download | Favorite | View

Debian Security Advisory 2850-1: Posted Feb 1, 2014; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2850-1 - Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.; tags | advisory, remote, overflow, arbitrary; systems | linux, redhat, debian; advisories | CVE-2013-6393; SHA-256 | da815c3ba4f06aa3891742df28a24dfa6df466cf99e8749f564a3ae5c316d165; Download | Favorite | View

Java PaaS / Cloud Services Security Issues: Posted Feb 1, 2014; Authored by Adam Gowdiak | Site security-explorations.com; Security Explorations discovered multiple security vulnerabilities in the environment of Oracle Java Cloud Service. Among a total of 28 issues found, there are 16 weaknesses that make it possible to completely break Java security sandbox of a target WebLogic server environment. An attacker can further leverage this to gain access to application deployments of other users of Oracle Java Cloud service in the same regional data center.; tags | advisory, java, vulnerability; SHA-256 | 652728a4db193f91cfd789d35f2cbce67c8d3fb9f86841ab4870dda696838141; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days