exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files Date: 2015-07-17

SysAid Help Desk Administrator Portal Arbitrary File Upload
Posted Jul 17, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk. The vulnerability exists in the ChangePhoto.jsp in the administrator portal, which does not handle correctly directory traversal sequences and does not enforce file extension restrictions. You need to have an administrator account, but there is a Metasploit auxiliary module that can create one for you. This Metasploit module has been tested in SysAid v14.4 in both Linux and Windows.

tags | exploit, file upload
systems | linux, windows
advisories | CVE-2015-2994
SHA-256 | 0c208d2f198e77dc853b8bf460e5001c9fc1655e2c941edb66fcee493d8b936a
SysAid Help Desk 'rdslogs' Arbitrary File Upload
Posted Jul 17, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk v14.3 and v14.4. The vulnerability exists in the RdsLogsEntry servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. Combining both weaknesses a remote attacker can accomplish remote code execution. Note that this will only work if the target is running Java 6 or 7 up to 7u25, as Java 7u40 and above introduce a protection against null byte injection in file names. This Metasploit module has been tested successfully on version v14.3.12 b22 and v14.4.32 b25 in Linux. In theory this module also works on Windows, but SysAid seems to bundle Java 7u40 and above with the Windows package which prevents the vulnerability from being exploited.

tags | exploit, java, remote, code execution, file upload
systems | linux, windows
advisories | CVE-2015-2995
SHA-256 | f551636c73e5b60b9c38cb4bdd3c80dbbb6ea337669f453ce8ca689cbfedd936
Novell GroupWise 2014 Cross Site Scripting
Posted Jul 17, 2015
Authored by Dr. Adrian Vollmer

Novell GroupWise 2014 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4c4c6296fd8b81448615d8372109d7607ccf6820ff46fc08d334d2f7a8f513c2
UDID+ 2.5 Command Injection
Posted Jul 17, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

UDID+ version 2.5 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | 761145c7197c1353abee758af1de37e76bf21669162d014b72a9a6a9cc8cb015
Red Hat Security Advisory 2015-1243-01
Posted Jul 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1243-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-2590, CVE-2015-2601, CVE-2015-2621, CVE-2015-2625, CVE-2015-2627, CVE-2015-2628, CVE-2015-2632, CVE-2015-2637, CVE-2015-2638, CVE-2015-2664, CVE-2015-2808, CVE-2015-4000, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
SHA-256 | 240a4d208c67ed5977cc94f864f3c548d2a692bbfe7028670ced5044f28a1c0d
Red Hat Security Advisory 2015-1242-01
Posted Jul 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1242-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-2590, CVE-2015-2596, CVE-2015-2601, CVE-2015-2613, CVE-2015-2619, CVE-2015-2621, CVE-2015-2625, CVE-2015-2627, CVE-2015-2628, CVE-2015-2632, CVE-2015-2637, CVE-2015-2638, CVE-2015-2664, CVE-2015-2808, CVE-2015-4000, CVE-2015-4729, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4736, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
SHA-256 | b01b07a56be2d7a975fa73912a2e17caca8944404e1dc032d7ba2d6b307d9c3b
Red Hat Security Advisory 2015-1241-01
Posted Jul 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1241-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-2590, CVE-2015-2601, CVE-2015-2613, CVE-2015-2619, CVE-2015-2621, CVE-2015-2625, CVE-2015-2627, CVE-2015-2628, CVE-2015-2632, CVE-2015-2637, CVE-2015-2638, CVE-2015-2659, CVE-2015-2664, CVE-2015-2808, CVE-2015-4000, CVE-2015-4729, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4736, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
SHA-256 | a00adc19b4661f42eff481841ccbe46849730c47219498516b92867b140ed3c7
Oracle E-Business Suite Open Redirection
Posted Jul 17, 2015
Authored by Owais Mohammad Khan

Oracle E-Business Suite is prone to a remote URL-redirection vulnerability. This vulnerability may allow a malicious user to perform a phishing attack by sending a crafted URL of Oracle E-Business Suite Form Servlet page to another user. When an unsuspecting victim follows the URI, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Versions affected include 11.5.10.2, 12.0.6, and 12.1.3.

tags | advisory, remote
advisories | CVE-2015-2630
SHA-256 | fefe0444086e77de0d60a0771da86be452e0256a0e1d089607066df4b7065e65
FoxyCart Filter Bypass
Posted Jul 17, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

FoxyCart suffers from filter bypass and input validation vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 718fd95d80edef23b0352b7f8154fc54cb785b8980a88329772638cb021700da
AirDroid ID Client Side JSONP Callback
Posted Jul 17, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

AirDroid ID suffers from suffers from a script insertion vulnerability.

tags | exploit
SHA-256 | 826719c31357000a9eed1c066020ee4e4342aa7e36f9d47701bd3128c7d4b9db
NetBIOS NBSTAT Name Query Reflection Denial Of Service
Posted Jul 17, 2015
Authored by Todor Donev

NetBIOS NBSTAT name query reflection denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 64eedc77e04daae82e3317cca2ba26267d63f8097003b3f9fcc142d9311aa277
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20150714
Posted Jul 17, 2015
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.

Changes: Various updates.
tags | tool, kernel, peer2peer
systems | linux
SHA-256 | f834fdcfa0d09342ea97df60afc197af2e8feb70573aae15858528c417dc5456
D-Link Cookie Command Execution
Posted Jul 17, 2015
Authored by Michael Messner, Peter Adkins | Site metasploit.com

This Metasploit module exploits an anonymous remote upload and code execution vulnerability on different D-Link devices. The vulnerability is a command injection in the cookie handling process of the lighttpd web server when handling specially crafted cookie values. This Metasploit module has been successfully tested on D-Link DSP-W110A1_FW105B01 in emulated environment.

tags | exploit, remote, web, code execution
SHA-256 | 0775e7d0aff2f6e2825635c995a83bb54708fc9752c08058d2dc8f04aed2e87c
Oracle Application Express Cross Site Scripting
Posted Jul 17, 2015
Authored by F. Lukavsky | Site sec-consult.com

The gReport Controls Sort Widget in Oracle Application Express is prone to permanent cross site scripting. The setting "display as" of the column attributes is ignored for the filter list. Versions prior to 4.2.3.00.08 are affected.

tags | exploit, xss
advisories | CVE-2015-2655
SHA-256 | c9ce7cae929b2bfcfbbd561c21486f566a196d3064d30611bb77669161526837
Elasticsearch Directory Traversal
Posted Jul 17, 2015
Authored by Kevin Kluge

Elasticsearch versions from 1.0.0 to 1.6.0 are vulnerable to a directory traversal attack that allows an attacker to retrieve files that are readable by the Elasticsearch JVM process.

tags | advisory, file inclusion
advisories | CVE-2015-5531
SHA-256 | b31e33f0be2db96a5fdb079e65aaf1b8bd17143da9e03e617b58e897d6aa2937
Elasticsearch Remote Code Execution
Posted Jul 17, 2015
Authored by Kevin Kluge

Elasticsearch versions prior to 1.6.1 are vulnerable to an engineered attack on its transport protocol that enables remote code execution.

tags | advisory, remote, code execution, protocol
advisories | CVE-2015-5377
SHA-256 | c7d03a23059a26c14cfa85c4a73e1ef9e80899f3676ade54bb247e68d5444f6b
glibc / tcmalloc / jemalloc Double Destructor/Free
Posted Jul 17, 2015
Authored by PIN

Three proof of concept exploits demonstrating double-free issues with glibc, tcmalloc, and jemalloc.

tags | exploit, proof of concept
systems | linux
SHA-256 | e7f0fbeb3a092dc3418be3ce25fae479f87f00d498e749ac4c04652d49e094e2
EMC Documentum CenterStage Cross Site Scripting
Posted Jul 17, 2015
Site emc.com

EMC Documentum CenterStage is affected by a stored cross-site scripting vulnerability that could potentially be exploited by an attacker by injecting malicious HTML or script. This may lead to execution of injected HTML or script in the context of the authenticated user.

tags | advisory, xss
advisories | CVE-2015-4528
SHA-256 | 6735391574947f75e6be781bb6730919f081530e732a8c5060ab42e4c0a9926f
EMC Documentum WebTop Open Redirect
Posted Jul 17, 2015
Site emc.com

EMC Documentum WebTop and WebTop based client products contain an open redirected vulnerability. Attackers could potentially exploit this vulnerability by supplying crafted URLs to users of the affected application and causing a browser redirect to arbitrary and potentially malicious websites.

tags | advisory, arbitrary
advisories | CVE-2015-4529
SHA-256 | 2522c718c302be4a8ccf0d96166ebbc62243ca64ca2cd415fa3fec260890c15d
Impero Education Pro Remote Command Execution
Posted Jul 17, 2015
Authored by slipstream

Impero Education Pro suffers from a remote SYSTEM command execution vulnerability.

tags | exploit, remote
SHA-256 | 52a912335707a2c2f5ffd89fb25efa0c054326c82bae73267bb04bd65910dcf7
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close