what you don't know can hurt you
Showing 1 - 20 of 20 RSS Feed

Files Date: 2015-07-17

SysAid Help Desk Administrator Portal Arbitrary File Upload
Posted Jul 17, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk. The vulnerability exists in the ChangePhoto.jsp in the administrator portal, which does not handle correctly directory traversal sequences and does not enforce file extension restrictions. You need to have an administrator account, but there is a Metasploit auxiliary module that can create one for you. This Metasploit module has been tested in SysAid v14.4 in both Linux and Windows.

tags | exploit, file upload
systems | linux, windows
advisories | CVE-2015-2994
MD5 | 7b56518cd88728ae118a9c8c4346e802
SysAid Help Desk 'rdslogs' Arbitrary File Upload
Posted Jul 17, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk v14.3 and v14.4. The vulnerability exists in the RdsLogsEntry servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. Combining both weaknesses a remote attacker can accomplish remote code execution. Note that this will only work if the target is running Java 6 or 7 up to 7u25, as Java 7u40 and above introduce a protection against null byte injection in file names. This Metasploit module has been tested successfully on version v14.3.12 b22 and v14.4.32 b25 in Linux. In theory this module also works on Windows, but SysAid seems to bundle Java 7u40 and above with the Windows package which prevents the vulnerability from being exploited.

tags | exploit, java, remote, code execution, file upload
systems | linux, windows
advisories | CVE-2015-2995
MD5 | b51dc42c6747ed2d019da4db53bb0bc4
Novell GroupWise 2014 Cross Site Scripting
Posted Jul 17, 2015
Authored by Dr. Adrian Vollmer

Novell GroupWise 2014 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6ad390ab0f0f238b23a5a1df8001ce69
UDID+ 2.5 Command Injection
Posted Jul 17, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

UDID+ version 2.5 suffers from a command injection vulnerability.

tags | exploit
MD5 | 875bfff2256bd42a640b2aeba02bb7eb
Red Hat Security Advisory 2015-1243-01
Posted Jul 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1243-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-2590, CVE-2015-2601, CVE-2015-2621, CVE-2015-2625, CVE-2015-2627, CVE-2015-2628, CVE-2015-2632, CVE-2015-2637, CVE-2015-2638, CVE-2015-2664, CVE-2015-2808, CVE-2015-4000, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
MD5 | 53d66d7b85ad0bd8ec2a90d26d611403
Red Hat Security Advisory 2015-1242-01
Posted Jul 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1242-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-2590, CVE-2015-2596, CVE-2015-2601, CVE-2015-2613, CVE-2015-2619, CVE-2015-2621, CVE-2015-2625, CVE-2015-2627, CVE-2015-2628, CVE-2015-2632, CVE-2015-2637, CVE-2015-2638, CVE-2015-2664, CVE-2015-2808, CVE-2015-4000, CVE-2015-4729, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4736, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
MD5 | 7300b34d961085e081e3f4aa45ce6a6a
Red Hat Security Advisory 2015-1241-01
Posted Jul 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1241-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-2590, CVE-2015-2601, CVE-2015-2613, CVE-2015-2619, CVE-2015-2621, CVE-2015-2625, CVE-2015-2627, CVE-2015-2628, CVE-2015-2632, CVE-2015-2637, CVE-2015-2638, CVE-2015-2659, CVE-2015-2664, CVE-2015-2808, CVE-2015-4000, CVE-2015-4729, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4736, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
MD5 | bb5ca8f222e87f31158b63b9c93b961a
Oracle E-Business Suite Open Redirection
Posted Jul 17, 2015
Authored by Owais Mohammad Khan

Oracle E-Business Suite is prone to a remote URL-redirection vulnerability. This vulnerability may allow a malicious user to perform a phishing attack by sending a crafted URL of Oracle E-Business Suite Form Servlet page to another user. When an unsuspecting victim follows the URI, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Versions affected include 11.5.10.2, 12.0.6, and 12.1.3.

tags | advisory, remote
advisories | CVE-2015-2630
MD5 | 1a6ef912af27c6d7003683b0f3aa075a
FoxyCart Filter Bypass
Posted Jul 17, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

FoxyCart suffers from filter bypass and input validation vulnerabilities.

tags | exploit, vulnerability
MD5 | 9585f6fa7eb54fcb615070c4ff2d2280
AirDroid ID Client Side JSONP Callback
Posted Jul 17, 2015
Authored by Hadji Samir | Site vulnerability-lab.com

AirDroid ID suffers from suffers from a script insertion vulnerability.

tags | exploit
MD5 | 5165b39119bd03511edd751e4891672d
NetBIOS NBSTAT Name Query Reflection Denial Of Service
Posted Jul 17, 2015
Authored by Todor Donev

NetBIOS NBSTAT name query reflection denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 285a97993742661cb4e34b234ba2547b
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20150714
Posted Jul 17, 2015
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.

Changes: Various updates.
tags | tool, kernel, peer2peer
systems | linux
MD5 | 69a923f377634b7d30a00aaeff463e21
D-Link Cookie Command Execution
Posted Jul 17, 2015
Authored by Michael Messner, Peter Adkins | Site metasploit.com

This Metasploit module exploits an anonymous remote upload and code execution vulnerability on different D-Link devices. The vulnerability is a command injection in the cookie handling process of the lighttpd web server when handling specially crafted cookie values. This Metasploit module has been successfully tested on D-Link DSP-W110A1_FW105B01 in emulated environment.

tags | exploit, remote, web, code execution
MD5 | 7a7606313c7d378b3ac4537b2667afef
Oracle Application Express Cross Site Scripting
Posted Jul 17, 2015
Authored by F. Lukavsky | Site sec-consult.com

The gReport Controls Sort Widget in Oracle Application Express is prone to permanent cross site scripting. The setting "display as" of the column attributes is ignored for the filter list. Versions prior to 4.2.3.00.08 are affected.

tags | exploit, xss
advisories | CVE-2015-2655
MD5 | afd3f84b5ca8ecd6817c5738ea3e5962
Elasticsearch Directory Traversal
Posted Jul 17, 2015
Authored by Kevin Kluge

Elasticsearch versions from 1.0.0 to 1.6.0 are vulnerable to a directory traversal attack that allows an attacker to retrieve files that are readable by the Elasticsearch JVM process.

tags | advisory, file inclusion
advisories | CVE-2015-5531
MD5 | 6c2ac164bae3eaa3a3563f2703099afb
Elasticsearch Remote Code Execution
Posted Jul 17, 2015
Authored by Kevin Kluge

Elasticsearch versions prior to 1.6.1 are vulnerable to an engineered attack on its transport protocol that enables remote code execution.

tags | advisory, remote, code execution, protocol
advisories | CVE-2015-5377
MD5 | 82918ea739967c09d26de515eb32ed70
glibc / tcmalloc / jemalloc Double Destructor/Free
Posted Jul 17, 2015
Authored by PIN

Three proof of concept exploits demonstrating double-free issues with glibc, tcmalloc, and jemalloc.

tags | exploit, proof of concept
systems | linux
MD5 | 6331d10b232abe9183b710d040bb1937
EMC Documentum CenterStage Cross Site Scripting
Posted Jul 17, 2015
Site emc.com

EMC Documentum CenterStage is affected by a stored cross-site scripting vulnerability that could potentially be exploited by an attacker by injecting malicious HTML or script. This may lead to execution of injected HTML or script in the context of the authenticated user.

tags | advisory, xss
advisories | CVE-2015-4528
MD5 | c86787b43c1e2e7d65b1cb37b1be44aa
EMC Documentum WebTop Open Redirect
Posted Jul 17, 2015
Site emc.com

EMC Documentum WebTop and WebTop based client products contain an open redirected vulnerability. Attackers could potentially exploit this vulnerability by supplying crafted URLs to users of the affected application and causing a browser redirect to arbitrary and potentially malicious websites.

tags | advisory, arbitrary
advisories | CVE-2015-4529
MD5 | a6f4666dc99d300a93ae27d17208f911
Impero Education Pro Remote Command Execution
Posted Jul 17, 2015
Authored by slipstream

Impero Education Pro suffers from a remote SYSTEM command execution vulnerability.

tags | exploit, remote
MD5 | 16bfebfadd4f6a042a87cb1eba369947
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    0 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close