This Metasploit module abuses the "Command" trap in Zabbix Server to execute arbitrary commands without authentication. By default the Node ID "0" is used, if it doesn't work, the Node ID is leaked from the error message and exploitation retried. According to the vendor versions prior to 1.6.9 are vulnerable. The vulnerability has been successfully tested on Zabbix Server 1.6.7 on Ubuntu 10.04.
c4c37ca2fbeb9dc136f6ed37edc9e1410341536d23168c981616809399bccf93
This Metasploit module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. The vulnerability seems to be related to the use of the newly introduced ClassFinder#resolveClass in Java 7, which allows the sun.awt.SunToolkit class to be loaded and modified. Please note this flaw is also being exploited in the wild, and there is no patch from Oracle at this point. Our module has been successfully tested on multiple setups, including: IE, Firefox, Chrome and Safari on Windows, Linux and OS X, etc.
5ad9244a813015246c4b0e8bd5e77b71df43a8026083619c5950c1be4875177c
Conceptronic Grab'n'Go and Sitecom Storage Center suffers from a password disclosure vulnerability.
5aca9836ab124cc5eadd41fd71d2b7a522619f976b9d3c4cef58f45f4967b641
Express Burn Plus version 4.58 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a unicode buffer overflow when a user opens e.g. a specially crafted .EBP file. Successful exploitation could allow execution of arbitrary code on the affected machine.
08e7ff9e01fa59fc164d33e4e3df8f5a40ec708c92dcabf0c5283bfdfa23259a
This is a whitepaper detailing how to perform authentication bypass against Sage 50 Payroll 2012 version 18.00.031 using Immunity Debugger.
bf9e32ff6711bdd25f0473894bee2ccf852a964b8f3280f156abf18fd8f4ec99
Wiki Web Help version 0.3.9 suffers from a stored cross site scripting vulnerability.
e68fce127757a39e865dc1d2314d2b2291059f24abc8dca32bd3b811ac595f4e
Conceptronic Grab’n’Go Network Storage and Sitecom Home Storage Center suffers from an authentication bypass vulnerability due to doing all cookie validation in javascript.
a8ced793b1d6580a69a234553e0bfa276e70ddada5bbd956902b6b3f8cdbd9b9
XWiki version 4.2-milestone-2 suffers from multiple stored cross site scripting vulnerabilities.
c25959b05ad0c3c4ffa247f3a057eebafca9fa9ae6be574d7c1032d7c874d265
VLinks version 2.0.3 suffers from a remote SQL injection vulnerability.
b23c5588697d4e2b9fed3c47f1cc90d681247e484cbd8dd9bc6554bd7c96e605
CommPort version 1.01 suffers from an authentication bypass vulnerability.
f452f7ccb48a60edc5d99a67b983276202b6fae18cf2d19313b49d3c85e0732c
Silly Fellow suffers from a persistent cross site scripting vulnerability.
0bf829fa089cb8954d682d2197a17e2c1bf6350d1c309d3ef4c73776304764e2
CommPort version 1.01 suffers from a remote SQL injection vulnerability.
6721f54935455b70225444dccf2aed30092482422ee8ee5cc79fd86e61bd132e
Red Hat Security Advisory 2012-1208-01 - The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc's functions for converting a string to a numeric representation, strtof(), and strtold()). If an application used such a function on attacker controlled input, it could cause the application to crash or, potentially, execute arbitrary code.
38c44f4e936f0865b778142043b48db215db036dcbf8504a5069e55ff3a39a6f
Red Hat Security Advisory 2012-1207-01 - The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc's functions for converting a string to a numeric representation, strtof(), and strtold()). If an application used such a function on attacker controlled input, it could cause the application to crash or, potentially, execute arbitrary code.
b5de128de66826d4c69f820bb04f1b9544c7f8570dc56e96ecddcddd2799a810
Red Hat Security Advisory 2012-1206-01 - Python Paste provides middleware for building and running Python web applications. The python-paste-script package includes paster, a tool for working with and running Python Paste applications. It was discovered that paster did not drop supplementary group privileges when started by the root user. Running "paster serve" as root to start a Python web application that will run as a non-root user and group resulted in that application running with root group privileges. This could possibly allow a remote attacker to gain access to files that should not be accessible to the application.
5c66d2db6e0682e8949f723061869cb26e0e9f0ed046838762d25a4250496f11