This Metasploit module exploits a code execution flaw in SonicWALL GMS. It exploits two vulnerabilities in order to get its objective. An authentication bypass in the Web Administration interface allows to abuse the "appliance" application and upload an arbitrary payload embedded in a JSP. The module has been tested successfully on SonicWALL GMS 6.0.6017 over Windows 2003 SP2 and SonicWALL GMS 6.0.6022 Virtual Appliance (Linux). On the Virtual Appliance the linux meterpreter hasn't run successfully while testing, shell payload have been used.
e1755ee13c8e3130d551fa7c0d3ecece903c21cf67a088b1e4b09747d286333eThis Metasploit module exploits a command execution vulnerability in ZoneMinder Video Server version 1.24.0 to 1.25.0 which could be abused to allow authenticated users to execute arbitrary commands under the context of the web server user. The 'packageControl' function in the 'includes/actions.php' file calls 'exec()' with user controlled data from the 'runState' parameter.
aab8ea5a52b4b1c07ba62aed307dd92f1f1c1d23d97428d0d5e53e113be8bd88Debian Linux Security Advisory 2612-1 - It was discovered that a bug in the server capability negotiation code of ircd-ratbox could result in denial of service.
3a1c07c6bf56ab67bda646e828f5565ecf32b0a08e6ee4683805c25f3192a86bRed Hat Security Advisory 2013-0196-01 - An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. JBoss Web Services leaked side-channel data when distributing symmetric keys, allowing a remote attacker to recover the entire plain text form of a symmetric key. Spring framework could possibly evaluate Expression Language expressions twice, allowing a remote attacker to execute arbitrary code in the context of the application server, or to obtain sensitive information from the server. Manual action is required to apply this fix.
2f420dc5393c68f141cd8470fbff93566527c142e6919016b8d51d958b72e142Red Hat Security Advisory 2013-0198-01 - An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. JBoss Web Services leaked side-channel data when distributing symmetric keys, allowing a remote attacker to recover the entire plain text form of a symmetric key. Spring framework could possibly evaluate Expression Language expressions twice, allowing a remote attacker to execute arbitrary code in the context of the application server, or to obtain sensitive information from the server. Manual action is required to apply this fix.
30193e7918c18174e09b0fc9317ff36e69fa478524e48a046aad05faefd491bdRed Hat Security Advisory 2013-0193-01 - An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. JBoss Web Services leaked side-channel data when distributing symmetric keys, allowing a remote attacker to recover the entire plain text form of a symmetric key. Spring framework could possibly evaluate Expression Language expressions twice, allowing a remote attacker to execute arbitrary code in the context of the application server, or to obtain sensitive information from the server. Manual action is required to apply this fix.
203d4183f97a0b72534165eefaad1051ab80c5b6e961528dfdb812f736af75d9Red Hat Security Advisory 2013-0197-01 - An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. JBoss Web Services leaked side-channel data when distributing symmetric keys, allowing a remote attacker to recover the entire plain text form of a symmetric key. Spring framework could possibly evaluate Expression Language expressions twice, allowing a remote attacker to execute arbitrary code in the context of the application server, or to obtain sensitive information from the server. Manual action is required to apply this fix.
d097fde655669dd117b8c1860e4328722d06635f85f615a47f270510adf54dffRed Hat Security Advisory 2013-0194-01 - An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. JBoss Web Services leaked side-channel data when distributing symmetric keys, allowing a remote attacker to recover the entire plain text form of a symmetric key. Spring framework could possibly evaluate Expression Language expressions twice, allowing a remote attacker to execute arbitrary code in the context of the application server, or to obtain sensitive information from the server. Manual action is required to apply this fix.
751484bde4f1d4f095ab8daed96a50cce4a169426c1d76fcee30df63f7518f50Red Hat Security Advisory 2013-0195-01 - An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. JBoss Web Services leaked side-channel data when distributing symmetric keys, allowing a remote attacker to recover the entire plain text form of a symmetric key. Spring framework could possibly evaluate Expression Language expressions twice, allowing a remote attacker to execute arbitrary code in the context of the application server, or to obtain sensitive information from the server. Manual action is required to apply this fix.
8b8aad75ccadcdd4a085ff3236bb83492d636516074fac3d37e0f2b2765dad09Red Hat Security Advisory 2013-0192-01 - An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. JBoss Web Services leaked side-channel data when distributing symmetric keys, allowing a remote attacker to recover the entire plain text form of a symmetric key. Spring framework could possibly evaluate Expression Language expressions twice, allowing a remote attacker to execute arbitrary code in the context of the application server, or to obtain sensitive information from the server. Manual action is required to apply this fix.
decf7b548527298e14368750ef10bad42cfe81748596c00c8a51d19ab1bd60eeRed Hat Security Advisory 2013-0191-01 - An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. JBoss Web Services leaked side-channel data when distributing symmetric keys, allowing a remote attacker to recover the entire plain text form of a symmetric key. Spring framework could possibly evaluate Expression Language expressions twice, allowing a remote attacker to execute arbitrary code in the context of the application server, or to obtain sensitive information from the server. Manual action is required to apply this fix.
0118f719b859c9ded96e3c08f5bd52ca98c57d394f73c70376f8c790151e7a7f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed