This Metasploit module exploits a command injection vulnerability within the Agent Tesla control panel, in combination with an SQL injection vulnerability and a PHP object injection vulnerability, to gain remote code execution on affected hosts. Panel versions released prior to September 12, 2018 can be exploited by unauthenticated attackers to gain remote code execution as user running the web server. Agent Tesla panels released on or after this date can still be exploited however, provided that attackers have valid credentials for the Agent Tesla control panel. Note that this module presently only fully supports Windows hosts running Agent Tesla on the WAMP stack. Support for Linux may be added in a future update, but could not be confirmed during testing.
642ae2da08c3ed900b9c3760d13a2d1c0fb0e0de2dd1b41ae42a606c6a1d18a4Red Hat Security Advisory 2020-2479-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Issues addressed include bypass, denial of service, and server-side request forgery vulnerabilities.
23458cd48178a8159bfb19bcf64236f01ddea203375d126505b85dbb0c1d9856Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
3cc165f9007ba41de6d0b693a1167dbaf0179085f9506dcba64b4b8e37e1bda2haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.
0b8642515ea7189a1772cdb8072b98a6768cf9b963faf3cd664329fd79975ffaUbuntu Security Notice 4399-1 - It was discovered that Bind incorrectly handled large responses during zone transfers. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. It was discovered that Bind incorrectly handled certain asterisk characters in zone files. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.
6b8a0598afd7e0de323d915de70a0d215f77552ebee8cfea770c8cfd75fd98caRed Hat Security Advisory 2020-2478-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, and cross site scripting vulnerabilities.
f6b30f9a898c6f50aa4c280f90fa2d946eadbd8c1685d8afb8fa5083de5a2227This Metasploit module exploits an unauthenticated remote SQL injection vulnerability in Cayin xPost versions 2.5 and below. The wayfinder_meeting_input.jsp file's wayfinder_seqid parameter can be injected blindly. Since this app bundles MySQL and Apache Tomcat the environment is pretty static and therefore the default settings should work. Results in SYSTEM level access. Only the java/jsp_shell_reverse_tcp and java/jsp_shell_bind_tcp payloads seem to be valid.
946a83a6a866b8857742cf272ba769a429c18cb24272e4ace13ff969e616262fThis Metasploit module exploits a remote SQL injection vulnerability in the "query" parameter found on Gila CMS version 1.1.18.1.
67d47acf6c51ced0b686d0152f6b884da8154b3ba0451ec2e3dcf58ecf577ae2This Metasploit module exploits an authenticated remote code execution vulnerability in Cayin CMS versions 11.0 and below. The code execution is executed in the system_service.cgi file's ntpIp Parameter. The field is limited in size, so repeated requests are made to achieve a larger payload. Cayin CMS-SE is built for Ubuntu 16.04 (20.04 failed to install correctly), so the environment should be pretty set and not dynamic between targets. Results in root level access.
f7b153a94b13dd779b71e768fae7fc55f56194a7216851fdcf2cba9757607215OpenCTI version 3.3.1 suffers from cross site scripting and directory traversal vulnerabilities.
89a8f8509d6cb8102d1c1d3f603a62eedb2bc3a7f07ccb924b9fbbba6c75a556Code Blocks version 17.12 File Name SEH unicode local buffer overflow exploit.
c1dae29c4709263a913afe83978e44898f719a4880434a72a380b79d2300d6e6College-Management-System-Php version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
cbf4c86af333a96542bd6c2fc1cc82371caf76e7c8a75a8f39f7141ab4442797
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed