exploit the possibilities
Showing 1 - 25 of 36 RSS Feed

Files

Pandora FMS 7.0 Authenticated Remote Code Execution
Posted Feb 13, 2020
Authored by Engin Demirbilek

Pandora FMS version 7.0 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-8947
MD5 | c3b198639fda25e23a0dfdf49744d535

Related Files

Pandora FMS 7.0NG Remote Code Execution
Posted Apr 3, 2020
Authored by Basim Alabdullah

Pandora FMS version 7.0NG suffers from a net_tools.php remote code execution vulnerability.

tags | exploit, remote, php, code execution
MD5 | a6cfa63dd5a875fd53b5c5870eff7bb8
Heap Two-Write-Where-And-Not Format String (FMS) Technique
Posted Sep 7, 2016
Authored by bashis

This write up provides code of the 'two-write-where-and-what' format string (FMS) exploitation technique and how to exploit it when located on the heap.

tags | paper
MD5 | 3078f2e3eb94de4bca3f24ba2c709557
Pandora FMS 5.0 / 5.1 Authentication Bypass
Posted Jun 10, 2015
Authored by A. Tsvetkov, Manuel Mancera

Pandora FMS versions 5.0 and 5.1 suffer from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 6d37f52390af844503b8487747e66f75
Pandora FMS 5.1 SP1 SQL Injection
Posted Feb 11, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Pandora FMS version 5.1 SP1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3c771580986a3f1bc276a6c62a9b2f09
Pandora FMS 5.1 SP1 Cross Site Scripting
Posted Jan 16, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Pandora FMS version 5.1 SP1 suffers from a persistent cross site scripting vulnerability in the SNMP editor.

tags | exploit, xss
MD5 | f65d5ad804745551a421e17942ed1615
Pandora FMS SQL Injection Remote Code Execution
Posted Nov 26, 2014
Authored by Jason Kratzer, Lincoln | Site metasploit.com

This Metasploit module attempts to exploit multiple issues in order to gain remote code execution under Pandora FMS versions equal to and prior to 5.0 SP2. First, an attempt to authenticate using default credentials is performed. If this method fails, a SQL injection vulnerability is leveraged in order to extract the "Auto Login" password hash. If this value is not set, the module will then extract the administrator account's MD5 password hash.

tags | exploit, remote, code execution, sql injection
MD5 | d879b2c710bcfc29da92c8253b550c36
Pandora FMS 5.1SP1 Cross Site Scripting
Posted Nov 14, 2014
Authored by William Costa

Pandora FMS version 5.1SP1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | fd1e3809148fda3d0ec848d53f3d197e
Pandora FMS 5.0RC1 Remote Code Execution
Posted Feb 7, 2014
Authored by xistence | Site metasploit.com

This Metasploit module exploits a vulnerability found in Pandora FMS 5.0RC1 and lower. It will leverage an unauthenticated command injection in the Anyterm service on port 8023. Commands are executed as the user "pandora". In Pandora FMS 4.1 and 5.0RC1 the user "artica" is not assigned a password by default, which makes it possible to su to this user from the "pandora" user. The "artica" user has access to sudo without a password, which makes it possible to escalate privileges to root. However, Pandora FMS 4.0 and lower force a password for the "artica" user during installation.

tags | exploit, root
MD5 | 35d7dfee04901de86a3c3aaf7fa196bf
Pandora FMS 5.0RC1 Code Execution
Posted Jan 29, 2014
Authored by xistence

Pandora FMS versions 5.0RC1 and below suffer from a code execution vulnerability.

tags | exploit, code execution
MD5 | d9057714df010cfac019fecec177b539
SIEMENS Solid Edge ST4 WebPartHelper Command Execution
Posted May 27, 2013
Authored by rgod | Site retrogod.altervista.org

SIEMENS Solid Edge ST4 WebPartHelper active-x control RFMSsvs!JShellExecuteEx suffers from a remote command execution vulnerability. Proof of concept included.

tags | exploit, remote, activex, proof of concept
systems | linux
MD5 | bdd9cbfc1d8fd0e77ab4e70228ce55c6
Pandora FMS 4.0.1 Local File Inclusion
Posted Feb 17, 2012
Authored by longrifle0x | Site vulnerability-lab.com

Pandora FMS version 4.0.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 44efebf7bc3998f6b05a6fc76be4cfce
Adobe FMS 3.5.6 / 4.0.2 Denial Of Service
Posted Oct 13, 2011
Authored by Knud | Site nsense.fi

nSense Vulnerability Research Security Advisory - Adobe Flash Media Servers (FMS) versions 3.5.6 and below and 4.0.2 and below suffer from a denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2011-2132
MD5 | 23a956a7ad381717f9d1fb6744195484
Pandora FMS 3.2.1 Cross Site Scripting
Posted Aug 19, 2011
Authored by Mehdi Boukazoula

Pandora FMS version 3.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b2993967117596e78598a1b939725aff
Secunia Security Advisory 45319
Posted Jul 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Enterprise Financial Management Solutions (FMS), which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.

tags | advisory
MD5 | c28cdaa017fe4a48fe92329d3327280c
Secunia Security Advisory 45207
Posted Jul 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Pandora FMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 4ee9aaf56f1e59d244865153cf7ba8af
Pandora FMS 3.2.1 Cross Site Request Forgery
Posted Jul 13, 2011
Authored by Mehdi Boukazoula

Pandora FMS versions 3.2.1 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 90dad6c50db61c8bd8ee7d344e6a75d1
Secunia Security Advisory 42347
Posted Dec 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness and multiple vulnerabilities have been discovered in Pandora FMS, which can be exploited by malicious users to conduct SQL injection attacks, disclose potentially sensitive information, and compromise a vulnerable system and by malicious people to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory, vulnerability, sql injection
MD5 | 5f575893ec91b41306103447b751c03e
Pandora FMS Command Injection / SQL Injection / Path Traversal
Posted Dec 1, 2010
Authored by Juan Galiana Lara

Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, file inclusion
advisories | CVE-2010-4279, CVE-2010-4278, CVE-2010-4280, CVE-2010-4281, CVE-2010-4282, CVE-2010-4283
MD5 | 9f529c8560b395031f212dc20191f40f
Secunia Security Advisory 42157
Posted Nov 10, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Flash Media Server (FMS), which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially execute arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
MD5 | 4aedd6dce7068f3f23fb6c23101af551
Pandora FMS Monitoring Application SQL Injection
Posted Dec 21, 2009
Authored by Global-Evolution

The Pandora FMS monitoring application versions 2.1.x and 3.x suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 18ca88e63f85aaad73838b1453807b6f
Secunia Security Advisory 37837
Posted Dec 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Pandora FMS, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | d50ed57d3624888d7090b43820d8206f
The FMS Explanation
Posted May 25, 2009
Authored by Saitek | Site saitek.altervista.org

Whitepaper called How Do I Crack Your WEP: The FMS Attack Explanation. Written in Italian.

tags | paper
MD5 | 55c713f70902d4567f8936b5105cd70c
PandoraFMS-1.2.tar.gz
Posted Dec 12, 2006
Authored by Sancho Lerena, Raul Mateos, Esteban Sanchez, Jonathan Barajas, Joss Navarro, Antonio Dos Santos | Site pandora.sourceforge.net

Pandora is a monitoring system designed to watch systems and applications. It allows auditing of any element of a system, from a network interface being down to a defacement in a web site. Included in this tarball are PandoraFMS_Agent_UNIX-1.2.0.tar.gz, PandoraFMS_Agent_Windows_src-1.2.0.zip, PandoraFMS_Console-1.2.0.tar.gz, PandoraFMS_Documentation-1.2.0.zip, PandoraFMS_Server-1.2.0.tar.gz, and PandoraFMS_Windows_Agent_Setup-1.2-0.exe. These files make up the server, web console, and various agents to be used in the PandoraFMS.

tags | web
systems | unix
MD5 | 5d0adc6aa3ad594dee2be7d292d628d4
aircrack-2.4.tgz
Posted Nov 13, 2005
Authored by Christophe Devine

Aircrack is an 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. It implements the standard FMS attack along with some optimizations, thus making the attack much faster compared to other WEP cracking tools.

Changes: Various bug fixes and enhancements.
tags | tool, wireless
MD5 | fbe301341cbae60d410ee0431a3adae4
aircrack-2.3.tgz
Posted Aug 28, 2005
Authored by Christophe Devine

Aircrack is an 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. It implements the standard FMS attack along with some optimizations, thus making the attack much faster compared to other WEP cracking tools.

Changes: Added a patch, some updates, and a few fixes.
tags | tool, wireless
MD5 | 8c0c88abe107ca26d019d8f43958e60a
Page 1 of 2
Back12Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    10 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close