what you don't know can hurt you
Showing 1 - 25 of 65 RSS Feed

Files

Microsoft Exchange 2019 Unauthenticated Email Download
Posted May 18, 2021
Authored by Gonzalo Villegas

Microsoft Exchange 2019 unauthenticated email download exploit.

tags | exploit, info disclosure
advisories | CVE-2021-26855
MD5 | 38fb98664e2b38a6b3aea74819d024c1

Related Files

Microsoft Exchange ProxyShell Remote Code Execution
Posted Aug 20, 2021
Authored by Spencer McIntyre, Orange Tsai, wvu, Ramella Sebastien, Jang, PeterJson, brandonshi123 | Site metasploit.com

This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker to bypass the authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote code execution. By taking advantage of this vulnerability, you can execute arbitrary commands on the remote Microsoft Exchange Server. This vulnerability affects Exchange 2013 CU23 versions before 15.0.1497.15, Exchange 2016 CU19 versions before 15.1.2176.12, Exchange 2016 CU20 versions before 15.1.2242.5, Exchange 2019 CU8 versions before 15.2.792.13, and Exchange 2019 CU9 versions before 15.2.858.9.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2021-31207, CVE-2021-34473, CVE-2021-34523
MD5 | 8c1644733fd3fd7cb69deb16d2b4379f
Microsoft Exchange ProxyLogon Collector
Posted May 21, 2021
Authored by Ramella Sebastien | Site metasploit.com

This Metasploit module scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin by chaining this bug with another post-auth arbitrary-file-write vulnerability to get code execution. As a result, an unauthenticated attacker can execute arbitrary commands on Microsoft Exchange Server. This vulnerability affects Exchange 2013 versions below 15.00.1497.012, Exchange 2016 CU18 below 15.01.2106.013, Exchange 2016 CU19 below 15.01.2176.009, Exchange 2019 CU7 below 15.02.0721.013, and Exchange 2019 CU8 below 15.02.0792.010 . All components are vulnerable by default.

tags | exploit, arbitrary, code execution, info disclosure
advisories | CVE-2021-26855, CVE-2021-27065
MD5 | dc11b2a7355d1a3002d6afb260c6975f
Microsoft Exchange ProxyLogon Remote Code Execution
Posted Mar 23, 2021
Authored by Orange Tsai, mekhalleh, Jang, lotusdll | Site metasploit.com

This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication, impersonating as the admin (CVE-2021-26855) and write arbitrary file (CVE-2021-27065) to get the RCE (Remote Code Execution). By taking advantage of this vulnerability, you can execute arbitrary commands on the remote Microsoft Exchange Server. This vulnerability affects Exchange 2013 Versions less than 15.00.1497.012, Exchange 2016 CU18 less than 15.01.2106.013, Exchange 2016 CU19 less than 15.01.2176.009, Exchange 2019 CU7 less than 15.02.0721.013, and Exchange 2019 CU8 less than 15.02.0792.010. All components are vulnerable by default.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2021-26855, CVE-2021-27065
MD5 | d511d66b8660f85c046673fef91f3912
Microsoft Exchange 2019 SSRF / Arbitrary File Write
Posted Mar 18, 2021
Authored by F5

Microsoft Exchange 2019 proxylogon server-side request forgery to arbitrary file write exploit.

tags | exploit, arbitrary
advisories | CVE-2021-26855
MD5 | ec843f586f42e185be744d8b9e3a143b
Microsoft Exchange Proxylogon SSRF Proof Of Concept
Posted Mar 11, 2021
Authored by testanull

Microsoft Exchange Proxylogon server-side request forgery proof of concept exploit.

tags | exploit, proof of concept
MD5 | 602d12082ef6340aa066d0164fc2efb7
Microsoft Exchange Server msExchEcpCanary CSRF / Privilege Escalation
Posted Feb 24, 2021
Authored by Source Incite | Site github.com

Microsoft Exchange Server has a flaw that exists within the HasValidCanary function inside of the Canary15 class. The issue results in an insecure generation of cross site request forgery tokens that can be used to install an office-addins. An attacker can leverage this vulnerability to escalate privileges to an administrative account.

tags | exploit, csrf
advisories | CVE-2021-24085
MD5 | 81b28382748f4fe34c5a25dbf5cda8e9
Red Hat Security Advisory 2020-4649-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4649-01 - Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was originally developed as a back end for the Evolution information management application, but is now used by various other applications. OpenChange provides libraries to access Microsoft Exchange servers using native protocols.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-14928
MD5 | 005c9d52566781b3efa8ee761a8dc39e
Spraying OWA And Abusing MSSQL
Posted Sep 30, 2020
Authored by Haboob Team

Whitepaper that goes over a full attack scenario by getting a foothold through Microsoft Exchange OWA Portal to discover and abuse MSSQL.

tags | paper
MD5 | f741488af943c9146c71ec2735f7f3c3
Exchange Control Panel Viewstate Deserialization
Posted Mar 4, 2020
Authored by Spencer McIntyre | Site metasploit.com

This Metasploit module exploits a .NET serialization vulnerability in the Exchange Control Panel (ECP) web page. The vulnerability is due to Microsoft Exchange Server not randomizing the keys on a per-installation basis resulting in them using the same validationKey and decryptionKey values. With knowledge of these, values an attacker can craft a special viewstate to cause an OS command to be executed by NT_AUTHORITY\SYSTEM using .NET deserialization.

tags | exploit, web
advisories | CVE-2020-0688
MD5 | ed889ec6ff5a153c3263e25acbc08820
Microsoft Exchange 2019 15.2.221.12 Remote Code Execution
Posted Mar 2, 2020
Authored by Photubias

Microsoft Exchange 2019 version 15.2.221.12 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-0688
MD5 | b2b86272dc81d9cb5dc7d3f7fcf5da05
Microsoft Exchange Server External Service Interaction
Posted Dec 27, 2019
Authored by Alphan Yavas

Microsoft Exchange Server 2013 CU22 and previous versions suffer from an external service interaction issue.

tags | exploit
MD5 | 8b6b75c1071aeb64e415465050e92e5f
Microsoft Exchange 2003 base64-MIME Remote Code Execution
Posted Jul 5, 2019
Authored by Charles Truscott

Microsoft Exchange 2003 base64-MIME remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2007-0213
MD5 | 18ac679aa8d4e71a343e47f9752ef045
Rollup 18 For Microsoft Exchange Server 2010 SP3 Server-Side Request Forgery
Posted Sep 18, 2018
Authored by Alphan Yavas

Rollup 18 for Microsoft Exchange Server 2010 SP3 suffers from a server-side request forgery vulnerability.

tags | advisory
advisories | CVE-2018-16793
MD5 | de9cfc08b86ceb9f798df8ea03404c6d
Microsoft Exchange Open Redirect
Posted Mar 28, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Exchange suffers from an open redirect vulnerability.

tags | exploit
advisories | CVE-2016-3378
MD5 | 50d79a092d794c779a0fa7f12fdb4853
Sophos Mobile Control 3.5.0.3 Open Reverse Proxy
Posted Aug 5, 2016
Authored by Tim Kretschmann

Sophos EAS Proxy is part of the Enterprise Mobility Management (EMM) platform Sophos Mobile Control, which allows control of mail access for managed mobile devices. Anonymous attackers can access any web-resources of the backend mail system like Microsoft Exchange or IBM Domino, if Lotus Traveler option is enabled. Brute force attacks against users in the backend mail system are also possible. Version 3.5.0.3 is affected.

tags | exploit, web
advisories | CVE-2016-6597
MD5 | 24977ef9b66d45a0e285add435dd4ef1
Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure
Posted Sep 29, 2014
Authored by Nate Power | Site metasploit.com

This Metasploit module tests vulnerable IIS HTTP header file paths on Microsoft Exchange OWA 2003, CAS 2007, 2010, 2013 servers.

tags | exploit, web, info disclosure
MD5 | eafa43771f313779174c92917d0efc66
CAS Autodiscover Enumeration
Posted Aug 3, 2014
Authored by Nathan Power

The Microsoft Exchange Client Access Server (CAS) that services Autodiscover has been found vulnerable to an information disclosure. It has been discovered that a standard domain user without Exchange permissions can enumerate Autodiscover configuration files of Exchange users by an XML SOAP parameter injection.

tags | exploit, info disclosure
MD5 | 4e25fef3c4f61218c80249157de91d17
Microsoft Exchange Internal IP Disclosure
Posted Aug 3, 2014
Authored by Nathan Power

Multiple issues have been discovered that makes it possible to disclose internal IP addresses of remote Microsoft Exchange environments.

tags | exploit, remote
MD5 | e0dfb9a016b5b66263863825c75e4206
Red Hat Security Advisory 2013-1540-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1540-02 - Evolution is the integrated collection of email, calendaring, contact management, communications, and personal information management tools for the GNOME desktop environment. A flaw was found in the way Evolution selected GnuPG public keys when encrypting emails. This could result in emails being encrypted with public keys other than the one belonging to the intended recipient. The Evolution packages have been upgraded to upstream version 2.32.3, which provides a number of bug fixes and enhancements over the previous version. These changes include implementation of Gnome XDG Config Folders, and support for Exchange Web Services protocol to connect to Microsoft Exchange servers. EWS support has been added as a part of the evolution-exchange packages.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2013-4166
MD5 | b413381d165bf565fbe1231558293b89
Red Hat Security Advisory 2013-0515-02
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0515-02 - The openchange packages provide libraries to access Microsoft Exchange servers using native protocols. Evolution-MAPI uses these libraries to integrate the Evolution PIM application with Microsoft Exchange servers. A flaw was found in the Samba suite's Perl-based DCE/RPC IDL compiler. As OpenChange uses code generated by PIDL, this could have resulted in buffer overflows in the way OpenChange handles RPC calls. With this update, the code has been generated with an updated version of PIDL to correct this issue. The openchange packages have been upgraded to upstream version 1.0, which provides a number of bug fixes and enhancements over the previous version, including support for the rebased samba4 packages and several API changes.

tags | advisory, overflow, perl, protocol
systems | linux, redhat
advisories | CVE-2012-1182
MD5 | 19b81dcf2649f00ebc22208a2fd104f0
Secunia Security Advisory 52133
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Microsoft has acknowledged multiple vulnerabilities in Microsoft Exchange Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | a73fddee425c0bc808b263ef6c3e7782
Secunia Security Advisory 51474
Posted Dec 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Exchange Server, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 1b83b1a7143d1ee3e819ab32be42d51c
Secunia Security Advisory 50275
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in McAfee Security for Microsoft SharePoint and McAfee Security for Microsoft Exchange, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 59f864372e600aca224258f59901094a
Secunia Security Advisory 50019
Posted Jul 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Microsoft has acknowledged multiple vulnerabilities in Microsoft Exchange Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | edbff8302a74fcd4403e975d22a8dfc3
Secunia Security Advisory 42633
Posted Dec 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Exchange Server, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 767657aff12d6979d6e19443d0b362c1
Page 1 of 3
Back123Next

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    23 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    13 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close