Wipro Holmes Orchestrator version 20.4.1 unauthenticated log file disclosure exploit.
502d10437969505b9954475d260c67912ed441e4f7435ab422de904ab296060aWipro Holmes Orchestrator version 20.4.1 allows unauthenticated re-downloading of priorly exported reports in Excel.
be9d06f0cfdf4b2a5e3e1048b978ac6ba226c9ce6a52b1ce78d912d5e71b418eWipro Holmes Orchestrator version 20.4.1 unauthenticated arbitrary file reading proof of concept exploit.
aa43fdedfc7f5227a2a020d9bd25796fe6699fb9bbb47484e3814e5633c6039bThis Metasploit module exploit uses access to the UniversalOrchestrator ScheduleWork API call which does not verify the caller's token before scheduling a job to be run as SYSTEM. You cannot schedule something in a given time, so the payload will execute as system sometime in the next 24 hours.
3a60a69dcbeb7de997adcc7d739647b41b00df07ef99e3f346dd78c5b1f47616This Metasploit module exploits CVE-2020-0787, an arbitrary file move vulnerability in outdated versions of the Background Intelligent Transfer Service (BITS), to overwrite C:\Windows\System32\WindowsCoreDeviceInfo.dll with a malicious DLL containing the attacker's payload. To achieve code execution as the SYSTEM user, the Update Session Orchestrator service is then started, which will result in the malicious WindowsCoreDeviceInfo.dll being run with SYSTEM privileges due to a DLL hijacking issue within the Update Session Orchestrator Service. Note that presently this module only works on Windows 10 and Windows Server 2016 and later as the Update Session Orchestrator Service was only introduced in Windows 10. Note that only Windows 10 has been tested, so your mileage may vary on Windows Server 2016 and later.
881389db7516cd93002413a591d878987421d6e664f4be1ea349fe9d3d4000cfThis Metasploit module exploits two vulnerabilities to execute a command as an elevated user. The first (CVE-2019-1405) uses the UPnP Device Host Service to elevate to NT AUTHORITY\LOCAL SERVICE. The second (CVE-2019-1322) leverages the Update Orchestrator Service to elevate from NT AUTHORITY\LOCAL SERVICE to NT AUTHORITY\SYSTEM.
2b0831d90d0d3308c8fa7b290f260d2b523e84eb9e91f7f255d05dc7617c32f1McAfee ePolicy Owner (ePowner) version 0.1 is an exploit that can add an administrative user to McAfee ePolicy Orchestrator as well as execute arbitrary commands on versions 4.6.0 through 4.6.5.
0d651b0edd706e44bde243c2797b7f496490b9316136b12f61d3d2aa3d0e1523RedTeam Pentesting identified an XML external entity expansion vulnerability in McAfee ePolicy Orchestrator's (ePO) dashboard feature. Users with the ability to create new dashboards in the ePO web interface who exploit this vulnerability can read local files on the ePO server, including sensitive data like the ePO database configuration. Versions 4.6.7 and below are affected.
f7760236a00eacc72f537370300bd2e7c27f9ec542d2cb4813cf607dd4d9f889Secunia Security Advisory - A security issue has been reported in VMware vCenter Orchestrator, which can be exploited by malicious users to disclose sensitive information.
dd0162d140cd60d8295fd5d28504b49417df0299e97598ebe35778d0e6d23773VMware Security Advisory 2012-0005 - VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues
ccad2214677a724db3237cf961a90dec1de316a2a31f07ed2cbeab3610a575e0VMware Security Advisory 2011-0005 - A vulnerability in VMware vCenter Orchestrator(vCO) could allow remote execution.
3ca6a1a98436c002d49e384bd7ac183f99f4e5f750a733bc1a9762d4b4d6c4a2This is an exploit for the McAfee HTTP Server (NAISERV.exe). McAfee ePolicy Orchestrator 2.5.1 <= 3.5.0 and ProtectionPilot 1.1.0 are known to be vulnerable. By sending a large 'Source' header, the stack can be overwritten. This Metasploit module is based on the exploit by xbxice and muts. Due to size constraints, this module uses the Egghunter technique. You may wish to adjust WfsDelay appropriately.
4e64f2bde60479894b56b37f3ca9106dbfee008011c45a3a524a30225b19046bSecunia Security Advisory - Luigi Auriemma has discovered a vulnerability in McAfee ePolicy Orchestrator, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
4e894908292d14b0dfed530eb025e4500707c23818df9a784e51173a1b439711Secunia Security Advisory - Neel Mehta has reported some vulnerabilities in McAfee ePolicy Orchestrator and ProtectionPilot, which can be exploited by malicious people to compromise a vulnerable system.
f4ff7607f5458c8cdd56651e4bc60af46c0432c923ee08e8e210d42ac1a1d092Multiple remote buffer overflow vulnerabilities exist in the ActiveX Control named "SiteManager.Dll" of McAfee ePolicy Orchestrator. A remote attacker who successfully exploit these vulnerabilities can completely take control of the affected system. Affected software versions include McAfee ePolicy Orchestrator 3.6.1 and McAfee ePolicy Orchestrator 3.5 patch 6.
4b174ebb4697c892ceb808c2a52b50e9578cce6ea4f3cca20ebcac7ec23fc274Secunia Security Advisory - cocoruder has reported some vulnerabilities in McAfee ePolicy Orchestrator and ProtectionPilot, which can be exploited by malicious people to compromise a user's system.
9a168662553a70440061b47d1423645ca17206fef25fb00842067eb7050743feThis metasploit module is a stack overflow exploit for McAfee ePolicy Orchestrator 3.5.0 and ProtectionPilot 1.1.0. Tested on Windows 2000 SP4 and Windows 2003 SP1.
c5d4374afb7d02fcb71a301406cf46a7b08856e8634b8c4b455323de754bcf69McAfee ePolicy Orchestrator 3.5.0 contains a pre-authentication buffer overflow vulnerability in NAISERV.exe. Protection Pilot 1.1.0 uses the same HTTP server, and is also vulnerable.
b10041868084225e62f4a63f86c4fb4e2f49df32ae08ccc857170b2bfe9a4c39Secunia Security Advisory - A vulnerability has been reported in McAfee ProtectionPilot and McAfee ePolicy Orchestrator, which can be exploited by malicious people to compromise a vulnerable system.
76a3b1c0fb7394bb99925fc801b74006a109047a53512f4df30ca2207ae40a0bSecunia Security Advisory - eEye Digital Security has reported a vulnerability in McAfee ePolicy Orchestrator, which can be exploited by malicious people to compromise a vulnerable system.
6289d961168e518512b2cb6ef251ae5803ee05241c87716684df38959429b602Secunia Security Advisory - Reed Arvin has reported a security issue in ePolicy Orchestrator, which can be exploited by malicious, local users to gain escalated privileges.
3b66316a632e8bdf61878a0e0a4a1cf175f41ea73e435559982000313c0feba0A privilege escalation flaw exists in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3). Exploitation details provided.
4a189c2e780a80f5f87fb463cff8a682acc537284c383163a446215361fa9becAtstake Security Advisory A073103-1 - Three vulnerabilities exist in the McAfee Security ePolicy Orchestrator Server and Agent that allow an attacker to anonymously execute arbitrary code.
39c4da258d3c16be42e6d5d36b203ec57d8400c5e932a4dfde6e4c3688971f66
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed