Exploit the possiblities
Showing 101 - 125 of 952 RSS Feed

CGI Files

Apache / PHP Remote Command Execution
Posted Oct 29, 2013
Authored by noptrix | Site nullsecurity.net

Apache and PHP remote command execution exploit that leverages php5-cgi. Written in Python.

tags | exploit, remote, cgi, php, python
advisories | CVE-2012-1823
MD5 | 1b8cde875eff98bf11b70ba0d00606d8
ZeroShell Remote Code Execution
Posted Sep 25, 2013
Authored by Yann CAM | Site metasploit.com

This Metasploit module exploits a vulnerability found in ZeroShell 2.0 RC2 and lower. It will leverage an unauthenticated local file inclusion vulnerability in the "/cgi-bin/kerbynet" url. The file retrieved is "/var/register/system/ldap/rootpw". This file contains the admin password in cleartext. The password is used to login as the admin user. After the authentication process is complete it will use the RunScript action to execute the payload with root privileges.

tags | exploit, local, cgi, root, file inclusion
MD5 | 6aca173027c40771cf3490070e12b3b4
Raidsonic NAS Devices Unauthenticated Remote Command Execution
Posted Sep 23, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Different Raidsonic NAS devices are vulnerable to OS command injection via the web interface. The vulnerability exists in timeHandler.cgi, which is accessible without authentication. This Metasploit module has been tested with the versions IB-NAS5220 and IB-NAS4220. Since this module is adding a new user and modifying the inetd daemon configuration, this module is set to ManualRanking and could cause target instability.

tags | exploit, web, cgi
advisories | OSVDB-90221
MD5 | f3151dd2eca5d42b2a5b5d7426fb71ac
PHP-CGI Argument Injection
Posted Jun 26, 2013
Authored by infodox

Exploit for the PHP-CGI argument injection vulnerability disclosed in 2012. Has file uploading, inline shell spawning, and both python and perl reverse shell implementations using an earlier version of the "payload" library written for such exploits.

tags | exploit, shell, cgi, perl, php, python, file upload
systems | unix
advisories | CVE-2012-1823
MD5 | bbf30f73a92bfb0a1e522e790fabad73
GroundWork monarch_scan.cgi OS Command Injection
Posted Apr 24, 2013
Authored by Johannes Greil, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in GroundWork 6.7.0. This software is used for network, application and cloud monitoring. The vulnerability exists in the monarch_scan.cgi, where user controlled input is used in the perl qx function, which allows any remote authenticated attacker, whatever his privileges are, to inject system commands and gain arbitrary code execution. The module has been tested successfully on GroundWork 6.7.0-br287-gw1571 as distributed within the Ubuntu 10.04 based VM appliance.

tags | exploit, remote, arbitrary, cgi, perl, code execution
systems | linux, ubuntu
advisories | OSVDB-91051
MD5 | e0748ad1d02bbc1b0c70db9e441df0dc
Mandriva Linux Security Advisory 2013-129
Posted Apr 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-129 - Due to missing input validation, the Squid cachemgr.cgi tool in Squid before 3.1.22 and 3.2.4 is vulnerable to a denial of service attack when processing specially crafted requests. It was discovered that the patch for CVE-2012-5643 was incorrect. A remote attacker could exploit this flaw to perform a denial of service attack.

tags | advisory, remote, denial of service, cgi
systems | linux, mandriva
advisories | CVE-2012-5643, CVE-2013-0189
MD5 | 01e5a8dc97d4cdf9ad13c9f603f29a7d
Mandriva Linux Security Advisory 2013-105
Posted Apr 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-105 - The qmailscan plugin for Munin before 2.0 rc6 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names. Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin. munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command.

tags | advisory, remote, arbitrary, local, cgi, root
systems | linux, mandriva
advisories | CVE-2012-2103, CVE-2012-3512, CVE-2012-3513
MD5 | 8cad9d9ff54dabc5bccfb5eb75614ab3
Mandriva Linux Security Advisory 2013-062
Posted Apr 8, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-062 - Cross-site scripting vulnerability in RestoreFile.pm in BackupPC 3.1.0, 3.2.1, and possibly other earlier versions allows remote attackers to inject arbitrary web script or HTML via the share parameter in a RestoreFile action to index.cgi. Cross-site scripting vulnerability in View.pm in BackupPC 3.0.0, 3.1.0, 3.2.0, 3.2.1, and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the num parameter in a view action to index.cgi, related to the log file viewer. Also, This update package corrects/improves the definition of variables in config.pl, the configuration file of backuppc: the variables SshPath, SmbClientPath, NmbLookupPath, TarClientPath, TopDir. As a result, backuppc should now run with the default values installed by the Mageia package, modifications of config.pl should only be required for defining site-specific settings.

tags | advisory, remote, web, arbitrary, cgi, xss
systems | linux, mandriva
advisories | CVE-2011-5081, CVE-2011-4923
MD5 | 80f50aa836c57892215306fe5ebc0f53
Netgear DGN1000B setup.cgi Remote Command Execution
Posted Apr 4, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Some Netgear Routers are vulnerable to authenticated OS Command injection. The vulnerability exists in the web interface, specifically in the setup.cgi component, when handling the TimeToLive parameter. Default credentials are always a good starting point, admin/admin or admin/password could be a first try. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. A ping command against a controlled system could be used for testing purposes.

tags | exploit, web, cgi
advisories | OSVDB-89985
MD5 | 3e4167b103c884e2c26e69b2aa04eb0d
Debian Security Advisory 2653-1
Posted Mar 26, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2653-1 - It was discovered that Icinga, a host and network monitoring system, contains several buffer overflows in the history.cgi CGI program.

tags | advisory, overflow, cgi
systems | linux, debian
advisories | CVE-2012-6096
MD5 | a200fbcfd5cb7a54e106d6c17b8cda8b
Mandriva Linux Security Advisory 2013-028
Posted Mar 19, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-028 - Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long host_name variable svc_description variable. The updated packages have been patched to correct this issue.

tags | advisory, remote, overflow, arbitrary, cgi
systems | linux, mandriva
advisories | CVE-2012-6096
MD5 | 4f519e37ebeacbf841da154d997df39c
Debian Security Advisory 2631-1
Posted Feb 25, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2631-1 - Squid3, a fully featured Web proxy cache, is prone to a denial of service attack due to memory consumption caused by memory leaks in cachemgr.cgi.

tags | advisory, web, denial of service, cgi, memory leak
systems | linux, debian
advisories | CVE-2012-5643, CVE-2013-0189
MD5 | df10306a30bcb3a990ed2d91b55b6afe
Red Hat Security Advisory 2013-0505-02
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0505-02 - Squid is a high-performance proxy caching server for web clients that supports FTP, Gopher, and HTTP data objects. A denial of service flaw was found in the way the Squid Cache Manager processed certain requests. A remote attacker who is able to access the Cache Manager CGI could use this flaw to cause Squid to consume an excessive amount of memory. Due to a bug in the ConnStateData::noteMoreBodySpaceAvailable() function, child processes of Squid terminated upon encountering a failed assertion. An upstream patch has been provided and Squid child processes no longer terminate.

tags | advisory, remote, web, denial of service, cgi
systems | linux, redhat
advisories | CVE-2012-5643
MD5 | 48535f60384eab3607301f72f54f9ba5
Mandriva Linux Security Advisory 2013-013
Posted Feb 20, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-013 - Multiple vulnerabilities has been found and corrected in Squid. Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via long POST requests, or crafted authentication credentials. cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service via a crafted request. NOTE: this issue is due to an incorrect fix for possibly involving an incorrect order of arguments or incorrect comparison. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, cgi, vulnerability, memory leak
systems | linux, mandriva
advisories | CVE-2012-5643, CVE-2013-0189
MD5 | 9f86798b70ae1edecb246a190dcbbeb8
Debian Security Advisory 2616-1
Posted Feb 4, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2616-1 - A buffer overflow problem has been found in nagios3, a host/service/network monitoring and management system. A malicious client could craft a request to history.cgi and cause application crashes.

tags | advisory, overflow, cgi
systems | linux, debian
advisories | CVE-2012-6096
MD5 | c646c02dcf56b73cd39bd238352b62b7
Ubuntu Security Notice USN-1713-1
Posted Jan 31, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1713-1 - It was discovered that squid's cachemgr.cgi was vulnerable to excessive resource use. A remote attacker could exploit this flaw to perform a denial of service attack on the server and other hosted services. It was discovered that the patch for CVE-2012-5643 was incorrect. A remote attacker could exploit this flaw to perform a denial of service attack.

tags | advisory, remote, denial of service, cgi
systems | linux, ubuntu
advisories | CVE-2012-5643, CVE-2013-0189, CVE-2012-5643, CVE-2013-0189
MD5 | 58b069f12dab8e67f0c2d6a0e5ef412e
Secunia Security Advisory 52024
Posted Jan 31, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for squid-cgi. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service, cgi
systems | linux, ubuntu
MD5 | 3c49d9cc5f5f01f54190a5211fbf8070
Distributed Access Control System 1.4.28a
Posted Jan 30, 2013
Site dacs.dss.ca

DACS is a light-weight single sign-on and role-based access control system providing flexible, modular authentication methods and powerful, transparent rule-based authorization checking for Web services, CGI programs, or virtually any program.

Changes: This release improves support for Apache 2.4, corrects many problems with dacs.quick(7), and fixes a variety of minor bugs.
tags | tool, web, cgi
systems | linux, unix
MD5 | 4d2308592bf0e96247de8624ff8f2a47
Movable Type 4.2x / 4.3x Web Upgrade Remote Code Execution
Posted Jan 25, 2013
Authored by Gary O'Leary-Steele, Nick Blundell, Kacper Nowak | Site metasploit.com

This Metasploit module can be used to execute a payload on MoveableType (MT) that exposes a CGI script, mt-upgrade.cgi (usually at /mt/mt-upgrade.cgi), that is used during installation and updating of the platform. This allows for code injection.

tags | exploit, cgi
advisories | CVE-2012-6315, CVE-2013-0209
MD5 | c41c453aaf7b8b6c299726ebe11660bc
Debian Security Advisory 2611-1
Posted Jan 23, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2611-1 - An input sanitation problem has been found in upgrade functions of movabletype-opensource, a web-based publishing platform. Using carefully crafted requests to the mt-upgrade.cgi file, it would be possible to inject OS command and SQL queries.

tags | advisory, web, cgi
systems | linux, debian
advisories | CVE-2013-0209
MD5 | 5bdcb5384f129f508b737204fd09bdd3
Nagios3 history.cgi Host Command Execution
Posted Jan 17, 2013
Authored by Blasty, temp66, Jose Selvi | Site metasploit.com

This Metasploit module abuses a command injection vulnerability in the Nagios3 history.cgi script.

tags | exploit, cgi
advisories | CVE-2012-6096, OSVDB-88322
MD5 | 04213b4213cc880905bf2de8beb622c7
Nagios 3.x Remote Command Execution
Posted Jan 15, 2013
Authored by Blasty

Nagios version 3.x suffers from a remote command execution vulnerability in history.cgi.

tags | exploit, remote, cgi
advisories | CVE-2012-6096
MD5 | f306d0ac336ba440f38dc661546bb7f4
PHP-CGI Argument Injection Remote Code Execution
Posted Dec 24, 2012
Authored by infodox

This exploits abuses an argument injection in the PHP-CGI wrapper to execute code as the PHP user/webserver user.

tags | exploit, cgi, php
advisories | CVE-2012-1823
MD5 | 498b1c71a555066db170ac77493f1e02
Mandriva Linux Security Advisory 2012-180
Posted Dec 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-180 - CGI.pm module before 3.63 for Perl does not properly escape newlines in P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm. The updated packages have been patched to correct this issue.

tags | advisory, remote, arbitrary, cgi, perl
systems | linux, mandriva
advisories | CVE-2012-5526
MD5 | 0800befe8ecefe08400d130dc50902d0
Debian Security Advisory 2587-1
Posted Dec 12, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2587-1 - It was discovered that the CGI module for Perl does not filter LF characters in the Set-Cookie and P3P headers, potentially allowing attackers to inject HTTP headers.

tags | advisory, web, cgi, perl
systems | linux, debian
advisories | CVE-2012-5526
MD5 | 14bca413dd84ed9ebb3f5d4e84663066
Page 5 of 39
Back34567Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close