91 matches found
Zimbra 8.8.11 - XML External Entity Injection Server-Side Request Forgery
Zimbra 8.8.11 - XML External Entity Injection Server-Side Request Forgery coding=utf8 import requests import sys from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disablewarningsInsecureRequestWarning baseurl=sys.argv1 baseurl=baseurl.rstrip"/" uplo...
CVE-2019-9670
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection XXE vulnerability, as demonstrated by Autodiscover/Autodiscover.xml...
Xxe
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection XXE vulnerability, as demonstrated by Autodiscover/Autodiscover.xml...
PT-2019-6062 · Zimbra · Zimbra Collaboration Suite
Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration Suite versions 8.7.x through 8.7.11p9 Description: The issue is related to an XML External Entity injection XXE vulnerability in the mailboxd component of the Zimbra Collaboration Suite, specifically affecting the...
Zimbra Collaboration Suite Autodiscover XXE
Zimbra’s handling of Autodiscover requests is vulnerable to XML external entity attacks, which could allow file contents to be retrieved from the remote system. Recent assessments: jrobles-r7 at May 09, 2019 5:57pm UTC reported: Details According to the blog post A Saga of Code Executions on Zimb...
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zimbra Collaboration Autodiscover Servlet XXE and ProxyServlet SSRF', 'Description' = %q This module exploits an XML external entity vulnerabilit...
Zimbra Collaboration Autodiscover Servlet XXE / ProxyServlet SSRF
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zimbra Collaboration Autodiscover Servlet XXE and ProxyServlet SSRF', 'Description' = %q This module exploits an XML external entity vulnerabilit...
Zimbra Collaboration Autodiscover Servlet XXE and ProxyServlet SSRF
This module exploits an XML external entity vulnerability and a server side request forgery to get unauthenticated code execution on Zimbra Collaboration Suite. The XML external entity vulnerability in the Autodiscover Servlet is used to read a Zimbra configuration file that contains an LDAP...
Nagios XI elevation of privilege vulnerability (CNVD-2018-23141)
Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. An elevation of privilege vulnerability exists in Nagios XI 5.5.6. A locally authenticated attacker can exploit this vulnerability to...
CVE-2018-15710
Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodiscovernew.php...
April 23, 2018—KB4093105 (OS Build 16299.402)
April 23, 2018—KB4093105 OS Build 16299.402 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that causes modern applications to reappear after upgrading the OS version ev...
May 17, 2018—KB4103722 (OS Build 15063.1112)
May 17, 2018—KB4103722 OS Build 15063.1112 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses additional issues with updated time zone information. Addresses an issue that causes...
Mail.ru: blind XXE in autodiscover parser
Как воспроизвести: 1 Закинуть на сервер атакующего xml должен быть доступен на сервере атакующего по адресу /autodiscover/autodiscover.xml: Я сделал такой ответ при запросе любой xml'ки: obmhld.com/autodiscover/autodiscover.xml email settings SMTP 52.34.103.214 1191 off [email protected] yandex....
The vulnerability of the Exchange ActiveSync component of the iOS operating system allows a hacker to delete data from the device.
The vulnerability of the Exchange ActiveSync component of the iOS operating system is related to improper handling of permissions during account setup. Exploiting this vulnerability allows a malicious actor to delete data from the device during account setup, by capturing the open AutoDiscover V1...
CVE-2017-7088
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange accoun...
CVE-2017-7088
The CVE-2017-7088 entry affects iOS prior to 11 in the Exchange ActiveSync (EAS) AutoDiscover V1 workflow. Root cause: a vulnerability allowing an attacker who can observe the AutoDiscover V1 session to hijack a cleartext exchange during Exchange account setup, enabling the attacker to erase the ...
Apple iOS Exchange ActiveSync Authentication Vulnerability
Apple iOS is an operating system developed by Apple for mobile devices.Exchange ActiveSync is one of the Microsoft Exchange synchronization protocols. A security vulnerability exists in the Exchange ActiveSync component in versions of Apple iOS prior to 11. A remote attacker can exploit this...
Description of the security update for Outlook 2013: June 13, 2017
Description of the security update for Outlook 2013: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...
Description of the security update for Outlook 2016: June 13, 2017
Description of the security update for Outlook 2016: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...
Ruler - A Tool To Abuse Exchange Services
Ruler is a tool that allows you to interact with Exchange servers through the MAPI/HTTP protocol. The main aim is abuse the client-side Outlook mail rules as described in: Silentbreak blog Silentbreak did a great job with this attack and it has served us well. The only downside has been that it...