1396 matches found
Kolibri <= 2.0 - HTTP Server HEAD Buffer Overflow
No description provided by source. $Id: kolibrihttp.rb 10887 2011-08-03 12:19:19Z mrme $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
SAP Management Console OSExecute Payload Execution
No description provided by source. $Id: sapmgmtconosexecpayload.rb 14048 2011-10-24 16:42:07Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
MD5 Message Digest Algorithm Hash Collision Weakness
No description provided by source. source: http://www.securityfocus.com/bid/11849/info The MD5 algorithm is reported prone to a hash collision weakness. This weakness reportedly allows attackers to create multiple, differing input sources that, when the MD5 algorithm is used, result in the same...
HP System Management Anonymous Access Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow
No description provided by source. $Id: hpnnmgetnnmdatahostname.rb 12131 2011-03-25 00:46:59Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and ter...
HP Data Protector Cell Request Service Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
ZKSoftware Biometric Attendence Managnmnet Hardware[MIPS] 2 - Improper Authentication
No description provided by source. Exploit Title: ZKSoftware Biometric Attendence managnmnet HardwareMIPS Improper Authentication. Date: 20-3-2010 Author: FB1H2S Software Link: http://www.esslindia.com/install/eTimeTrack.zip Version: V2 Tested on: category: Remote Code : Advisory ZKSoftware...
Samsung Eyeing Iris Recognition for New Phones
Samsung announced this week that in order to bolster security, it plans to incorporate biometric sensors such as eye scanners into more of its products – even its low-end devices – in the near future. The move would bring an added layer of security to its devices and could wind up tying into in t...
Like Apple's TouchID, Galaxy S5 Vulnerable to Fingerprint Hack
Researchers published a video this week demonstrating how Samsung’s latest entry in the smartphone arena, the Galaxy S5, is vulnerable to a hack that involves lifting and copying fingerprints to trick the phone’s biometric sensor. Much like the Apple iPhone 5S, the smartphone, which first hit the...
Samsung Galaxy S5 Fingerprint Scanner Easily Get Hacked
Samsung Galaxy S5 Fingerprint feature promises an extra layer of security for your smartphone, which also lets you make payments through PayPal. But does it really secure? Just three days after the launch of the Galaxy S5, Security researchers have successfully managed to hack Galaxy S5 Fingerpri...
HP Data Protector Backup Client Service Remote Code Execution Exploit
Exploit for windows platform in category remote exploits require 'msf/core' class Metasploit3 'HP Data Protector Backup Client Service Remote Code Execution', 'Description' = %q This module abuses the Backup Client Service OmniInet.exe to achieve remote code execution. The vulnerability exists in...
Certificates are not checked with a Default installation of StrTreeWin
Message during HG checkin: warning: bitbucket.org certificate with fingerprint 24:9c:45:8b:9c:aa:ba:55:4e:01:6d:58:ff:e4:28:7d:2a:14:ae:3b not verified check hostfingerprints or web.cacerts config setting This is a default install, and such an install should have security configured correctly out...
Confirmed: Samsung Galaxy S5 has a Fingerprint Scanner
After the huge success of Samsung galaxy S3, Samsung Galaxy S4 and Samsung Tablets, the world’s most successful Android manufacturer is going to reveal its brand new Smartphone Samsung Galaxy S5 next week at Mobile World. Early in 2014, rumors suggested that Samsung Galaxy S5 will have Fingerprin...
Apache Tomcat Manager Code Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 /Apache.Coyote|Tomcat/ CSRFVAR = 'CSRFNONCE=' include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE def initializeinfo =...
[SSL Audit] Remotely scans web servers for SSL support
SSL Audit remotely scans web servers for SSL support, unlike other tools it is not limited to ciphers supported by SSL engines such as OpenSSL or NSS but can detect all known cipher suites. It features an innovative Fingerprinting engine that was never seen before. Fingerprint mode Experimental...
HP SiteScope issueSiebelCmd Remote Code Execution
This module exploits a code execution flaw in HP SiteScope. The vulnerability exists in the APISiteScopeImpl web service, specifically in the issueSiebelCmd method, which allows the user to execute arbitrary commands without authentication. This module has been tested successfully on HP SiteScope...
Hardcoded credentials
The RPM GPG key import and handling feature in libzypp 12.15.0 and earlier reports a different key fingerprint than the one used to sign a repository when multiple key blobs are used, which might allow remote attackers to trick users into believing that the repository was signed by a...
Tomcat Application Manager Login Utility
This module simply attempts to login to a Tomcat Application Manager instance using a specific user/pass. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require...
iPhone Fingerprint scanner hack allows attacker to hijack Apple ID using Flight Mode
A German security firm SRL claims a vulnerability in Touch ID Fingerprint Scanner and iCloud allows a hacker to access a locked device and potentially gain control over an owner's Apple ID. SRL points out that Airplane mode can be enabled on a stolen phone from the lockscreen, which turns off...
iPhone Fingerprint scanner hack allows attacker to hijack Apple ID using Flight Mode
A German security firm SRL claims a vulnerability in Touch ID Fingerprint Scanner and iCloud allows a hacker to access a locked device and potentially gain control over an owner’s Apple ID. SRL points out that Airplane mode can be enabled on a stolen phone from the lockscreen, which turns off...