ActualAnalyzer Cookie Command Execution Vulnerability

This Metasploit module exploits a command execution vulnerability in ActualAnalyzer version 2.81 and prior. The 'aa.php' file allows unauthenticated users to execute arbitrary commands in the 'ant' cookie. This module requires Metasploit: http://metasploit.com/download Current source:...

Device42 WAN Emulator 2.3 - Ping Command Injection (Metasploit)

Device42 WAN Emulator 2.3 - Ping Command Injection Metasploit This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'WAN Emulator v2.3 Command Execution', 'Description' = %q , 'License' =...

Device42 Traceroute Command Injection

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'WAN Emulator v2.3 Command Execution', 'Description' = %q , 'License' = MSFLICENSE, 'Privileged' = true, 'Platform' = 'unix', 'Arch' =...

Device42 Ping Command Injection

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'WAN Emulator v2.3 Command Execution', 'Description' = %q , 'License' = MSFLICENSE, 'Privileged' = true, 'Platform' = 'unix', 'Arch' =...

i-FTP 2.20 - Buffer Overflow SEH Exploit

No description provided by source. !/usr/bin/python Exploit Title:i-FTP Buffer Overflow SEH Homepage:http://www.memecode.com/iftp.php Software Link:www.memecode.com/data/iftp-win32-v220.exe Version:i.Ftp v2.20 Win32 Release Vulnerability discovered:26.10.2014 Description:Simple portable cross...

Citrix NetScaler SOAP Handler Remote Code Execution

No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::HttpClient include...

[SECURITY] Fedora 21 Update: rubygem-httpclient-2.4.0-2.fc21

an interface to HTTP Client for the ruby language...

[SECURITY] Fedora 20 Update: rubygem-httpclient-2.4.0-2.fc20

an interface to HTTP Client for the ruby language...

[SECURITY] Fedora 19 Update: rubygem-httpclient-2.4.0-2.fc19

an interface to HTTP Client for the ruby language...

Western Digital MyBook Live Login Utility

This module simply attempts to login to a Western Digital MyBook Live instance using a specific user/pass. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require...

Rejetto HttpFileServer Remote Command Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Rejetto HttpFileServer Remote Command Execution", 'Description' = %q Rejetto HttpFileServer HFS is vulnerable to remote command...

Wing FTP Server Authenticated Command Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote include Msf::Exploit::CmdStager include Msf::Exploit::Remote::HttpClient def...

UBUNTU-CVE-2012-6153

http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via...

[SECURITY] Fedora 20 Update: jakarta-commons-httpclient-3.1-15.fc20

The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...

[SECURITY] Fedora 19 Update: jakarta-commons-httpclient-3.1-15.fc19

The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of...

Apple TV Image Remote Control

This module will show an image on an AppleTV device for a period of time. Some AppleTV devices are actually password-protected, in that case please set the PASSWORD datastore option. For password brute forcing, please see the module auxiliary/scanner/http/appletvlogin. This module requires...

[SECURITY] Fedora 20 Update: libserf-1.3.7-1.fc20

The serf library is a C-based HTTP client library built upon the Apache Portable Runtime APR library. It multiplexes connections, running the read/write communication asynchronously. Memory copies and transformations are kept to a minimum to provide high performance operation...

Wordpress xmlrpc. php brute force vulnerability-a vulnerability warning-the black bar safety net

wordpress is very popular open source blog, which provides remote POST method is used with pathxmlrpc.phpthis file recently broke xmlrpc vulnerability, the vulnerability principle is through the xmlrpc authentication, even when authentication fails, it will not be Wordpress to install the securit...

[SECURITY] Fedora 20 Update: erlang-ibrowse-4.0.1-1.fc20

Erlang HTTP client...

[SECURITY] Fedora 19 Update: erlang-ibrowse-4.0.1-1.fc19

Erlang HTTP client...