Easy Chat Server User Registeration Buffer Overflow (SEH) Exploit

This Metasploit module exploits a buffer overflow during user registration in Easy Chat Server software. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Easy Chat Server User Registeration Buffe...

Sonicwall < 8.1.0.2-14sv - 'sitecustomization.cgi' Command Injection (Metasploit)

Exploit Title: Sonicwall importlogo/sitecustomization CGI Remote Command Injection Vulnerablity Date: 12/25/2016 Exploit Author: xort @ Critical Start Vendor Homepage: www.sonicwall.com Software Link: sonicwall.com/products/sra-virtual-appliance Version: 8.1.0.2-14sv Tested on: 8.1.0.2-14sv CVE :...

Virtuozzo 6 : java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc (VZLSA-2017-1109)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Symantec Messaging Gateway 10.6.2-7 - Remote Code Execution (Metasploit)

Symantec Messaging Gateway 10.6.2-7 - Remote Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Symantec Messaging Gateway Remote Code Execution", 'Description' = %q This...

Easy Chat Server User Registeration Buffer Overflow (SEH)

This module exploits a buffer overflow during user registration in Easy Chat Server software. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Easy Chat Server User Registeration Buffer Overflow...

EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2017-1098)

According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to...

Medium: java-1.7.0-openjdk

Issue Overview: An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges. CVE-2017-3511 It was found that the JAXP...

Riverbed SteelHead VCX File Read

This module exploits an authenticated arbitrary file read in the log module's filter engine. SteelHead VCX VCX255U version 9.6.0a was confirmed as vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

Dup Scout Enterprise 9.5.14 - GET Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Dup Scout Enterprise GET Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability ...

OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520)

It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with...

OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520)

It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with...

Crypttech CryptoLog - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Crypttech CryptoLog Remote Code Execution", 'Description' = %q This module exploits the sql injection and command injection vulnerability of...

EulerOS 2.0 SP1 : java-1.8.0-openjdk (EulerOS-SA-2017-1073)

According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to...

EulerOS 2.0 SP1 : httpd (EulerOS-SA-2016-1030)

According to the version of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts,...

Moderate: Red Hat Security Advisory: python27 security, bug fix, and enhancement update

Updated python27 packages are now available as a part of Red Hat Software Collections 2.4 for Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

python: failure to validate certificates in the HTTP client with TLS (PEP 476)

The Python standard library HTTP client modules such as httplib or urllib did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data...

WePresent WiPG-1000 - Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'WePresent WiPG-1000 Command Injection', 'Description' = %q This module exploits a command injection vulnerability in an...

OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520)

It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with...

OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520)

It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with...

Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20170421)

Security Fixes : - An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges. CVE-2017-3511 - It was found that the...