Important: Red Hat Security Advisory: Red Hat JBoss BRMS 5.3.1 update

Red Hat JBoss BRMS 5.3.1 roll up patch 2, which fixes multiple security issues and various bugs, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...

RFCode Reader Web Interface Login / Bruteforce Utility

This module simply attempts to login to a RFCode Reader web interface. Please note that by default there is no authentication. In such a case, password brute force will not be performed. If there is authentication configured, the module will attempt to find valid login credentials and capture...

SAP CTC Service Verb Tampering User Management

This module exploits an authentication bypass vulnerability in SAP NetWeaver CTC service. The service is vulnerable to verb tampering allowing for unauthorised OS user management. Information about resolution should be available at SAP notes 1589525 and 1624450 authentication required. This modul...

SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution

This module abuses the SAP NetWeaver SXPGCALLSYSTEM function, on the SAP SOAP RFC Service, to execute remote commands. This module needs SAP credentials with privileges to use the /sap/bc/soap/rfc in order to work. The module has been tested successfully on Windows 2008 64-bit and Linux 64-bit...

D-Link DSL 320B Password Extractor

This module exploits an authentication bypass vulnerability in D-Link DSL 320B 'D-Link DSL 320B Password Extractor', 'Description' = %q This module exploits an authentication bypass vulnerability in D-Link DSL 320B 'EDB', '25252' , 'OSVDB', '93013' , 'URL', 'http://www.s3cur1ty.de/m1adv2013-018' ...

phpMyAdmin - 'preg_replace' (Authenticated) Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'phpMyAdmin Authenticated Remote Code...

SAP ConfigServlet - Remote Payload Execution (Metasploit)

SAP ConfigServlet - Remote Payload Execution Metasploit require 'msf/core' class Metasploit3 'SAP ConfigServlet Remote Code Execution', 'Description' = %q This module allows remote code execution via operating system commands through the SAP ConfigServlet without any authentication. , 'Author' =...

Moderate: Red Hat Security Advisory: JBoss Web Framework Kit 2.2.0 update

JBoss Web Framework Kit 2.2.0, which fixes two security issues, various bugs, and adds enhancements is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

SAP ConfigServlet - OS Command Execution (Metasploit)

SAP ConfigServlet - OS Command Execution Metasploit require 'msf/core' class Metasploit3 'SAP ConfigServlet OS Command Execution', 'Description' = %q This module allows execution of operating system commands through the SAP ConfigServlet without any authentication. , 'Author' = 'Dmitry Chastuhin'...

SAP ConfigServlet OS Command Execution

Exploit for multiple platform in category remote exploits require 'msf/core' class Metasploit3 'SAP ConfigServlet OS command execution', 'Description' = %q This module allows execution of operating system commands through the SAP ConfigServlet without any authentication. , 'Author' = 'Dmitry...

STUNSHELL Web Shell Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'STUNSHELL Web Shell Remote Code...

STUNSHELL Web Shell Remote PHP Code Execution

This module exploits unauthenticated versions of the "STUNSHELL" web shell. This module works when safe mode is enabled on the web server. This shell is widely used in automated RFI payloads. This module requires Metasploit: https://metasploit.com/download Current source:...

Moderate: Red Hat Security Advisory: jakarta-commons-httpclient security update

An updated jakarta-commons-httpclient package for JBoss Enterprise Web Platform 5.2.0 which fixes one security issue is now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scori...

jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name

It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...

Moderate: Red Hat Security Advisory: jakarta-commons-httpclient security update

An update for JBoss Enterprise Web Platform 5.2.0 which fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

Moderate: Red Hat Security Advisory: jakarta-commons-httpclient security update

An updated jakarta-commons-httpclient package for JBoss Enterprise Application Platform 5.2.0 which fixes one security issue is now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerabili...

jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name

It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...

Moderate: Red Hat Security Advisory: jakarta-commons-httpclient security update

An update for JBoss Enterprise Application Platform 5.2.0 which fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...

Medium: jakarta-commons-httpclient

Issue Overview: The Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name CN or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate th...

SAP ICF /sap/public/info Service Sensitive Information Gathering

This module uses the /sap/public/info service within SAP Internet Communication Framework ICF to obtain the operating system version, SAP version, IP address and other information. This module requires Metasploit: https://metasploit.com/download Current source:...