Symantec Web Gateway Remote Shell Command Execution Vulnerability

Symantec Web Gateway is prone to a vulnerability that can allow an attacker to execute arbitrary commands. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion / Remote Command Execution

!/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a different LFI vulnerability. Timeline: 06 Jun 2012:...

ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting Blind SQL Injection Remote Code Execution

ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting Blind SQL Injection Remote Code Execution / Exploit Title: Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE Date: Jul 22 2012 Author: muts Version: Ipswitch WhatsUp Gold 15.02 Vendor URL: http://www.ipswitch.com/ An attacker c...

Symantec Web Gateway Management Console Remote Shell Command Execution (CVE-2012-0297)

A remote command execution vulnerability has been reported in Symantec Web Gateway. The vulnerability is due to improper input validation by the web server. A remote attacker can exploit this issue by sending a specially crafted HTTP request to the affected server. Successful exploitation could...

B2CPrint Remote Shell Upload

0101010101 010101010101010 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101010101 01 01 0101 010 01 01 0101 010 01 01 0101 010 01 01 0101 010 01 01 0101 010 0101010101 0101 010 + Exploit Title : B2CPrint Remote File Uploader Vulnerability ...

Agora-Project 2.12.11 - Arbitrary File Upload

Agora-Project 2.12.11 - Arbitrary File Upload Exploit Title: agora-project2.12.1112-2011 Remote Shell Upload Google Dork: n0 N0obs Date: 10/06/2012 Exploit Author: Misa3l Vendor Homepage: http://sourceforge.net/projects/agora-project/ Software Link:...

Cobbler xmlrpc API power_system Method Remote Shell Command Execution

According to its self-reported version, the Cobbler install on the remote host is affected by a command injection vulnerability that can be exploited by sending a specially crafted username or password argument to the 'powersystem' method. Successful exploitation requires an authenticated user an...

Researchers Find Methods for Bypassing Google's Bouncer Android Security

Google’s Android platform has become the most popular mobile operating system both among consumers and malware writers, and the company earlier this year introduced the Bouncer system to look for malicious apps in the Google Play market. Bouncer, which checks for malicious apps and known malware,...

Symantec Web Gateway Remote Shell Command Execution Vulnerability

Symantec Web Gateway is prone to a command execution vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

SolarWinds Storage Manager 5.1.0 - Remote SYSTEM SQL Injection

SolarWinds Storage Manager 5.1.0 - Remote SYSTEM SQL Injection !/usr/bin/python Exploit Title: Solarwinds Storage Manager 5.1.0 Remote SYSTEM SQL Injection Exploit Date: May 2nd 2012 Author: muts Version: SolarWinds Storage Manager 5.1.0 Tested on: Windows 2003 Archive Url :...

CVE-2012-1803

RuggedCom Rugged Operating System ROS 3.10.x and earlier has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a 1 TELNET, 2 remot...

FreePBX 2.10.0 Elastix 2.2.0 - Remote Code Execution

FreePBX 2.10.0 Elastix 2.2.0 - Remote Code Execution !/usr/bin/python Exploit Title: FreePBX / Elastix pre-authenticated remote code execution exploit Google Dork: oy vey Date: March 23rd, 2012 Author: muts Version: FreePBX 2.10.0/ 2.9.0, Elastix 2.2.0, possibly others. Tested on: multiple CVE :...

Zen Cart v.1.5.0 Remote Shell Upload

Exploit for php platform in category web applications Remote Shell Upload Vulnerability DaTe : 5.3.2012 Version : 1.5.0 Tested on: Linux " Ubuntu " , "win 7" Author : Mr.ExiT OrPh4n Email : email protected Site : sh4ck.com + v99x.com Dork : "Powered by Zen Cart" Software Link:...

Gaining a Remote Shell on Android

The security of Android devices has come under quite a lot of scrutiny in recent months, with researchers identifying various root exploits and permission leaks that could be exploited. In this video, researcher Thomas Cannon of ViaForensics demonstrates a method for setting up a remote shell on ...

eEye Retina audit script could execute untrusted programs as root

Overview eEye Retina audit scripts have the capability to run remote shell scripts in order to determine vulnerable applications. One audit script in particular audit ID 2499 uses find1 and execute -exec when assessing a vulnerability within Gauntlet Firewall. An attacker who can write an...

CoDeSyS-SCADA-Server

CoDeSyS SCADA Exploit. Vulnerability occurs while parsing long HTTP requests in webserver. import string, sys import socket, httplib import telnetlib Target = sys.argv1 Port = intsys.argv2 ShellcodeType = sys.argv3 def howtousage: print "Sorry, required arguments: Host Port" sys.exit-1 def run:...

Multi Manage System Remote TCP Shell Session

This module will create a Reverse TCP Shell on the target system using the system's own scripting environments installed on the target. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Multi...

KnFTP-Server

This exploit overwrite EIP and SEH is overwritten with larger payloads knftpd.exe is the only non safeseh module ToDo: Add remote shell ToDo: Test vulnerable targets...

Sagem Router Fast 3304 / 3464 / 3504 Telnet Bypass

!/home/bin/python Remote Exploit: SAGEM ROUTER FAST 3304/3464/3504 - Telnet Authentication bypass Date: 15-August-2011 Author: Elouafiq Ali Version: 3304-V1 / 3304-V2 / 3464 / 3504 Tested on: Linux Ubuntu 11.04, Linux Backtrack 5 Tested Router: SAGEM FAST 3304-V2 Tested on Resellers/ISPs: Wanadoo...

Sagem Router Fast 330434643504 - Telnet Authentication Bypass

Sagem Router Fast 330434643504 - Telnet Authentication Bypass !/home/bin/python Remote Exploit: SAGEM ROUTER FAST 3304/3464/3504 - Telnet Authentication bypass Date: 15-August-2011 Author: Elouafiq Ali Version: 3304-V1 / 3304-V2 / 3464 / 3504 Tested on: Linux Ubuntu 11.04, Linux Backtrack 5 Teste...