Remote Command Injection in Ruby Gem sfpagent 0.4.14

Title: Remote Command Injection in Ruby Gem sfpagent 0.4.14 Date: 4/15/2014 Author: Larry W. Cashdollar, @larry0 CVE: 2014-2888 Download: http://rubygems.org/gems/sfpagent Vulnerability The list variable generated from the user supplied JSONbody input is passed directly to the system shell on lin...

Ruby Gem sfpagent 0.4.14 Command Injection Vulnerability

Ruby Gem sfpagent version 0.4.14 suffers from a remote command injection vulnerability. Title: Remote Command Injection in Ruby Gem sfpagent 0.4.14 Date: 4/15/2014 Author: Larry W. Cashdollar, @larry0 CVE: 2014-2888 Download: http://rubygems.org/gems/sfpagent Vulnerability The list variable...

Default Password (ironport) for 'admin' Account

The account 'admin' on the remote host has the password 'ironport'. An attacker may leverage this issue to gain access to the affected system and launch further attacks against it. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "admin"; password = "ironport";...

Quantum DXi V1000 2.2.1 - Static SSH Key

Quantum DXi® V-Series is a virtual deduplication backup appliance that protects physical and virtual data across remote sites, the datacenter and cloud deployments. Details: ---------- 0x01 - Default root user The root user has a hardcoded password that is unknown and not changeable. Normally...

Vtiger CRM 5.4.0, 6.0 RC, 6.0.0 GA - Local File Inclusion Vulnerability

Vtiger CRM versions 5.4.0, 6.0 RC, and 6.0.0 GA suffer from a local file inclusion vulnerability. CVE: CVE-2014-1222 Vendor: Vtiger Product: CRM Affected version: Vtiger 5.4.0, 6.0 RC & 6.0.0 GA Fixed version: Vtiger 6.0.0 Security patch 1 Reported by: Jerzy Kramarz Details: A local file inclusio...

Updated polarssl, pdns & ragel packages fix CVE-2013-5915

Updated polarssl packages fix security vulnerability: The researchers Cyril Arnaud and Pierre-Alain Fouque investigated the PolarSSL RSA implementation and discovered a bias in the implementation of the Montgomery multiplication that we used. For which they then show that it can be used to mount ...

Persistent Payload in Windows Volume Shadow Copy

This module will attempt to create a persistent payload in a new volume shadow copy. This is based on the VSSOwn Script originally posted by Tim Tomes and Mark Baggett. This module has been tested successfully on Windows 7. In order to achieve persistence through the RUNKEY option, the user shoul...

FreeBSD : polarssl -- Timing attack against protected RSA-CRT implementation (ccefac3e-2aed-11e3-af10-000c29789cb5)

PolarSSL Project reports : The researchers Cyril Arnaud and Pierre-Alain Fouque investigated the PolarSSL RSA implementation and discovered a bias in the implementation of the Montgomery multiplication that we used. For which they then show that it can be used to mount an attack on the RSA key...

polarssl -- Timing attack against protected RSA-CRT implementation

PolarSSL Project reports: The researchers Cyril Arnaud and Pierre-Alain Fouque investigated the PolarSSL RSA implementation and discovered a bias in the implementation of the Montgomery multiplication that we used. For which they then show that it can be used to mount an attack on the RSA key...

Default Password (nsroot) for 'nsroot' Account

The account 'nsroot' on the remote host has the password 'nsroot'. An attacker may leverage this issue to gain administrative access to the affected system. Note that Citrix NetScaler appliances are known to use these credentials to provide complete, administrative access to the Citrix NetScaler...

[Hidden CMD Detector] Discover Hidden Command prompts

Hidden CMD Detector is the free tool to discover Hidden Command prompts and detect any Hacker presence on your system. The first thing any Hacker does on getting access to remote system is to run a hidden Command shell. This tool can help you to automatically detect any such hidden cmd prompts an...

Default Password (abc123) for 'root' Account

The account 'root' on the remote host has the password 'abc123'. An attacker may leverage this issue to gain full access to the affected system. Note that Junos Space is known to use these credentials by default. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "root"; password =...

Kaspersky Internet Security 2013 - Denial of Service

I usually do not write security advisories unless absolutely necessary. This time I should, however I have neither the time, nor the desire to do so. But Kaspersky did not react, so ... quick and dirty: Kaspersky Internet Security 2013 and any other Kaspersky product which includes the firewall...

Kaspersky Internet Security 2013 - Denial Of Service Vulnerability

Exploit for windows platform in category dos / poc I usually do not write security advisories unless absolutely necessary. This time I should, however I have neither the time, nor the desire to do so. But Kaspersky did not react, so ... quick and dirty: Kaspersky Internet Security 2013 and any...

Kaspersky Internet Security 2013 - Denial of Service

Kaspersky Internet Security 2013 - Denial of Service I usually do not write security advisories unless absolutely necessary. This time I should, however I have neither the time, nor the desire to do so. But Kaspersky did not react, so ... quick and dirty: Kaspersky Internet Security 2013 and any...

Kaspersky Internet Security 2013 Denial Of Service

I usually do not write security advisories unless absolutely necessary. This time I should, however I have neither the time, nor the desire to do so. But Kaspersky did not react, so ... quick and dirty: Kaspersky Internet Security 2013 and any other Kaspersky product which includes the firewall...

IBM System Director Remote System Level Exploit (CVE-2009-0880 extended zeroday)

IBM System Director Remote System Level Exploit CVE-2009-0880 extended zeroday Copyright C 2012 Kingcope IBM System Director has the port 6988 open. By using a special request to a vulnerable server, the attacker can force to load a dll remotely from a WebDAV share. The following exploit will loa...

MySQL - 'Stuxnet Technique' Windows Remote System

MySQL Scanner & MySQL Server for Windows Remote SYSTEM Level Exploit Version 1.0 By Kingcope In the Year of 2012 https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23083.zip use this on a fast scan server! How to use. pnscan: the file "accounts" holds the user/passwo...

MySQL - Stuxnet Technique Windows Remote System

MySQL - Stuxnet Technique Windows Remote System MySQL Scanner & MySQL Server for Windows Remote SYSTEM Level Exploit Version 1.0 By Kingcope In the Year of 2012 https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/23083.zip use this on a fast scan server! How to use...

ManageEngine Security Manager Plus 5.5 build 5505 - Remote Root/SYSTEM SQL Injection

!/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Security Manager Plus 0x90.nl Software link :...