KeyHelp ActiveX LaunchTriPane Remote Code Execution

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability

This module exploits a code execution vulnerability in the KeyScript ActiveX control from keyhelp.ocx. It is packaged in several products or GE, such as Proficy Historian 4.5, 4.0, 3.5, and 3.1, Proficy HMI/SCADA 5.1 and 5.0, Proficy Pulse 1.0, Proficy Batch Execution 5.6, and SI7 I/O Driver...

Default Password (user) for 'user' Account

The account 'user' on the remote host has the password 'user'. An attacker may use it to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "user"; password = "user"; include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Symantec Web Gateway 5.0.3.18 - Blind SQL Injection Backdoor via MySQL Triggers

Exploit Title: Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers Date: Jul 23 2012 Author: muts Version: Symantec Web Gateway 5.0.3.18 Vendor URL: http://www.symantec.com Timeline: 12 Jun 2012: Vulnerability reported to CERT 22 Jun 2012: Response received from CERT with...

SolarWinds Orion Network Performance Monitor 10.2.2 Multiple Vulnerabilities

Exploit for windows platform in category web applications / Exploit Title: SolarWinds Orion Network Performance Monitor 10.2.2 Multiple Vulnerabilities Date: Jul 21 2012 Author: muts Version: SolarWinds Orion Network Performance Monitor 10.2.2 Vendor URL: http://www.solarwinds.com/ Timeline: 29 M...

Magento eCommerce - Local File Disclosure

Magento eCommerce - Local File Disclosure SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local file disclosure via XXE injection product: Magento eCommerce Platform Enterprise & Community Edition vulnerable version:...

[waraxe-2012-SA#083] - Multiple Vulnerabilities in Uploadify 2.1.4

waraxe-2012-SA083 - Multiple Vulnerabilities in Uploadify 2.1.4 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-83.html Description of vulnerable software:...

Uploadify 2.1.4 Cross Site Scripting / Shell Upload

waraxe-2012-SA083 - Multiple Vulnerabilities in Uploadify 2.1.4 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-83.html Description of vulnerable software:...

Uploadify 3.0.0 File Existence Disclosure

waraxe-2012-SA082 - File Existence Disclosure in Uploadify 3.0.0 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-82.html Description of vulnerable software:...

win32/xp sp2 ARABIC (ar) mechanism shellcode + proxy 500 bytes

Title :windows xp sp2 arabic mechanism shellcode 128 bytes+proxy=500bytes Author :TrOoN E-mail : email protected | www.facebook.com/fysl.fyslm Home : city 617 logts : Draria . algeria Web Site : www.1337day.com | 1337Day is ThE best pentes Security platform : WinDows XP sp 2 AraBic | platform i...

broadcast-wake-on-lan NSE Script

Wakes a remote system up from sleep by sending a Wake-On-Lan packet. Script Arguments broadcast-wake-on-lan.address The broadcast address to which the WoL packet is sent. broadcast-wake-on-lan.MAC The MAC address of the remote system to wake up Example Usage nmap --script broadcast-wake-on-lan...

Windows Gather Physical Drives and Logical Volumes

This module will list physical drives and logical volumes This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework List physical drives and logical volumes on the remote system R. Wesley McGrew [email protected]...

Moderate: Red Hat Security Advisory: libvirt security and bug fix update

Updated libvirt packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM

IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM !/usr/bin/python tiv-sys.py IBM Tivoli Endpoint 4.1.1 Remote SYSTEM Exploit Jeremy Brown 0xjbrown41-gmail-com June 2011 Discovered by: Brian Adeloye of Tenable Network Security This exploit makes use of two vulnerabilities: 1 Base64 authentication...

IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM

!/usr/bin/python tiv-sys.py IBM Tivoli Endpoint 4.1.1 Remote SYSTEM Exploit Jeremy Brown 0xjbrown41-gmail-com June 2011 Discovered by: Brian Adeloye of Tenable Network Security This exploit makes use of two vulnerabilities: 1 Base64 authentication credentials hard-coded in lcfd.exe 2 Stack-based...

Nmap NSE net: irc-unrealircd-backdoor

Checks if an IRC server is backdoored by running a time-based command ping and checking how long it takes to respond. The 'irc-unrealircd-backdoor.command' script argument can be used to run an arbitrary command on the remote system. Because of the nature of this vulnerability the output is never...

AIX 610005 : U842519

The remote host is missing AIX PTF U842519 which is related to the security of the package bos.iconv.ucs.com.6.1 You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

AIX 710000 : U837279

The remote host is missing AIX PTF U837279 which is related to the security of the package devices.pci.14101b02.X11.7.1.0.15 You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

AIX 710000 : U837202

The remote host is missing AIX PTF U837202 which is related to the security of the package X11.motif.mwm.7.1.0.15 You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

FreeBSD : mupdf -- Remote System Access (53bde960-356b-11e0-8e81-0022190034c0)

Secunia reports : The vulnerability is caused due to an error within the 'closedctd' function in fitz/filtdctd.c when processing PDF files containing certain malformed JPEG images. This can be exploited to cause a stack corruption by e.g. tricking a user into opening a specially crafted PDF file...