49 matches found
Zend Server Java Bridge - Arbitrary Java Code Execution (Metasploit)
$Id: zendjavabridge.rb 12242 2011-04-05 01:08:07Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Zend Server Java Bridge Arbitrary Java Code Execution
This module takes advantage of a trust relationship issue within the Zend Server Java Bridge. The Java Bridge is responsible for handling interactions between PHP and Java code within Zend Server. When Java code is encountered Zend Server communicates with the Java Bridge. The Java Bridge then...
Zend Server Java Bridge Design Flaw Remote Code Execution
This module abuses a flaw in the Zend Java Bridge Component of the Zend Server Framework. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. NOTE: This module has only been tested with the Win32 build of the software. This module requires Metasploit:...
Zend Java Bridge - Remote Code Execution (ZDI-11-113)
Exploit for multiple platform in category remote exploits / Zend Java Bridge v3.1 - Remote Code Execution ZDI-11-113 Copyright c 2010 Luca Carettoni ZJB.java v0.2 - 4 August 2010 Usage java -jar zjb.jar '' Default: 10001/tcp Version affected Zend Server v5.0.2, Zend Server Community Edition v5.0....
Zend Server Java Bridge "javamw.jar"服务远程代码执行漏洞
BUGTRAQ ID: 47060 Zend是一家PHP公司,成立于1999年,针对PHP的应用陆续发布了至关重要的PHP网络应用平台产品和服务。 Zend Server Java Bridge "javamw.jar"服务在实现上存在远程代码执行漏洞,远程攻击者可利用此漏洞在受影响应用程序中执行任意代码,造成拒绝服务。 此漏洞源于Zend Server的Zend Java Bridge v3.1组件中。javamw.jar服务默认接受端口10001上的TCP请求。Zend Server Java...
Zend Java Bridge Remote Code Execution
/ Zend Java Bridge v3.1 - Remote Code Execution ZDI-11-113 Copyright c 2010 Luca Carettoni ZJB.java v0.2 - 4 August 2010 Usage java -jar zjb.jar '' Default: 10001/tcp Version affected Zend Server v5.0.2, Zend Server Community Edition v5.0.2 and previous releases...
ZDI-11-113: Zend Server Java Bridge Design Flaw Remote Code Execution Vulnerability
ZDI-11-113: Zend Server Java Bridge Design Flaw Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-113 March 28, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Zend -- Affected Products: Zend Zend Server -- TippingPointTM IPS Customer...
Zend Server code execution
It's possible to execute user-supplied code via Java Bridge TCP/10001 service...
Zend Server Java Bridge Design Flaw Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Zend Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Zend Java Bridge v3.1 component of the Zend Server framework. The javamw.jar service...