Multiple Web Server printenv CGI Information Disclosure

The remote web server contains the 'test-cgi' test script, which is included by default with some web servers. The printenv CGI returns its environment variables. This gives an attacker information like the installation directory, the server IP address which is interesting if NAT is implemented,...

QuickTime Streaming Server - 'parse_xml.cgi' Remote Execution (Metasploit)

$Id: qtssparsexmlexec.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)

$Id: guestbookssiexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit)

$Id: awstatsmigrateexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

gitWeb v1.5.2 Remote Command Execution

No description provided by source. Exploit Title: gitWeb remote command execution Date: 2009.06.19 Author: S2 Crew Hungary Software Link: - Version: GIT 1.5.2 Tested on: debian linux, GIT 1.5.2 CVE: CVE-2008-5516 - CVE-2008-5517 Code: The cgi script doesn't show the command output blind command...

gitWeb 1.5.2 - Remote Command Execution

Exploit Title: gitWeb remote command execution Date: 2009.06.19 Author: S2 Crew Hungary Software Link: - Version: GIT 1.5.2 Tested on: debian linux, GIT 1.5.2 CVE: CVE-2008-5516 - CVE-2008-5517 Code: The cgi script doesn't show the command output blind command execution ; Vulnerable functions in...

gitWeb v1.5.2 Remote Command Execution

Exploit for unknown platform in category remote exploits ====================================== gitWeb v1.5.2 Remote Command Execution ====================================== Exploit Title: gitWeb remote command execution Date: 2009.06.19 Author: S2 Crew Hungary Software Link: - Version: GIT 1.5.2...

gitWeb 1.5.2 - Remote Command Execution

gitWeb 1.5.2 - Remote Command Execution Exploit Title: gitWeb remote command execution Date: 2009.06.19 Author: S2 Crew Hungary Software Link: - Version: GIT 1.5.2 Tested on: debian linux, GIT 1.5.2 CVE: CVE-2008-5516 - CVE-2008-5517 Code: The cgi script doesn't show the command output blind...

CentOS 5 : cups (CESA-2008:0192)

Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX Printing System CUPS provides a portable printing layer for UNIXR operatin...

QuickTime Streaming Server parse_xml.cgi Remote Execution

$Id: qtssparsexmlexec.rb 7776 2009-12-09 15:13:35Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

CGI Generic Local File Inclusion (2nd pass)

The remote web server hosts CGI scripts that fail to adequately sanitize request strings. By leveraging this issue, an attacker may be able to include a local file and disclose its contents, or even execute arbitrary code on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

CGI Generic SQL Injection (HTTP Cookies)

By sending specially crafted HTTP cookies to one or more CGI scripts hosted on the remote web server, Nessus was able to cause an error in the underlying database. This error suggests that the CGI scripts are prone to SQL injection attack. An attacker may be able to exploit this issue to bypass...

Matt Wright guestbook.pl Arbitrary Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Matt Wright...

AWStats migrate Remote Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'AWStats...

AWStats configdir Remote Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'AWStats...

openSUSE 10 Security Update : nagios (nagios-6355)

A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update nagios-6355. The text...

SuSE 11 Security Update : nagios (SAT Patch Number 1105)

A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...

openSUSE Security Update : nagios (nagios-1102)

A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update nagios-1102. The text...

MDaemon WorldClient form2raw.cgi Stack Buffer Overflow

This module exploits a stack buffer overflow in Alt-N MDaemon SMTP server for versions 6.8.5 and earlier. When WorldClient HTTP server is installed default, a CGI script is provided to accept html FORM based emails and deliver via MDaemon.exe, by writing the CGI output to the Raw Queue. When...

Sourcefire 3D Sensor & Defense Center 4.8.x Privilege Escalation Vuln

Exploit for cgi platform in category web applications ===================================================================== Sourcefire 3D Sensor & Defense Center 4.8.x Privilege Escalation Vuln ===================================================================== Affected product ----------------...