6 matches found
Openfire Admin Console Authentication Bypass
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex/zip' class Metasploit3...
Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex/zip' class Metasploit3...
Openfire Admin Console Authentication Bypass
This module exploits an authentication bypass vulnerability in the administration console of Openfire servers. By using this vulnerability it is possible to upload/execute a malicious Openfire plugin on the server and execute arbitrary Java code. This module has been tested against Openfire 3.6.0...
Gentoo Security Advisory GLSA 200904-01 (openfire)
The remote host is missing updates announced in advisory GLSA 200904-01. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
CVE-2008-6508
Openfire Openfire Admin Console is affected by a directory traversal (path traversal) vulnerability (CVE-2008-6508) in the AuthCheck filter, enabling remote attackers to bypass authentication and access the admin interface via a .. sequence in a URI that matches the Exclude-Strings list. Affected...
CVE-2008-6508
creationtimestamp| type| source ---|---|--- 2008-11-09 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/7075 2012-06-28 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/19432 2018-05-29 15:50:33+00:00| seen|...