5 matches found
Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Pandora v3.1 Auth Bypass and Arbitrary File Upload Vulnerability", 'Description' = %q This module exploits an authentication bypass...
Pandora 3.1 Auth Bypass / Arbitrary File Upload
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Pandora v3.1 Auth Bypass and Arbitrary File Upload Vulnerability", 'Description' = %q This module exploits an authentication bypass...
CVE-2010-4279
The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhashpwd field, which allows remote attackers to bypass authentication by sending a request to index.php with "admin" in the loginhashuser parameter, in conjunction with the md5 hash of "admin" in the...
CVE-2010-4279
Pandora FMS 3.1 and earlier are affected by an authentication bypass (CVE-2010-4279). The default config leaves loginhash_pwd empty, allowing remote bypass by sending a request to index.php with loginhash_user=admin and loginhash_data containing the MD5 of “admin”; this bypass gives full/complete...
Pandora FMS 3.1 - Authentication Bypass
Pandora FMS 3.1 - Authentication Bypass + Introduction Pandora FMS for Pandora Flexible Monitoring System is a software solution for monitoring computer networks. It allows monitoring in a visual way the status and performance of several parameters from different operating systems, servers,...