16 matches found
CVE-2013-4983
The getreferers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php...
Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Sophos Web Protection Appliance - Multiple Vulnerabilities
No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance Multiple Vulnerabilities Advisory ID: CORE-2013-0809 Advisory URL:...
Sophos Web Protection Appliance sblistpack Arbitrary Command Execution (CVE-2013-4983)
A command injection vulnerability has been reported in Sophos Web Protection Appliance. The vulnerability is due to sblistpack component, reachable from the web interface without authentication. An unauthenticated remote attacker could execute arbitrary OS commands on the Sophos appliance...
Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
This Metasploit module exploits a command injection vulnerability on Sophos Web Protection Appliance 3.7.9, 3.8.0 and 3.8.1. The vulnerability exists on the sblistpack component, reachable from the web interface without authentication. This Metasploit module has been tested successfully on Sophos...
Sophos Web Protection Appliance - 'sblistpack' Arbitrary Command Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Sophos Web Protection Appliance...
[CORE-2013-0809] Sophos Web Protection Appliance Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance Multiple Vulnerabilities Advisory ID: CORE-2013-0809 Advisory URL:...
DSquare Exploit Pack: D2SEC_SWA
Name| d2secswa ---|--- CVE| CVE-2013-4983 Exploit Pack| D2ExploitPack Description| Sophos Web Protection Appliance 3.8.1 Remote Code Execution Vulnerability Notes|...
CVE-2013-4983
CVE-2013-4983 affects Sophos Web Protection Appliance via the sblistpack component (get_referers) in /opt/ws/bin/sblistpack. Versions affected: pre-3.7.9.1 and pre-3.8.1.1 (i.e., 3.7.9.1 and 3.8.1.1 patched). The vulnerability allows remote command execution by injecting shell metacharacters into...
Sophos Web Protection Appliance Multiple Vulnerabilities (Jul 2013) - Active Check
Sophos Web Protection Appliance is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2013-4983
creationtimestamp| type| source ---|---|--- 2013-09-09 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/28175 2013-09-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/28334 2018-05-29 15:50:33+00:00| seen|...
Sophos Web Protection Appliance - Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance Multiple Vulnerabilities Advisory ID: CORE-2013-0809 Advisory URL:...
Sophos Web Protection Appliance - Multiple Vulnerabilities
Sophos Web Protection Appliance - Multiple Vulnerabilities Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance Multiple Vulnerabilities Advisory ID: CORE-2013-08...
Sophos Web Protection Appliance Command Injection
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance Multiple Vulnerabilities Advisory ID: CORE-2013-0809 Advisory URL:...
Sophos Web Protection Appliance Command Injection Vulnerability
Core Security Technologies Advisory - Sophos Web Protection Appliance versions 3.7.9 and earlier, 3.8.1, and 3.8.0 suffer from multiple OS command injection vulnerabilities. Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance...
Sophos Web Protection Appliance Multiple Vulnerabilities
Advisory ID Internal CORE-2013-0809 1. Advisory Information Title: Sophos Web Protection Appliance Multiple Vulnerabilities Advisory ID: CORE-2013-0809 Advisory URL:https://www.coresecurity.com/core-labs/advisories/sophos-web-protection-appliance-multiple-vulnerabilities Date published: 2013-09-0...