UNIT4TETA TETA WEB - Authorization Bypass vulnerability

Exploit for php platform in category web applications Title: UNIT4TETA TETA WEB - Authorization Bypass vulnerability Author: Lukasz Miedziński Date: 08. January 2015 CVE: CVE-2015-1173 Affected software : =================== UNIT4TETA TETA WEB 22.62.3.4 - newest version Older versions are probabl...

Werkzeug - Debug Shell Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit4 'Werkzeug Debug Shell Command Execution', 'Description' = %q This module will exploit the Werkzeug debug console to put...

Werkzeug Debug Shell Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit4 'Werkzeug Debug Shell Command Execution', 'Description' = %q This module will exploit the Werkzeug debug console to put...

Werkzeug Debug Shell Command Execution Exploit

This Metasploit module will exploit the Werkzeug debug console to put down a Python shell. This debugger "must never be used on production machines" but sometimes slips passed testing. Tested against 0.9.6 on Debian, 0.9.6 on Centos, 0.10 on Debian. This module requires Metasploit:...

Websense Content Gateway Stack Buffer Overflow Vulnerability

Websense Content Gateway is a set of content security solution gateway from Websense, Inc. A stack buffer overflow vulnerability exists in the 'handledebugnetwork' function in Manager for Websense Content Gateway version 8.0.0. A remote attacker can exploit this vulnerability to cause a denial of...

PEframe - Tool to perform static analysis on Portable Executable malware

PEframe is a open source tool to perform static analysis on Portable Executable malware. Usage $ peframe malware.exe $ peframe --option malware.exe Options --json Output in json --import Imported function and dll --export Exported function and dll --dir-import Import directory --dir-export Export...

IBM Tivoli Storage Manager FastBack Server Opcode 8192 Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 8192. By sending a crafted packet on TCP...

Malicious APK Injection Vulnerability on Android Backup and Restore Processing

Android is a free and open-source Linux-based operating system for mobile devices such as smartphones and tablets, led and developed by Google Inc. and the Open Handset Alliance. Android handles system backups and then restores with a security vulnerability that allows an attacker to inject a...

The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libxml2-debuginfo-x86 package in the OpenSUSE operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

Sticky Keys Persistence Module

This module makes it possible to apply the 'sticky keys' hack to a session with appropriate rights. The hack provides a means to get a SYSTEM shell using UI-level interaction at an RDP login screen or via a UAC confirmation dialog. The module modifies the Debug registry setting for certain...

Technical analysis: Hacking Team for Flash 0day brace-vulnerability warning-the black bar safety net

! The vast JIT CODE, how to find we want to track The code? Borrow HackingTeam Flash 0day event detail debug flow and jitcode, to help some friends to follow better learning. ValueOf the frequency out of the vulnerability, adobe now has been the lack what fill what, a 7 on No. 8, only repair the...

The vulnerability of the EMC Unisphere data storage management program allows a hacker to execute arbitrary code.

The vulnerability of the EMC Unisphere data storage management program with the installed JDWP service is related to code errors. Exploiting this vulnerability may allow a malicious actor to execute arbitrary code remotely...

Symantec Endpoint Protection 12.1.4013 - Service Disabling

Exploit Title: Antivirus Google Dork: intitle: Antivirus Date: 2015-07-07 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.symantec.com Software Link: www.symantec.com/endpoint-protection Version:12.1.4013 Tested on: windows 7 SP1 Category: Antivirus...

Symantec Endpoint Protection 12.1.4013 - Service Disabling

Symantec Endpoint Protection 12.1.4013 - Service Disabling Exploit Title: Antivirus Google Dork: intitle: Antivirus Date: 2015-07-07 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.symantec.com Software Link: www.symantec.com/endpoint-protection...

ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability EMC Identifier: ESA-2015-102 CVE Identifier: CVE-2015-0545 Severity Rating: CVSS v2 Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C Affected products: • EMC Unisphere for VMAX 8.0.0 ...

The vulnerability of the OnCommand Workflow Automation data storage automation tool allows a hacker to execute arbitrary code.

The OnCommand Workflow Automation tool installer installs the JDWP service Java Debugging Wire Protocol. This service allows a remote attacker to execute arbitrary code through an unspecified vector...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-debuginfo-common-s390x-2.6.32 package of the Red Hat Enterprise Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

The vulnerability of the Red Hat Enterprise Linux operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the kernel-debug-devel-3.10.0 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. The vulnerability can be exploited locally...

The vulnerability of the Red Hat Enterprise Linux operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the kernel-debug-3.10.0 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. The vulnerability can be exploited locally...

The vulnerability of the Red Hat Enterprise Linux operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the kernel-debug-debuginfo-3.10.0 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. The vulnerability can be exploited locally...