Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050) (Metasploit)

$Id: ms11050mshtmlcobjectelement.rb 12962 2011-06-17 01:56:20Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Nmap NSE net: smb-psexec

This script implements remote process execution similar to the Sysinternals' psexec tool, allowing a user to run a series of programs on a remote machine and read the output. This is great for gathering information about servers, running the same tool on a range of system, or even installing a...

Nmap NSE net: jdwp-version

Detects the Java Debug Wire Protocol. This protocol is used by Java programs to be debugged via the network. It should not be open to the public Internet, as it does not provide any security against malicious attackers who can inject their own bytecode into the debugged process. Documentation for...

Nmap NSE net: wdb-version

Detects vulnerabilities and gathers information such as version numbers and hardware support from VxWorks Wind DeBug agents. Wind DeBug is a SunRPC-type service that is enabled by default on many devices that use the popular VxWorks real-time embedded operating system. H.D. Moore of Metasploit ha...

Портирование эксплойта ACPI custom_method.

Наткнулся недавно на упоминание декабрьского эксплойта Jon Oberheide. В качестве челленджа задался идеей портировать этот эксплойт. Первоначальный эксплойт работает только на ноутбуках где есть LID ACPI девайс состояния крышки и исключительно на 64-битных системах. Задача: портировать эксплойт на...

PR10-17 Various XSS and information disclosure flaws within KeyFax response management system

PR10-17: Various XSS and information disclosure flaws within KeyFax response management system http://www.omfax.co.uk Vulnerability found: 25th August 2010 Vendor informed: Vulnerability fixed: Severity: Medium/High Description: KeyFax response management system provides professional management o...

phpThumb 'phpThumbDebug' Information Disclosure

No description provided by source. Exploit Title: phpThumb 'phpThumbDebug' Information Disclosure Google Dork: inurl:phpThumb.php Date: 06/05/2011 Author: mook Software Link: http://phpthumb.sourceforge.net/download Version: 1.7.9 Tested on: linux Vulnerability: Information disclosure which...

When configured for Internal Database with LDAP for Authentication Only, Confluence does not check the LDAP when authenticating users

Configured Confluence to keep and manage users in its internal database, but to first try to use LDAP for authentication only, via the new interface. Debug output suggests Confluence is not bothering to check the LDAP at any point during the authentication process. More detail is available here:...

When configured for Internal Database with LDAP for Authentication Only, Confluence does not check the LDAP when authenticating users

Configured Confluence to keep and manage users in its internal database, but to first try to use LDAP for authentication only, via the new interface. Debug output suggests Confluence is not bothering to check the LDAP at any point during the authentication process. More detail is available here:...

When configured for Internal Database with LDAP for Authentication Only, Confluence does not check the LDAP when authenticating users

Configured Confluence to keep and manage users in its internal database, but to first try to use LDAP for authentication only, via the new interface. Debug output suggests Confluence is not bothering to check the LDAP at any point during the authentication process. More detail is available here:...

phpThumb - 'phpThumbDebug' Information Disclosure

Exploit Title: phpThumb 'phpThumbDebug' Information Disclosure Google Dork: inurl:phpThumb.php Date: 06/05/2011 Author: mook Software Link: http://phpthumb.sourceforge.net/download Version: 1.7.9 Tested on: linux Vulnerability: Information disclosure which includes absolute system paths, os...

phpThumb 1.7.9 Information Disclosure

Exploit Title: phpThumb 'phpThumbDebug' Information Disclosure Google Dork: inurl:phpThumb.php Date: 06/05/2011 Author: mook Software Link: http://phpthumb.sourceforge.net/download Version: 1.7.9 Tested on: linux Vulnerability: Information disclosure which includes absolute system paths, os...

phpThumb - phpThumbDebug Information Disclosure

phpThumb - phpThumbDebug Information Disclosure Exploit Title: phpThumb 'phpThumbDebug' Information Disclosure Google Dork: inurl:phpThumb.php Date: 06/05/2011 Author: mook Software Link: http://phpthumb.sourceforge.net/download Version: 1.7.9 Tested on: linux Vulnerability: Information disclosur...

Fedora 15 : telepathy-gabble-0.11.7-1.fc15 / telepathy-glib-0.13.13-1.fc15 (2011-1284)

Telepathy-Gabble changes, including a security fix : - fd.o32390: Gabble now treats a request for a ContactSearch channel with Server set to the empty string as equivalent to not specifying a server, and rejects requests where the JID specified for Server is invalid. - fd.o32874: Offline contacts...

Microsoft SQL Server - Payload Execution (via SQL Injection) (Metasploit)

$Id: mssqlpayloadsqli.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

PT-2011-2598 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions 9.0.1 CHF1 and earlier Description: The issue allows remote attackers to obtain sensitive information via an id=- query to a .cfm file, which reveals the installation path in an error message. The vendor disputes the...

Automated Solutions Modbus/TCP OPC Server - Remote Heap Corruption (PoC)

!/usr/bin/python asmb-heap.py Automated Solutions Modbus/TCP OPC Server Remote Heap Corruption PoC Jeremy Brown 0xjbrown41-gmail-com Jan 2011 A specially crafted length field in a MODBUS packet header can trigger heap corruption. 00408312 | 8B5424 3C MOV EDX,DWORD PTR SS:ESP+3C - move length into...

Digital Forensics Framework v0.9.0 latest version download !

"DFF Digital Forensics Framework is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules." This is...

Apple iOS Safari - decodeURIComponent Remote Crash

Apple iOS Safari - decodeURIComponent Remote Crash Apple iPhone 3 Safari JavaScript - decodeURIComponent Remote Crash decodeURIComponent'$string'; "; iffileputcontents"./crash.html", $code echo"Point your safari mobile browser to crash.html.\r\n"; else echo"Cannot create file.\r\n"; ?...

Discuz!x官方 敏感信息泄露

简要描述： 由于官方项目的DEBUG缓存未清除，导致服务器大量信息泄漏。 当然一般其他网站只要未使用过DEBUG包的项目该问题不存在 详细说明： dbhost = 172.32.1.168 dbuser = superbase dbpw = Oh dbcharset = gbk pconnect = 0 dbname = superbase tablepre = pre 漏洞证明： http://www.discuz.net/data/debugadmin.php?I //phpinfo; http://www.discuz.net/data/debugadmin.php?C&c=...