Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (Metasploit)

Exploit for hardware platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever', 'Description' = ...

Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (Metasploit)

Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever',...

Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever', 'Description' = %q A vulnerability exists for Gemtek CPE7000 model ID...

Symantec Brightmail 10.6.0-7 - LDAP Credentials Disclosure (Metasploit)

Symantec Brightmail 10.6.0-7 - LDAP Credentials Disclosure Metasploit Exploit Title: Symantec Brightmail ldap credential Grabber Date: 18/04/2016 Exploit Author: Fakhir Karim Reda Vendor Homepage:...

PHP Utility Belt - Remote Code Execution (Metasploit)

Exploit for php platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'PHP Utility Belt Remote Code Execution', 'Description' = %q This module exploit...

ATutor 2.2.1 SQL Injection / Remote Code Execution

This module exploits a SQL Injection vulnerability and an authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrator's interface where they can upload malicious code. This module requires Metasploit:...

Oracle BeeHive 2 Code Execution Exploit

This Metasploit module exploits a vulnerability found in Oracle BeeHive. The processEvaluation method found in voice-servlet can be abused to write a malicious file onto the target machine, and gain remote arbitrary code execution under the context of SYSTEM. This module requires Metasploit:...

Oracle BeeHive 2 Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Oracle BeeHive 2 voice-servlet processEvaluation Vulnerability", 'Description' = %q This module exploits a vulnerability found in...

Oracle BeeHive 2 - 'voice-servlet prepareAudioToPlay()' Arbitrary File Upload (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Oracle BeeHive 2 voice-servlet prepareAudioToPlay Arbitrary File Upload", 'Description' = %q This module exploits a vulnerability...

Oracle BeeHive 2 - 'voice-servlet processEvaluation()' Write File (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Oracle BeeHive 2 voice-servlet processEvaluation Vulnerability", 'Description' = %q This module exploits a vulnerability found in...

Advantech Switch - 'Shellshock' Bash Environment Variable Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Advantech Switch Bash Environment Variable Code Injection Shellshock', 'Description' = %q This module exploits the Shellshock...

The vulnerability of the Apache HttpClient client module of Apache HttpComponents, as well as the operating systems Fedora and Ubuntu, allows a perpetrator to cause a service failure.

The vulnerability of the http/conn/ssl/SSLConnectionSocketFactory.java component in the Apache HttpClient client library, along with Apache HttpComponents, and on operating systems like Fedora and Ubuntu, is related to the ignoring of the http.socket.timeout parameter during the SSL handshake...

CVE-2015-5262

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...

CVE-2015-5262

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...

Design/Logic Flaw

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...

CVE-2015-5262

CVE-2015-5262 affects Apache HttpComponents HttpClient prior to 4.3.6 where the http.socket.timeout setting is ignored during SSL handshakes, enabling potential DoS via HTTPS call hangs. IBM-connected docs reference this CVE in IBM StreamSets Data Collector 6.4.0 with a fixed release path, noting...

CVE-2015-5262

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...

Ubuntu 14.04 LTS : Apache Commons HttpClient vulnerabilities (USN-2769-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2769-1 advisory. It was discovered that Apache Commons HttpClient did not properly verify the Common Name or subjectAltName fields of X.509 certificates. An attacker coul...

Mageia: Security Advisory (MGASA-2015-0392)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2769-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...