116 matches found
Zimbra Collaboration Server skin Parameter Traversal Local File Inclusion
The Zimbra Collaboration Server installed on the remote host is affected by a file disclosure vulnerability because it fails to properly sanitize user-supplied input to the 'skin' parameter of '/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz'. This vulnerability could...
By the LFI caused by the Zimbra mail management system of 0day-vulnerability warning-the black bar safety net
Zimbra is a company with a lot of the mail system, may relate to many of the company's internal confidential, it is extremely important. This is a few days ago on exploit-db. com on the issue to the 0day to: it. By a local file inclusion vulnerability can be seen localconfig. xml content, and thi...
Zimbra Collaboration Server 7.2.2/8.0.2 - Local File Inclusion (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 'Zimbra Collaboration Server LFI', 'Description' = %q This module exploits a local file inclusion on Zimbra...
Zimbra Collaboration Server LFI Vulnerability
This Metasploit module exploits a local file inclusion on Zimbra 8.0.2 and 7.2.2. The vulnerability allows an attacker to get the LDAP credentials from the localconfig.xml file. The stolen credentials allow the attacker to make requests to the service/admin/soap API. This can then be used to crea...
Zimbra Collaboration Server LFI
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 'Zimbra Collaboration Server LFI', 'Description' = %q This module exploits a local file inclusion on Zimbra...
CVE-2013-7091
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. dot dot in the skin parameter. NOTE: this can be leveraged to execute arbitrary code by obtaining LD...
CVE-2013-7091
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. dot dot in the skin parameter. NOTE: this can be leveraged to execute arbitrary code by obtaining LD...
Zimbra 2009-2013 - Local File Inclusion
Exploit Title: Zimbra 0day exploit / Privilegie escalation via LFI Date: 06 Dec 2013 Exploit Author: rubina119 Contact Email : rubina119atgmail.com Vendor Homepage: http://www.zimbra.com/ Version: 2009, 2010, 2011, 2012 and early 2013 versions are afected, Tested on: Centosx, Ubuntu. CVE : No CVE...
CVE-2012-0706
IBM Scale Out Network Attached Storage SONAS 1.3 before 1.3.2.3 requires cleartext storage of LDAP credentials without recommending a less privileged LDAP account, which might allow attackers to obtain sensitive server information by leveraging root access to a client machine...
CVE-2012-4838
IBM Flex System Chassis Management Module CMM and Integrated Management Module 2 IMM2 allow local users to obtain sensitive information about 1 local accounts, 2 SSH private keys, 3 SSL/TLS private keys, 4 SNMPv3 communities, and 5 LDAP credentials by leveraging unspecified side effects of servic...
Code injection
IBM Flex System Chassis Management Module CMM and Integrated Management Module 2 IMM2 allow local users to obtain sensitive information about 1 local accounts, 2 SSH private keys, 3 SSL/TLS private keys, 4 SNMPv3 communities, and 5 LDAP credentials by leveraging unspecified side effects of servic...
Unable to use HTTPS for login only
If you setup the urlrewrite.xml like so: noformat ^/s/.//download/images/^?. /images/$2 ^/s/.//^?. /$2 ^/login.action https https://localhost:8443/login.action ^/dologin.action https https://localhost:8443/dologin.action ^/. https /login.action. /dologin.action. /s/. http://localhost:8080/$...
Unable to use HTTPS for login only
If you setup the urlrewrite.xml like so: noformat ^/s/.//download/images/^?. /images/$2 ^/s/.//^?. /$2 ^/login.action https https://localhost:8443/login.action ^/dologin.action https https://localhost:8443/dologin.action ^/. https /login.action. /dologin.action. /s/. http://localhost:8080/$...
Hewlett-Packard OpenView Radia Integration Server File System Exposure Vulnerability
This vulnerability allows remote attackers to access arbitrary files on systems with vulnerable installations of Hewlett-Packard OpenView Radia Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server bound by default to TCP...
CVE-2006-6145
CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in plaintext in UninstallerData\installvariables.properties, which has insecure permissions and allows local users to obtain the credentials. NOTE: The provenance of this information is unknown; the details are obtained solely from...
CVE-2006-6145
CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in plaintext in UninstallerData\installvariables.properties, which has insecure permissions and allows local users to obtain the credentials. NOTE: The provenance of this information is unknown; the details are obtained solely from...