HttpFileServer 2.3.x Remote Command Execution Vulnerability

Exploit for multiple platform in category remote exploits Affected software: http://sourceforge.net/projects/hfs/ Version : 2.3x Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 11-09-2014 Remote: Yes Exploit Author: Daniele Linguaglossa...

HttpFileServer 2.3.x Remote Command Execution

Affected software: http://sourceforge.net/projects/hfs/ Version : 2.3x Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 11-09-2014 Remote: Yes Exploit Author: Daniele Linguaglossa Vendor Homepage: http://rejetto.com/ Software Link:...

Details Disclosed on Patched Webmin Vulnerability

The University of Texas information security office yesterday disclosed the details on a critical vulnerability in Webmin that was patched in May, days after it was reported. The bug in the UNIX remote management tool provided remote root access to a host server. Authenticated users would then be...

FreeBSD : serf -- SSL Certificate Null Byte Poisoning (69048656-2187-11e4-802c-20cf30e32f6d)

serf Development list reports : Serf provides APIs to retrieve information about a certificate. These APIs return the information as NUL terminated strings commonly called C strings. X.509 uses counted length strings which may include a NUL byte. This means that a library user will interpret any...

UBUNTU-CVE-2014-3504

The 1 serfsslcertissuer, 2 serfsslcertsubject, and 3 serfsslcertcertificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof...

serf -- SSL Certificate Null Byte Poisoning

serf Development list reports: Serf provides APIs to retrieve information about a certificate. These APIs return the information as NUL terminated strings commonly called C strings. X.509 uses counted length strings which may include a NUL byte. This means that a library user will interpret any...

Cisco Prime Data Center Network Manager - Arbitrary File Upload

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...

Pulse CMS Basic - Local File Inclusion Vulnerability

No description provided by source. 'Pulse CMS Basic' Local File Inclusion Vulnerability CVE-2010-4330 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'includes/controller.php' script that allows for arbitrary local fil...

CoolPlayer Portable 2.19.1 - (m3u) Buffer Overflow Exploit (2)

No description provided by source. !/usr/bin/python Usage : coolplayer.py Bug : CoolPlayer Portablem3u Buffer Overflow exploit Founder : Goldm First exploiter : stack he is my friend : Tested on : Xp sp2 fr Greetings : All friends & muslims HaCkErs DZ,snakespc.com,secdz.com Note: I didn't know wh...

Working Resources 1.7.3 BadBlue Null Byte File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5226/info BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems. It has been discovered that a request passed to a BadBlue server containing a...

Microsoft Reader <= 2.1.1.3143 NULL Byte Write

No description provided by source. Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: = 2.1.1.3143 PC version the Origami 2.6.1.7169 version doesn't seem vulnerable the non-PC versions have not been tested Platforms: Windows, Windows Mobile, Tablet PC and UMPC...

Synactis All_IN_THE_BOX ActiveX 3.0 - Null byte File Overwrite Vuln

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-09-006 http://www.dsecrg.com/pages/vul/show.php?id=62 Application: Synactis AllINTHEBOX ActiveX Versions Affected: 3 Vendor URL: http://synactis.com Bugs: Null byte File overwriting Exploits: YES Reported:...

Tiki Wiki CMS Groupware <= 8.2 (snarf_ajax.php) Remote PHP Code Injection

No description provided by source. ------------------------------------------------------------------------- Tiki Wiki CMS Groupware = 8.2 snarfajax.php Remote PHP Code Injection ------------------------------------------------------------------------- author...........: Egidio Romano aka EgiX...

HP Managed Printing Administration jobAcct Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Quick Polls Local File Inclusion and Deletion Vulnerabilities

No description provided by source. 'Quick Polls' Local File Inclusion & Deletion Vulnerabilities CVE-2011-1099 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Two vulnerabilities exist in 'Quick Polls' providing local file inclusion & local file...

A-PDF Wav to MP3 Converter 1.2.0 - DEP Bypass

No description provided by source. Exploit Title: A-PDF Wav to MP3 Converter v 1.2.0 DEP Bypass Software Link: http://www.a-pdf.com/wav-to-mp3/a-pdf-wtm.exe Version: 1.2.0 Tested on: Win XP SP3 French Date: 12/05/2011 Author: h1ch4m Hicham Oumounid Email: [email protected] Home:...

MailReader.com 2.3.x NPH-MR.CGI File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6055/info A vulnerability exists in Mailreader.com which may enable remote attackers to disclose the contents of arbitrary webserver readable files. An attacker may exploit this issue by submitting a malicious web request...

PHP 4/5 addslashes() NULL Byte Bypass

No description provided by source. source: http://www.securityfocus.com/bid/11981/info PHP4 and PHP5 are reported prone to multiple remotely exploitable vulnerabilities. These issue result from insufficient sanitization of user-supplied data. A remote attacker may carry out directory traversal...

ultrascripts ultraboard 1.6 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1164/info UltraBoard 1.6 and possibly all 1.x versions is vulnerable to a directory traversal attack that will allow any remote browser to download any file that the webserver has read access to. On Windows instalations,...

Monkey HTTPD 1.1.1 - Crash PoC

No description provided by source. Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. It has been...