ClubHack: CHMag Issue 17th, June 2011 Download

ClubHack: CHMag Issue 17th, June 2011 Download Contents of this Issue:- 1. Tech Gyan - Pentesting your own Wireless Network 2. Tool Gyan - Wi-Fi tools 3. Mom's Guide - Wireless Security - Best Practices 4. Legal Gyan - Copyrights and cyber space 5. Matriux Vibhag - Forensics with Matriux Part - 2...

Symantec LiveUpdate Administrator Management GUI - HTML Injection

source: https://www.securityfocus.com/bid/46856/info Symantec LiveUpdate Administrator is prone to an HTML-injection vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected application, potentially allowing the attacker to steal...

SugarCRM 6.1.1 Privilege Restriction Bypass

Advisory: SugarCRM list privilege restriction bypass RedTeam Pentesting discovered a vulnerability in SugarCRM that allows logged in users to bypass restrictions of their list privilege, allowing to list all entries. Details ======= Product: SugarCRM Community Edition SugarCRM Professional SugarC...

Nostromo 1.9.3 Directory Traversal

Advisory: nostromo nhttpd directory traversal leading to arbitrary command execution During a penetration test, RedTeam Pentesting discovered a directory traversal vulnerability leading to arbitrary command execution in the nostromo HTTP server. Details ======= Product: nostromo nhttpd Affected...

[RT-SA-2011-002] SugarCRM list privilege restriction bypass

Advisory: SugarCRM list privilege restriction bypass RedTeam Pentesting discovered a vulnerability in SugarCRM that allows logged in users to bypass restrictions of their list privilege, allowing to list all entries. Details ======= Product: SugarCRM Community Edition SugarCRM Professional SugarC...

Hexjector 1.0.7.5 Rev34 Latest Version Download !

"Hexjector is an open-source, multi-platform PHP script to automate site penetration tests for SQL Injection Vulnerabilities." This is the updated change log: ErrorCheck, HexDorker, HexaFind, HexDumper, HexaCurD, Hexdumpfile, Hexoutfile, Hexloader, and WAFDetector have all been updated. HexaFind ...

JBoss JMX - Console Deployer Upload and Execute (Metasploit)

$Id: jbossmaindeployer.rb 10754 2010-10-19 22:24:33Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

McAfee LinuxShield <= 1.5.1 Local/Remote Root Code Execution

No description provided by source. !/usr/bin/perl Title: McAfee LinuxShield = 1.5.1 Local/Remote Root Exploit Name: nailsRoot.pl Author: Nikolas Sotiriu lofi lofiatsotiriu.de WARNING: This Exploit deletes the default Update Server Use it only for education or ethical pentesting! The author accept...

McAfee LinuxShield 1.5.1 - LocalRemote File Inclusion Remote Code Execution

McAfee LinuxShield 1.5.1 - LocalRemote File Inclusion Remote Code Execution !/usr/bin/perl Title: McAfee LinuxShield WARNING: This Exploit deletes the default Update Server Use it only for education or ethical pentesting! The author accepts no liability for damage caused by this tool. use strict;...

Link CMS SQL Injection

Exploit Title: LINK CMS.SQL Injection Vulnerability Date: 2010-08-23 Author: [email protected] Software Link: http://www.link-softsolutions.com/SoftLink-Content-Management-System---CMS201 Version: n/a .:. Author : [email protected] .:. Contact: [email protected], [email protected] .:. Home :...

JBoss - Java Class DeploymentFileRepository WAR Deployment (Metasploit)

$Id: jbossdeploymentfilerepository.rb 9950 2010-08-03 15:14:34Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

JBoss JMX Console Beanshell Deployer WAR Upload And Deployment

$Id: jbossbshdeployer.rb 9596 2010-06-23 22:25:03Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

[RT-SA-2010-003] Geo++(R) GNCASTER: Faulty implementation of HTTP Digest Authentication

Advisory: Geo++R GNCASTER: Faulty implementation of HTTP Digest Authentication During a penetration test, RedTeam Pentesting discovered that the GNCaster software has multiple bugs in its implementation of HTTP Digest Authentication. Details ======= Product: Geo++R GNCASTER Affected Versions: =...

[RT-SA-2010-002] Geo++(R) GNCASTER: Insecure handling of NMEA-data

Advisory: Geo++R GNCASTER: Insecure handling of NMEA-data During a penetration test, RedTeam Pentesting discovered that the GNCaster software does not handle NMEA-data correctly. An attacker that has valid login credentials can use this to crash the server software or potentially execute code on...

Mod_proxy From Apache 1.3 Integer Overflow

Name: Modproxy from apache 1.3 - Integer overflow which causes heap overflow. Author: Adam Zabrocki or Date: Jan 27, 2010 Issue: Modproxy from apache 1.3.xx tested on latest version - 1.3.41 allows local and remote attackers to overflow buffer on heap via integer overflow vulnerability...

Geo++(R) GNCASTER Insecure Handling Of NMEA-Data

Advisory: Geo++R GNCASTER: Insecure handling of NMEA-data During a penetration test, RedTeam Pentesting discovered that the GNCaster software does not handle NMEA-data correctly. An attacker that has valid login credentials can use this to crash the server software or potentially execute code on...

Geo++(R) GNCASTER 1.4.0.7 Insecure Handling Of Long URLs

Advisory: Geo++R GNCASTER: Insecure handling of long URLs During a penetration test, RedTeam Pentesting discovered that the GNCASTER software does not handle long URLs correctly. An attacker can use this to crash the server software or potentially execute code on the server. Details =======...

msgid:[email protected][email protected]&from=RedTeam%20Pentesting%20GmbH&folder=\\3APA3A\Bugtraq&subject=TLS%20Renegotiation%20Vulnerability:%20Proof

Information about a vulnerability in the TLS protocol was published in the beginning of November 2009. Attackers can take advantage of that vulnerability to inject arbitrary prefixes into a network connection protected by TLS. This can result in severe vulnerabilities, depending on the applicatio...

TLS Renegotiation Vulnerability: Proof of Concept Code (Python)

Information about a vulnerability in the TLS protocol was published in the beginning of November 2009. Attackers can take advantage of that vulnerability to inject arbitrary prefixes into a network connection protected by TLS. This can result in severe vulnerabilities, depending on the applicatio...

TLS - Renegotiation

!/usr/bin/env python RedTeam Pentesting GmbH [email protected] http://www.redteam-pentesting.de PoC exploit for the TLS renegotiation vulnerability CVE-2009-3555 License ------- CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/ Timeline -------- 2009-12-21 initial public release...