107 matches found
[SECURITY] Fedora 21 Update: openssh-6.6.1p1-15.fc21
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
[SECURITY] Fedora 22 Update: openssh-6.9p1-4.fc22
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
[SECURITY] Fedora 22 Update: openssh-6.9p1-3.fc22
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
[SECURITY] Fedora 22 Update: openssh-6.9p1-1.fc22
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
[SECURITY] Fedora 22 Update: postgresql-9.4.4-1.fc22
PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...
MS14-052 Microsoft Internet Explorer XMLDOM Filename Disclosure
This module will use the Microsoft XMLDOM object to enumerate a remote machine's filenames. It will try to do so against Internet Explorer 8 and Internet Explorer 9. To use it, you must supply your own list of file paths. Each file path should look like this: c:\\windows\\system32\\calc.exe This...
X (Formerly Twitter): Cross site Port Scanning bug in twitter developers console
This vulnerability allow a port scanning a remote machine on internet . an attacker can scan a remote machine through this vulnerability using twitter ip as a proxy . The vulnerability exit on url https://dev.twitter.com/rest/tools/console through console an attacker can use GET or POST request...
X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution
No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...
X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution
This module exploits a post-auth vulnerability found in X7 Chat versions 2.0.0 up to 2.0.5.1. The vulnerable code exists on lib/message.php, which uses pregreplace function with the /e modifier. This allows a remote authenticated attacker to execute arbitrary PHP code in the remote machine. This...
[SECURITY] Fedora 20 Update: openssh-6.4p1-4.fc20
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
Multi Gather Malware Verifier
This module will check a file for malware on VirusTotal based on the checksum. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/http' require 'uri' class MetasploitModule 'Multi Gather Malware Verifier',...
Egg Hunting Staged Shellcode Remote Code Execution
Egg Hunting is a staged shellcode technique. A remote attacker can use Egg Hunting to cause a stack-based overflow on the target. Successful implementation will allow attackers to execute shellcode on a remote machine...
XAMPP 1.8.1 Local Write Access Vulnerability
XAMPP version 1.8.1 allows an unprivileged user the ability to write to the local disk. It has been detected than an unprivileged user can write in the local disk and the local file "lang.tmp" can be modified in the remote machine. The injection is done through the page "/xampp/lang.php"...
Open-FTPD 1.2 Arbitrary File Upload
This module exploits multiple vulnerabilities found in Open FTP server. The software contains an authentication bypass vulnerability and a arbitrary file upload vulnerability that allows a remote attacker to write arbitrary files to the file system as long as there is at least one user who has...
[SECURITY] Fedora 19 Update: tftp-5.2-9.fc19
The Trivial File Transfer Protocol TFTP is normally used only for booting diskless workstations. The tftp package provides the user interface for TFTP, which allows users to transfer files to and from a remote machine. This program and TFTP provide very little security, and should not be enabled...
Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability
a bug in Wordpress chenpress Plugin that allows to us to occur a File Upload on a Remote machin. Exploit Title : Wordpress chenpress Plugin Arbitrary File Upload Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://wordpress.org Security Risk :...
Wordpress fckeditor Arbitrary File Upload Vulnerability
a bug in Wordpress fckeditor that allows to us to occur a File Upload Vulnerability on a Remote machin. Exploit Title : Wordpress fckeditor Arbitrary File Upload Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://wordpress.org Security Risk :...
Wordpress (editormonkey) Arbitrary File Upload Vulnerability
a bug in Wordpress editormonkeythat allows to us to occur a File Upload on a Remote machin. Exploit Title : Wordpress editormonkey Arbitrary File Upload Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://wordpress.org Security Risk : High...
vBulletin 4.1.10 Sql Injection Vulnerabilitiy
a bug in vBulletin 4.1.10 that allows to us to occur a Sql Injection on a Remote machin. Exploit Title : vBulletin 4.1.10 Sql Injection Vulnerabilitiy Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir Software Link : http://vbulletin.com Security Risk : High Version : All Version Test...
Distinct TFTP Server 3.01 - Directory Traversal
Exploit Title: Distinct TFTP Server = 3.01 Directory Traversal Vulnerability Date: April 8, 2012 Software Link: http://www.distinct.com/index.php/downloads/index/p=ISERV Affected Versions: 3.01 and previous version may also affected Tested on: Windows XP SP3, Windows Server 2003 , Windows 7 SP1...