898 matches found
WordPress S3 Video Remote Shell Upload
Exploit Title : Wordpress S3 Video Plugin file upload Author : Manish Kishan Tanwar AKA error1046 Vendor Link : http://plugins.svn.wordpress.org/s3-video/tags/0.91/ Affected Version: below version 0.91 Date : 9/12/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Sin...
Seagate GoFlex Remote Shell
I have been scanning some ranges in my free time and came across a Seagate GoFlex Home Network Storage System which my scanner flagged as being vulnerable to shellshock but getting a remote shell was no easy task "for me anyway". I ended up having to build a payload with msfvenom and doing the...
Apple OS X RSH Code Execution Vulnerability
Apple OS X is an operating system developed by Apple Inc. Apple OS X RSH has a security vulnerability in the use of environment variables, which can be exploited by a local attacker to execute arbitrary code with ROOT privileges...
PCMan FTP Server 2.0.7 - GET Command Buffer Overflow
No description provided by source. !/usr/bin/python Exploit Title: PCMan's FTP Server v2.0 - GET command buffer overflow remote shell Date: 28 Aug 2015 Exploit Author: Koby Vendor Homepage: http://pcman.openfoundry.org/ Software Link:...
PCMan FTP Server 2.0.7 - GET Command Buffer Overflow Exploit
Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: PCMan's FTP Server v2.0 - GET command buffer overflow remote shell Date: 28 Aug 2015 Exploit Author: Koby Vendor Homepage: http://pcman.openfoundry.org/ Version: 2.0.7 Tested on: Windows XP SP3 CVE : N/A impo...
PCMan FTP Server 2.0.7 - GET Remote Buffer Overflow
PCMan FTP Server 2.0.7 - GET Remote Buffer Overflow !/usr/bin/python Exploit Title: PCMan's FTP Server v2.0 - GET command buffer overflow remote shell Date: 28 Aug 2015 Exploit Author: Koby Vendor Homepage: http://pcman.openfoundry.org/ Software Link:...
PCMan FTP Server 2.0.7 - 'GET' Remote Buffer Overflow
!/usr/bin/python Exploit Title: PCMan's FTP Server v2.0 - GET command buffer overflow remote shell Date: 28 Aug 2015 Exploit Author: Koby Vendor Homepage: http://pcman.openfoundry.org/ Software Link: https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z Version: 2.0.7 Tested o...
Symantec Endpoint Protection Manager - Authentication Bypass / Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Symantec Endpoint Protection Manager Authentication Bypass and Code Execution', 'Description' = %q This module exploits three separa...
Symantec Endpoint Protection Manager Authentication Bypass / Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Symantec Endpoint Protection Manager Authentication Bypass and Code Execution', 'Description' = %q This module exploits three separa...
Symantec Endpoint Protection Manager Authentication Bypass / Code Execution Exploit
This Metasploit module exploits three separate vulnerabilities in Symantec Endpoint Protection Manager in order to achieve a remote shell on the box as NT AUTHORITY\SYSTEM. The vulnerabilities include an authentication bypass, a directory traversal and a privilege escalation to get privileged cod...
Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)
/ Exploit Title: Windows 2k3 SP2 TCP/IP IOCTL Privilege Escalation MS14-070 Date: 2015-08-10 Exploit Author: Tomislav Paskalev Vulnerable Software: Windows 2003 SP2 x86 Windows 2003 SP2 x86-64 Windows 2003 SP2 IA-64 Supported vulnerable software: Windows 2003 SP2 x86 Tested on: Windows 2003 SP2 x...
Windows NDProxy Privilege Escalation XP SP3 x86 and 2003 SP2 x86 (MS14-002) Exploit
NDPROXY is a system-provided driver that interfaces WAN miniport drivers, call managers, and miniport call managers to the Telephony Application Programming Interfaces TAPI services. The vulnerability is caused when the NDProxy.sys kernel component fails to properly validate input. An attacker wh...
Microsoft Windows XP SP3 (x86) / 2003 SP2 (x86) - 'NDProxy' Local Privilege Escalation (MS14-002)
/ Exploit Title: Windows NDProxy Privilege Escalation MS14-002 Date: 2015-08-03 Exploit Author: Tomislav Paskalev Vulnerable Software: Windows XP SP3 x86 Windows XP SP2 x86-64 Windows 2003 SP2 x86 Windows 2003 SP2 x86-64 Windows 2003 SP2 IA-64 Supported vulnerable software: Windows XP SP3 x86...
Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
This module exploits three separate vulnerabilities in Symantec Endpoint Protection Manager in order to achieve a remote shell on the box as NT AUTHORITY\SYSTEM. The vulnerabilities include an authentication bypass, a directory traversal and a privilege escalation to get privileged code execution...
ZebOS routing remote shell service enabled
...
Poet - A simple Post-Exploitation Tool
The client program runs on the target machine and is configured with an IP address the server to connect to and a frequency to connect at. If the server isn't running when the client tries to connect, the client quietly sleeps and tries again at the next interval. If the server is running however...
Many Drug Pumps Open to Variety of Security Flaws
In April, a security researcher disclosed a litany of severe vulnerabilities in the PCA3 drug-infusion pump manufactured by a company named Hospira. He went so far as to call the pump “the least secure IP enabled device I’ve ever touched in my life.” As it turns out, those same vulnerabilities...
WordPress Amerisale Re Plugin - Remote Shell Upload
This plugin is prone to a remote shell upload vulnerability. Solution Update the plugin...
WordPress FCKeditor Deans With Pwwangs Code Plugin <= 1.0.0 - Remote Shell Upload
This plugin is prone to remote shell upload vulnerability. Solution Update the plugin...
EMC M&R (Watch4net) - Credential Disclosure Vulnerability
It was discovered that EMC M&R Watch4net credentials of remote servers stored in Watch4net are encrypted using a fixed hard-coded password. If an attacker manages to obtain a copy of the encrypted credentials, it is trivial to decrypt them. Abstract It was discovered that EMC M&R Watch4net...