Node Browserify 4.2.0 - Remote Code Execution

!/usr/bin/python """ Browserify POC exploit http://iops.io/blog/browserify-rce-vulnerability/ To run, just do: $ python poc.py exploit.js $ browserify exploit.js BITCH I TOLD YOU THIS SHIT IS FABULOUS garbage output ,,,1 00:08:32 up 12:29, 3 users, load average: 0.00, 0.02, 0.05 uid=1001foxx...

CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) BoF Exploit

No description provided by source. / CoffeeCup FTP Clients Buffer Overflow Vulnerability Exploit created by Komrade e-mail: unsecureataltervistadotorg web: http://unsecure.altervista.org Tested on: CoffeeCup Direct FTP 6.2.0.62 CoffeeCup Free FTP 3.0.0.10 on a Windows XP Professional sp2 operatin...

My_EGallery Module 3.1.1 - Remote Include Command Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9113/info A problem has been identified in the handling of input by MyeGallery. Because of this, it may be possible for a remote user to gain unauthorized access to a system using the vulnerable software. MyeGallery explo...

xtell 1.91.1/2.6.1 - Multiple Remote Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/4193/info xtell is a simple network messaging program. It may be used to transmit terminal messages between users and machines. xtell is available for Linux, BSD and most other Unix based operating systems. Multiple buffe...

Elm Development Group ELM 2.4/2.5.1 Mail for UNIX (ELM) Buffer Overflow (1)

No description provided by source. source: http://www.securityfocus.com/bid/1276/info Buffer overflow vulnerabilities exist in elm Electronic Mail for Unix. / Elm Exploit - Scrippie - Phreak.nl - b0f - http://b0f.freebsd.lublin.pl This exploit spawns an EGID mail shell on the default Slackware 4...

TRENDnet Shell

Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...

UBUNTU-CVE-2014-4043

The posixspawnfileactionsaddopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities...

OS command injection flaw in awesome_spawn

Awesome spawn contains OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments, e.g. AwesomeSpawn.run'ls',:params = '-l' = ";touch haxored". If untrusted input was included in command arguments, attacker could use this flaw to execute...

Symantec Altiris DS SQL Injection Vulnerability

Usage Info This module exploits a SQL injection flaw in Symantec Altiris Deployment Solution 6.8 to 6.9.164. The vulnerability exists on axengine.exe which fails to adequately sanitize numeric input fields in "UpdateComputer" notification Requests. In order to spawn a shell, several SQL injection...

Symantec Altiris DS SQL Injection

This module exploits a SQL injection flaw in Symantec Altiris Deployment Solution 6.8 to 6.9.164. The vulnerability exists on axengine.exe which fails to adequately sanitize numeric input fields in "UpdateComputer" notification Requests. In order to spawn a shell, several SQL injections are...

Unix Command Shell, Bind TCP (via nodejs)

Continually listen for a connection and spawn a command shell via nodejs This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 2239 include Msf::Payload::Single include...

Windows Command Shell, Bind TCP (via Lua)

Listen for a connection and spawn a command shell via Lua This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 218 include Msf::Payload::Single include Msf::Sessions::CommandShellOption...

Linux Command Shell, Bind TCP Inline

Listen for a connection and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 232 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def...

[SECURITY] Fedora 16 Update: tremulous-1.2.0-0.4.beta1.fc16

Tremulous is a free, open source game that blends a team based FPS with ele ments of an RTS. Players can choose from 2 unique races, aliens and humans. Players on both teams are able to build working structures in-game like an RTS. These structures provide many functions, the most important being...

[SECURITY] Fedora 17 Update: tremulous-1.2.0-0.4.beta1.fc17

Tremulous is a free, open source game that blends a team based FPS with ele ments of an RTS. Players can choose from 2 unique races, aliens and humans. Players on both teams are able to build working structures in-game like an RTS. These structures provide many functions, the most important being...

BSD Command Shell, Bind TCP Inline (IPv6)

Listen for a connection and spawn a command shell over IPv6 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 87 include Msf::Payload::Single include Msf::Payload::Bsd include...

PHP Command Shell, Bind TCP (via php) IPv6

Listen for a connection and spawn a command shell via php IPv6 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Php inclu...

Unix Command Shell, Bind TCP (via perl) IPv6

Listen for a connection and spawn a command shell via perl This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 152 include Msf::Payload::Single include Msf::Sessions::CommandShellOptio...

Windows Command Shell, Bind TCP (via perl) IPv6

Listen for a connection and spawn a command shell via perl persistent This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 140 include Msf::Payload::Single include...

OpenOffice.org Xterm Spawn

Some friends asked me some tips for how to make a locked down machine that doesn't allow the user to execute anything from the GUI and doesn't have a terminal emulator installed into starting a terminal, using an allowed application, OpenOffice. The below is hardly a security vulnerability unless...