SSH Public Key Login Scanner

This module will test ssh logins on a range of machines using a defined private key file, and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access. Key files may be a single...

Application launch using Anonymous user account resets the Session Limit Timer to 10

While launching an application for unauthenticated/Anonymous user, the idle tab for the Anon account might default back to 10 minutes even after manually setting it to some other value. The following steps can be followed to test the behavior: From a VDA running 7.9 or higher, run the below .exe ...

F5 with StoreFront session timeout closing active sessions

When the StoreFront session times out, it's closing active ICA sessions. We found the issue is only happening when authenticating via F5 frontend. When Authenticating via F5. After 20 minutes the Citrix Desktop and storefront session shuts down. After 17 minutes, a 3 mins countdown starts in the...

Dasan Networks GPON ONT WiFi Router H64X Series - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Dasan Networks GPON ONT WiFi Router H64X Series Cross-Site Request Forgery Vendor: Dasan Networks Product web page: http://www.dasannetworks.com | http://www.dasannetworks.eu Affected version: Model: H640GR-02 H640GV-03 H640GW-02 H640RW-0...

Dasan Networks GPON ONT WiFi Router H64X Series - Cross-Site Request Forgery

Dasan Networks GPON ONT WiFi Router H64X Series Cross-Site Request Forgery Vendor: Dasan Networks Product web page: http://www.dasannetworks.com | http://www.dasannetworks.eu Affected version: Model: H640GR-02 H640GV-03 H640GW-02 H640RW-02 H645G Firmware: 3.03p1-1145 3.03-1144-01 3.02p2-1141...

meredithwellness.com XSS vulnerability

Vulnerable URL: https://meredithwellness.com/index.php?emsg=Your%20session%20has%20timed%20out%20or%20expired.%20Please%20login%20to%20continue...

smartmovesplanner.com XSS vulnerability

Vulnerable URL: https://www.smartmovesplanner.com/Login.aspx?message=Session+has+timed+out"'--!confirmOPENBUGBOUNTY...

Power Managed Server VDA's does not receive shutdown request

Randomly some of the Power Managed Server VDA's receive a shutdown request approximately 20 mins after the scheduled reboot and do not power on automatically and remain Turned Off. Scout logs detect the following: Some Power Actions are marked as failures by Broker possibly because VDAs are not...

Microsoft Malware Protection Engine Denial of Service Vulnerability

A denial of service vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to a scan timeout. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affecte...

Dup Scout Enterprise 9.5.14 - GET Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Dup Scout Enterprise GET Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability ...

OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0100)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix DNSKEY that encountered a CNAME 1447869, ISC change 3391 - Fix CVE-2017-3136 ISC change 4575 - Fix CVE-2017-3137 ISC change 4578 - Fix and test caching CNAME before DNAME ISC change 4558 - Fix...

Denial Of Service (DoS)

github.com/gliderlabs/connectable is vulnerable to denial of service DoS attacks. The vulnerability exists because it does not contain a timeout when waiting on the other system it wishes to connect to...

Brute Force Attacks

github.com/tyktechnologies/tyk is vulnerable to brute force attacks. The library does not have any timeout configured, allowing a malicious user to have numerous retries to brute force the password for an account...

Denial Of Service (DoS)

github.com/hlandau/acme is vulnerable to denial of service DoS attacks. A malicious user can have multiple clients connect to the redirector system and crash it because the redirector does not have a timeout...

OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2017-3136 ISC change 4575 - Fix CVE-2017-3137 ISC change 4578 - Fix and test caching CNAME before DNAME ISC change 4558 - Fix CVE-2016-9147 ISC change 4510 - Fix regression introduced by...

CVE-2016-6338

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries...

CVE-2016-6338

The CVE-2016-6338 issue affects ovirt-engine-webadmin (used by Red Hat Enterprise Virtualization Manager, RHEV-M, and RHEV-M 4.0). Root cause: webadmin session timeouts not properly enforced, enabling bypass via UI-driven actions that trigger repeating queries. Impact: potential session hijack/by...

CVE-2016-6338

ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager aka RHEV-M for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which trigger repeating queries...

PT-2017-8968 · Red Hat · Red Hat Enterprise Virtualization Manager

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization Manager RHEV-M version 4.0 Description: The issue allows physically proximate attackers to bypass a webadmin session timeout restriction. This is achieved via vectors related to UI selections, which trigger...

Upload and Execute

Push a file and execute it. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Upload and Execute', 'Description' = %qPush a file and execute it., 'Author' = 'egypt', 'License' = MSFLICENSE,...