The Intersil extension in the Boa HTTP Server 0.93.x - 0.94.11 allows basic authentication bypass when the user string is greater than 127 bytes long. The long string causes the password to be overwritten in memory, which enables the attacker to reset the password. In addition, the malicious attempt also may cause a denial-of-service condition. Please note that you must set the request URI to the directory that requires basic authentication in order to work properly.
2f1be5078d3f7dd3df4c5ec50ce87ebf28f8550be93957887f8d14842b8685baThis code exploits a common misconfiguration in JBoss Application Server. Whenever the JMX Invoker is exposed with the default configuration, a malicious "MarshalledInvocation" serialized Java object allows to execute arbitrary code. This exploit works even if the "Web-Console" and the "JMX Console" are protected or disabled.
2f89a911033600e43c401de947c053ee9c90b4063ccb92f8ff41a305ec2aa1aaZend Java Bridge version 3.1 remote code execution exploit that takes advantage of a specific flaw in the javamw.jar service.
5b230d5d0d8b69815ef55baf27ebfe72e28fd2c2e03ebc062420fdb5fcd6d19eThis Metasploit module exploits a buffer overflow in NetSupport Manager Agent. It uses a similar ROP to the proftpd_iac exploit in order to avoid non executable stack.
97cfba55ad99e70aab89080a5fd28096914ddedef3359cfe0a68bdb2d98b0bffNetSupport Manager Agent suffers from a stack-based buffer overflow vulnerability. Version 11 for Linux, 9.50 for Solaris, and 11.00 for Mac OS X are confirmed vulnerable. The advisory and exploit are both included in this archive.
6417f7b4beba8da9495af360dd98ebbd189845733d7c21caf922ea23a26883beIBM WebSphere suffers from arbitrary file retrieval vulnerabilities.
de8dc2b772ab07ee4cd4c5c0720677050407868ec9368f5cf31cdc98f583d590Oracle Secure Backup Administration Server suffers from authentication bypass and command injection vulnerabilities.
8bbf1a7668ebf7f94b2ec20073f80c9f8f048f84184c40ab8880774b4df54dd6This is a presentation called HTTP Parameter Pollution that focuses on manipulation and injection of HTTP GET/POST parameters.
df989e106011230b8418a8adeaad6d36878992bf93ca8fd2ac0c12fef5be85faMortbay Jetty versions 7.0.0-pre5 and below dispatcher servlet denial of service exploit.
f66271be2229a03b1932399b1b0b4487d492f57519db5138a2bb1f932b5197b8ZeroShell versions 1.0beta11 and below suffer from a remote code execution vulnerability.
15b6637e4b0289913a8d4d63a52e96e1a32f244030761fbf336ec8cf371497fdThe 3Com OfficeConnect wireless cable/dsl router suffers from an authentication bypass vulnerability.
aa080901b45cce39e49530c28026faaa434bace8effcbd668c55029fb4655d06DFLabs PTK versions 1.0 and below suffer from a local command execution vulnerability. Full exploitation details provided.
5695f2251816085038d0b232c49173e5e2e8df4fefa8aac2a2c8d23da4b18bdbThe Nokia Mini Map Browser suffers from a silent crash vulnerability.
ea8657ee3bff0560317b033c2fec9f30414dbc0595ff68403bf49e94ffbca132This is a list of fuzzing vectors used in order to trigger directory traversal vulnerabilities. It is quite a huge list composed using different encodings and bizarre attack patterns reported in several vulnerability advisories.
4ba540799aa51a24dc790a72c68a21a526b853367d539adee6941a805954e2e4Further analysis regarding the HP System Management
50cafab5d8ea833ac02ac9ae4a102f63d72c36a385c1f8949e6ee5291fbf724fThe Philips VOIP841 DECT cordless phone with an embedded Skype client suffers from a hidden administrative interface with a default login, directory traversal, and cross site scripting vulnerabilities.
ca377cc63b1fdc961af36a095f187918a72cd8179c8b5930245727e8467eb649Simple PHP Blog version 0.5.0.1, 0.4.8, and all previous versions suffer from cross site scripting and arbitrary file upload vulnerabilities.
3027e00fe1c5d2f7de12da1db873e56561637229d6fbf0c6be6c6cc5383dd35cGCALDaemon version 1.0-beta13 is susceptible to denial of service attacks via a specially crafted HTTP request.
bf70ecc515ce42e68f77786ee109556869210e65b7c5f9d7ca197255326672c8It is possible to bypass HTTP basic authentication on Boa version 0.93.15.
ca7942dc4171dd5917fcf795566ace2e929664f8d6e883117aa9a78d535cf174Hummingbird Collaboration versions 5.2.1 and below suffer from cross site scripting, improper file handling, and information disclosure vulnerabilities.
f3a90a238b8ae699d77c308f0f0bf299c07360001f625c4774af61491c1676e7By sending trigger packets to the management port (280/http-mgmt) of a Siemens Santis 50 wireless router, the device freezes the web interface and allows unauthenticated access to the telnet CLI.
55fd63fc68a9ff21180c20280c664708b42386f538608ed1c889437dee91b9b0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed