Seagate Central by default has a passwordless root account (and no option to change it). This exploit logs into the ftp server and uploads a php shell to the webroot. From there, the uploaded shell can execute commands with root privileges as lighttpd.
4a656cf67191a9b5d586dc37c9e4d421b37d29b2e9e8805a00d6eaf3e1021219Seagate Central stores linked Facebook account access tokens in /etc/archive_accounts.ser and this exploit takes advantage of two bugs - Passwordless root login via FTP to retrieve archive_accounts.ser file which contains access tokens and reuses the unencrypted and unprotected (-rw-r--r--) access tokens for a chosen scope to return data.
63740e368582aaa39bf0e329e2d82cdd141937b5026cb93e2a3e1238803204cfRed Hat Security Advisory 2015-1066-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to upstream version 5.4.40, which provides a number of bug fixes over the version shipped in Red Hat Software Collections 1.
737b0fc8464520a03cda25d1868c5e45d2eda21dfbca75a7f5d7a523dcde4ef1Red Hat Security Advisory 2015-1064-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 collection provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. The python27-python packages have been upgraded to upstream version 2.7.8, which provides numerous bug fixes over the previous version.
c0e3cc2e371398b78ff43e1a431500d56f2413e503a376c528eedca74106238fRed Hat Security Advisory 2015-1052-01 - Thermostat is a monitoring and instrumentation tool for the OpenJDK HotSpot Java Virtual Machine with support for monitoring multiple JVM instances. A pluggable agent and GUI framework allow users to collect and visualize performance data beyond what is included out of the box. The thermostat1 packages have been upgraded to upstream version 1.2.0, which provides a number of bug fixes and enhancements over the previous version.
96baedde8efeaaf2e6afd0dcb8a95bbdbbeeb52213e7566166d882bc79235547Red Hat Security Advisory 2015-1053-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to upstream version 5.5.21, which provides multiple bug fixes over the version shipped in Red Hat Software Collections 1.
277990d32ba3a0e77323741d4d5dd06eb3a124cd7bc3d266dc530c4f8981c0baProductCart version 2.1 suffers from a database disclosure vulnerability.
0724e5cd6f4a2667daa98cade6f3c6b7a2b499e51de04b6d29cf3a36fea9a683pppBLOG version 0.3.11 suffers from access bypass and cross site scripting vulnerabilities.
812913eb79c1c2f7fe823b5e41256d3deedf5d6c2db9111a97b370be3b8cddc3Open Letters Newsletter system version 1.0.5 suffers from administrative bypass and cross site scripting vulnerabilities. Note that this finding houses site-specific data.
eb31e179eff6e05f01694b31bdaf5986e9b9d4d4651c55d3c3b851d1f5b3094aMaian Gallery version 2.0 suffers from remote SQL injection and HTTP response splitting vulnerabilities.
1c6557b8dbbf946c30aecec14d588df09501a4e754dbc38d8a8e867bd9cd2cc8CmyDocument CMS suffers from a database disclosure vulnerability.
255d2593b0d8394a83a6d45be2b4298c74a92e7b305064e6eb5ea9fee51894ffChmool Net version 2 suffers from direct unauthenticated administrative interface access and remote SQL injection vulnerabilities.
5f002c181b6999b277ce4e7e2f273b7947fc864d43404860ad56a62786d11b93Chmool Net version 1 suffers from a direct unauthenticated administrative interface access vulnerability.
610fe35da414f7d74defec162c6888efba6272496701995863d5ed7f860371abAnimaGallery version 2.6 suffers from cross site scripting, local file inclusion, and remote shell upload vulnerabilities.
6a28e86c1becd8cea7bcb780eb4c64b569e0e62f5ce962b4b7c0030a6922d440Gargoyle routers version 1.5.x suffers from an authenticated remote code execution vulnerability.
ecbb41195177b9d9a6c2ccfa3cc768ae104f3e7a093d08cb8fb1c052aa17bf26
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed