Disclosed: May 27, 2014
This module uses a dictionary to brute force valid usernames from
Cerberus FTP server via SFTP. This issue affects all versions of
the software older than 184.108.40.206 or 220.127.116.11 and is caused by a discrepancy
in the way the SSH service handles failed logins for valid and invalid
users. This issue was discovered by S...
Disclosed: May 23, 2014
This module exploits an stack based buffer overflow on Yokogawa CS3000. The vulnerability
exists in the service BKFSim_vhfd.exe when using malicious user-controlled data to create
logs using functions like vsprintf and memcpy in a insecure way. This module has been
tested successfully on Yokogawa Centum CS3000 R3.08.50 ov...
Disclosed: May 22, 2014
This module exploits an anonymous remote code execution vulnerability on different D-Link
devices. The vulnerability is an stack based buffer overflow in the my_cgi.cgi component,
when handling specially crafted POST HTTP requests addresses to the /common/info.cgi
handler. This module has been successfully tested on D-Lin...
Disclosed: May 20, 2014
Easy File Management Web Server v4.0 and v5.3 contains a stack buffer
overflow condition that is triggered as user-supplied input is not
properly validated when handling the UserID cookie. This may allow a
remote attacker to execute arbitrary code.
Disclosed: May 15, 2014
This module exploits an anonymous remote code execution vulnerability on different
D-Link devices. The vulnerability is due to an stack based buffer overflow while
handling malicious HTTP POST requests addressed to the HNAP handler. This module
has been successfully tested on D-Link DIR-505 in an emulated environment.
Disclosed: May 13, 2014
Disclosed: May 12, 2014
This module exploits a code execution flaw in Symantec Workspace Streaming. The
vulnerability exists in the ManagementAgentServer.putFile XMLRPC call exposed by the
as_agent.exe service, which allows for uploading arbitrary files under the server root.
This module abuses the auto deploy feature in the JBoss as_ste.exe ins...
Disclosed: May 05, 2014
This module exploits a code execution flaw in AlienVault 4.6.1 and
prior. The vulnerability exists in the av-centerd SOAP web service,
where the update_system_info_debian_package method uses perl backticks
in an insecure way, allowing command injection. This module has been
tested successfully on AlienVault 4.6.0.
Disclosed: April 29, 2014
This module exploits an injection vulnerability in Cogent DataHub prior
to 7.3.5. The vulnerability exists in the GetPermissions.asp page, which
makes insecure use of the datahub_command function with user controlled
data, allowing execution of arbitrary datahub commands and scripts. This
module has been tested su...
Disclosed: April 28, 2014
This module exploits a buffer overflow vulnerability in Adobe Flash Player. The
vulnerability occurs in the flash.Display.Shader class, when setting specially
crafted data as its bytecode, as exploited in the wild in April 2014. This module
has been tested successfully on IE 6 to IE 11 with Flash 11, Flash 12 and Flash 13...