Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying module details 21 - 30 of 2711 in total

ManageEngine Eventlog Analyzer Arbitrary File Upload Exploit

Disclosed: August 31, 2014

This module exploits a file upload vulnerability in ManageEngine Eventlog Analyzer. The vulnerability exists in the agentUpload servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. By combining both weaknesses a remote attacker can achieve remote code execution. This module h...

ManageEngine DeviceExpert User Credentials Exploit

Disclosed: August 28, 2014

This module extracts usernames and salted MD5 password hashes from ManageEngine DeviceExpert version 5.9 build 5980 and prior. This module has been tested successfully on DeviceExpert version 5.9.7 build 5970.

Railo Remote File Include Exploit

Disclosed: August 26, 2014

This module exploits a remote file include vulnerability in Railo, tested against version 4.2.1. First, a call using a vulnerable <cffile> line in thumbnail.cfm allows an atacker to download an arbitrary PNG file. By appending a .cfm, and taking advantage of ...

NTP Mode 6 REQ_NONCE DRDoS Scanner Exploit

Disclosed: August 25, 2014

This module identifies NTP servers which permit mode 6 REQ_NONCE requests that can be used to conduct DRDoS attacks. In some configurations, NTP servers will respond to REQ_NONCE requests with a response larger than the request, allowing remote attackers to cause a distributed, reflected denial of service (aka, "D...

NTP Mode 7 PEER_LIST_SUM DoS Scanner Exploit

Disclosed: August 25, 2014

This module identifies NTP servers which permit "PEER_LIST_SUM" queries and return responses that are larger in size or greater in quantity than the request, allowing remote attackers to cause a distributed, reflected denial of service (aka, "DRDoS" or traffic amplification) via spoofed requests.

NTP Mode 7 PEER_LIST DoS Scanner Exploit

Disclosed: August 25, 2014

This module identifies NTP servers which permit "PEER_LIST" queries and return responses that are larger in size or greater in quantity than the request, allowing remote attackers to cause a distributed, reflected denial of service (aka, "DRDoS" or traffic amplification) via spoofed requests.

NTP Mode 6 UNSETTRAP DRDoS Scanner Exploit

Disclosed: August 25, 2014

This module identifies NTP servers which permit mode 6 UNSETTRAP requests that can be used to conduct DRDoS attacks. In some configurations, NTP servers will respond to UNSETTRAP requests with multiple packets, allowing remote attackers to cause a distributed, reflected denial of service (aka, "DRDoS" or traffic ...

NTP Mode 7 GET_RESTRICT DRDoS Scanner Exploit

Disclosed: August 25, 2014

This module identifies NTP servers which permit "reslist" queries and obtains the list of restrictions placed on various network interfaces, networks or hosts. The reslist feature allows remote attackers to cause a distributed, reflected denial of service (aka, "DRDoS" or traffic amplification) via spoofed request...

SolarWinds Storage Manager Authentication Bypass Exploit

Disclosed: August 19, 2014

This module exploits an authentication bypass vulnerability in Solarwinds Storage Manager. The vulnerability exists in the AuthenticationFilter, which allows to bypass authentication with specially crafted URLs. After bypassing authentication, is possible to use a file upload function to achieve remote code execution. Thi...