This Metasploit module attempts to exploit multiple issues in order to gain remote code execution under Pandora FMS versions equal to and prior to 5.0 SP2. First, an attempt to authenticate using default credentials is performed. If this method fails, a SQL injection vulnerability is leveraged in order to extract the "Auto Login" password hash. If this value is not set, the module will then extract the administrator account's MD5 password hash.
fc913d99854d2c8194e4f3b46434494278885d559958fa670ed923151a77b005xEpan version 1.0.1 suffers from a cross site request forgery vulnerability.
93905a94b8881af358eda8b862d28a7d5a7bdbd6d87c6e77054c3f04728082bfAndroid versions prior to 5.0 suffer from a remote SQL injection vulnerability in the opt module WAPPushManager.
18706be9be8033c24e8c2f06033de0b992c7dd3941e112ef9d8ce5cecd8fdef9Android versions prior to 5.0 allow an unprivileged application the ability to resend all the SMS's stored in the users phone.
9954c7e735f97d8deaa62bdd4dd7a93cbbb3e11d2057e1ba006ba091a07683fcIn Android versions prior to 5.0 and possibly greater than and equal to 4.0, Settings application leaks Pendingintent with a blank base intent (neither the component nor the action is explicitly set) to third party applications. Due to this, a malicious app can use this to broadcast intent with the same permissions and identity of the Settings application, which runs as SYSTEM uid.
cfc2aeebb8ce7b28e800f8cd2c1a2ef4f012afd9da67892dea7842b3fef42e7cDevice42 DCIM Appliance Manager versions 5.10 and 6.0 have hardcoded credentials and also suffer from remote command injection vulnerabilities.
47d0bb4ee432dc13a705f89a07909d8cdbdeeb3f951e98bf1888d524fb84ce61Device42 DCIM Appliance Manager versions 5.10 and 6.0 with WAN emulator version 2.3 remote command injection exploit for Metasploit that leverages traceroute.
e2f6512a30f338fd030b36604071a79b13a88b9fdf4c8034dc527a27aa2ff592Device42 DCIM Appliance Manager versions 5.10 and 6.0 with WAN emulator version 2.3 remote command injection exploit for Metasploit that leverages ping.
09e949ee2c12810265edcb0ba195795b730ea412d995e215b44e58c84ea6d497Red Hat Security Advisory 2014-1906-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. It was found that OpenShift Enterprise 2.1 did not properly restrict access to services running on different gears. This could allow an attacker to access unprotected network resources running in another user's gear. In a previous update, OpenShift Enterprise 2.2 introduced the oo-gear-firewall command, which creates firewall rules and SELinux policy to contain services running on gears to their own internal gear IPs. The command is invoked by default during new installations of OpenShift Enterprise 2.2 to prevent this security issue.
0dab918722c6ec216cdaf16e5440d534c679006cc8fc02bb2ddd7d4dbe5f3701Red Hat Security Advisory 2014-1905-01 - In accordance with the Red Hat OpenShift Enterprise Life Cycle Policy, the two-year life cycle of Production Support for version 1.2 will end on November 27, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. We encourage customers to plan their migration from Red Hat OpenShift Enterprise 1.2 to the latest version of Red Hat OpenShift Enterprise. To upgrade to Red Hat OpenShift Enterprise, see Chapter "Upgrading from Previous Versions" in the Deployment Guide document linked to in the References section.
34471336d64a9c5139a369fddb38e1039d2d0806937c94e3166737f33fa1d6e1Ubuntu Security Notice 2422-1 - Sebastian Krahmer discovered that the Squid pinger incorrectly handled certain malformed ICMP packets. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service.
5fdc5acc1edf7df5cda92a56d8dbdf15b46e052c4cb9d59558795e6dd31d2f64Red Hat Security Advisory 2014-1904-01 - Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.0 release serves as a replacement for JBoss Operations Network 3.2.3, and includes several bug fixes.
08286d712bd0348c6cd4b0a13b9ab8c187c2b56282df28b0c856697c4f5c3ab8Mandriva Linux Security Advisory 2014-228 - Multiple vulnerabilities has been discovered and corrected in phpmyadmin including cross site scripting, local file inclusion, and more. This upgrade provides the latest phpmyadmin version to address these vulnerabilities.
4ad8db5a3462d8d6458e9ea5a122cd9a183f280fd342ec596d4e7ad7343d37afDebian Linux Security Advisory 3076-1 - Multiple vulnerabilities were discovered in the dissectors/parsers for SigComp UDVM, AMQP, NCP and TN5250, which could result in denial of service.
b5a22abfd28b464fa89973934fb7502afe6c213084a9450d8b4d6fabc7e997a1HP Security Bulletin HPSBUX03166 SSRT101489 1 - A potential security vulnerability has been identified in the HP-UX running PAM using libpam_updbe in pam.conf(4). This vulnerability could allow remote users to bypass certain authentication restrictions. Revision 1 of this advisory.
2ee57559ffe1105bf1578d18543641ed83da279858e40c971fde79a81b4a755bHP Security Bulletin HPSBGN03203 1 - A potential security vulnerability has been identified with HP CMS: UCMDB Browser running OpenSSL. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
8281554f5b51f6acd0e47dfe32db3e2d7d3f99d482865c62907f01596d09e599HP Security Bulletin HPSBGN03201 1 - A potential security vulnerability has been identified with HP Asset Manager running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
8d3005a1b0c642ff69a47c82927bf40817a1e1a51024896e3b5e09498f2f302fHP Security Bulletin HPSBST03148 1 - A potential security vulnerability has been identified with certain HP StoreOnce Gen 2 Backup systems running Bash Shell. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. NOTE: Versions of HP StoreOnce Gen 2 Backup software prior to 2.3.02 contain the vulnerable version of Bash. However, HP is unaware of any method that would allow this vulnerability to be exploited on HP StoreOnce Gen 2 Backup systems but is providing an updated version of Bash Shell as a precaution. Revision 1 of this advisory.
004f0402a1b18363987419f90e5d1da127d2865f9f82eb63474f13b373a541c3HP Security Bulletin HPSBMU03214 1 - A potential security vulnerability has been identified with HP Systinet running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
5ee6de586eb2db1855ec3f8ac1c16341e1ee99491b3bc38b16ec20d914ac3e61CCH Wolters Kluwer PFX Engagement versions 7.1 and below suffer from a local privilege escalation vulnerability.
36550649271a777da5e3bdb31f777a4a5c0c5f089e34ab04078ef57d4129ecbeMyBB versions 1.8.2 and below suffer from an unset_globals() function bypass and remote code execution vulnerabilities.
a691b9b40b1b09c878c6dabf004797b5a74ac29c49123dfae6aadb61bdba3161phpBB versions 3.1.1 and below suffer from a deregister_globals() bypass vulnerability.
05feb1c2143bc563aea79f035ee6a9f2a25fd7538e2a1eaf959167cbc2e80130Slider Revolution versions 3.0.95 and below and Showbiz Pro versions 1.7.1 and below suffer from a remote shell upload vulnerability.
ca657f1a9a31a06a387229bf959af2f2630ece3badc1c268a0ca6e9c67272e71WordPress Sexy Squeeze Pages plugin suffers from a cross site scripting vulnerability.
8793ad38d9dfbe4490552ccd9b80858ec761b30f9e6cba3c99073dba85c6703dApadana CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
122e5a72a6b60aa528956dc8cfaaad8b4971a382ce424a8ef9fd8aabae24348d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed