exploit-db-mirror

bpmcdevitt/exploit-db-mirror

Fork 0

Commit graph

Author	SHA1	Message	Date
Offensive Security	5dc941e36b	DB: 2016-12-06 5 new exploits Foxit Reader 4.1.1 - Stack Overflow (Egghunter Mod) Foxit Reader 4.1.1 - Stack Overflow (Egghunter) iSQL 1.0 - Shell Command Injection iSQL 1.0 - Command Injection Microsoft Authorization Manager 6.1.7601 - 'azman' XML External Entity Injection Microsoft Excel Starter 2010 - XML External Entity Injection Microsoft Windows Media Center 6.1.7600 - 'ehshell.exe' XML External Entity Injection Samba 2.2.x - Remote Root Buffer Overflow Samba 2.2.x - Buffer Overflow PoPToP PPTP 1.1.4-b3 - Remote Root Exploit Snort 1.9.1 - 'p7snort191.sh' Remote Root Exploit PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit PoPToP PPTP 1.1.4-b3 - Remote Command Execution Snort 1.9.1 - 'p7snort191.sh' Remote Command Execution PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Command Execution Sendmail 8.12.8 - Prescan() BSD Remote Root Exploit Sendmail 8.12.8 - Prescan() BSD Remote Command Execution WsMp3d 0.x - Remote Root Heap Overflow WsMp3d 0.x - Heap Overflow Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit Atftpd 0.6 - 'atftpdx.c' Remote Command Execution Samba 2.2.8 - (Brute Force Method) Remote Root Exploit Samba 2.2.8 - (Brute Force Method) Remote Command Execution WU-FTPD 2.6.2 - Off-by-One Remote Root Exploit WU-FTPD 2.6.2 - Off-by-One Remote Command Execution WU-FTPD 2.6.2 - Remote Root Exploit WU-FTPD 2.6.2 - Remote Command Execution WU-FTPD 2.6.0 - Remote Root Exploit WU-FTPD 2.6.0 - Remote Command Execution LPRng 3.6.22/23/24 - Remote Root Exploit LPRng 3.6.22/23/24 - Remote Command Execution LPRng 3.6.24-1 - Remote Root Exploit LPRng 3.6.24-1 - Remote Command Execution WU-FTPD 2.6.1 - Remote Root Exploit SSH (x2) - Remote Root Exploit WU-FTPD 2.6.1 - Remote Command Execution SSH (x2) - Remote Command Execution BSD TelnetD - Remote Root Exploit (1) BSD TelnetD - Remote Command Execution (1) Sendmail with clamav-milter < 0.91.2 - Remote Root Exploit Sendmail with clamav-milter < 0.91.2 - Remote Command Execution ProFTPd IAC 1.3.x - Remote Root Exploit ProFTPd IAC 1.3.x - Remote Command Execution Exim 4.63 - Remote Root Exploit Exim 4.63 - Remote Command Execution Splunk - Remote Root Exploit Splunk - Remote Command Execution FreeBSD OpenSSH 3.5p1 - Remote Root Exploit FreeBSD OpenSSH 3.5p1 - Remote Command Execution HP Data Protector (Linux) - Remote Root Shell HP Data Protector (Linux) - Remote Command Execution FreeBSD ftpd and ProFTPd on FreeBSD - Remote Root Exploit FreeBSD ftpd and ProFTPd on FreeBSD - Remote Command Execution Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion (Root Remote Code Execution) Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion (Remote Code Execution) BSD TelnetD - Remote Root Exploit (2) BSD TelnetD - Remote Command Execution (2) Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion (Root Remote Code Execution) Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion (Remote Command Execution) Sendmail 8.6.9 IDENT - Remote Root Exploit Sendmail 8.6.9 IDENT - Remote Command Execution Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Shell Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Exploit ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/root SQL Injection ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/Root SQL Injection H-Sphere Webshell 2.4 - Remote Root Exploit H-Sphere Webshell 2.4 - Remote Command Execution MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Root Exploit MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Command Execution Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution Ubiquiti AirOS 5.5.2 - Authenticated Remote Command Execution Allied Telesis AT-MCF2000M 3.0.2 - Gaining Root Shell Access Allied Telesis AT-MCF2000M 3.0.2 - Remote Command Execution Novell NCP - Unauthenticated Remote Root Exploit Novell NCP - Unauthenticated Remote Command Execution Seowonintech Devices - Remote Root Exploit Seowonintech Devices - Remote Command Execution ASUS RT-AC66U - acsd Parameter Remote Root Shell ASUS RT-AC66U - 'acsd' Parameter Remote Command Execution ASUS RT-N56U - Remote Root Shell Buffer Overflow (ROP) ASUS RT-N56U - Remote Buffer Overflow (ROP) NovaSTOR NovaNET 12.0 - Remote Root Exploit NovaSTOR NovaNET 12.0 - Remote Command Execution ALCASAR 2.8 - Remote Root Code Execution ALCASAR 2.8 - Remote Code Execution F5 iControl - Remote Root Command Execution (Metasploit) F5 iControl - Remote Command Execution (Metasploit) Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit) Barracuda Firmware 5.0.0.012 - Authenticated Remote Command Execution (Metasploit) Seagate Central 2014.0410.0026-F - Remote Root Exploit Seagate Central 2014.0410.0026-F - Remote Command Execution Proxmox VE 3/4 - Insecure Hostname Checking Remote Root Exploit Proxmox VE 3/4 - Insecure Hostname Checking Remote Command Execution Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit) Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit) (3) Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Command Execution (Metasploit) BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution Alcatel Lucent Omnivista 8770 - Remote Code Execution Windows x86 - Password Protected TCP Bind Shell (637 bytes) Windows x86 - Password Protected TCP Bind Shellcode (637 bytes) Windows x86 - URLDownloadToFileA() + SetFileAttributesA() + WinExec() + ExitProcess() Shellcode (394 bytes) Windows x86 - URLDownloadToFileA() / SetFileAttributesA() / WinExec() / ExitProcess() Shellcode (394 bytes) Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon Shellcode (83_ 148_ 177 bytes) Linux/x86-64 - Syscall Persistent Bind Shell / Multi-terminal / Password / Daemon Shellcode (83_ 148_ 177 bytes) Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal Shellcode (84_ 122_ 172 bytes) Linux/x86-64 - Subtle Probing Reverse Shell / Timer_ Burst / Password / Multi-Terminal Shellcode (84_ 122_ 172 bytes) Linux/x86 - NetCat Bind Shell with Port (44 / 52 bytes) Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes) Linux/x86 - NetCat Bind Shellcode with Port (44 / 52 bytes) Linux/x86 - zsh TCP Port 9090 Bind Shellcode (96 bytes) Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Command Execution SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Root/SYSTEM Exploit SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Command Execution D-Link DSR Router Series - Remote Root Shell D-Link DSR Router Series - Remote Command Execution Alacate-Lucent OmniVista 4760 - Multiple Cross-Site Scripting Vulnerabilities Alcatel Lucent Omnivista 4760 - Multiple Cross-Site Scripting Vulnerabilities ALCASAR 2.8.1 - Remote Root Code Execution ALCASAR 2.8.1 - Remote Code Execution SevOne NMS 5.3.6.0 - Remote Root Exploit SevOne NMS 5.3.6.0 - Remote Command Execution Iris ID IrisAccess ICU 7000-2 - Remote Root Command Execution Iris ID IrisAccess ICU 7000-2 - Remote Command Execution NUUO NVRmini 2 3.0.8 - Remote Root Exploit NUUO NVRmini 2 3.0.8 - Remote Code Execution EyeLock nano NXT 3.5 - Remote Root Exploit EyeLock nano NXT 3.5 - Remote Code Execution InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Command Execution	2016-12-06 05:01:19 +00:00

Author

SHA1

Message

Date

Offensive Security

5dc941e36b

DB: 2016-12-06

5 new exploits

Foxit Reader 4.1.1 - Stack Overflow (Egghunter Mod)
Foxit Reader 4.1.1 - Stack Overflow (Egghunter)

iSQL 1.0 - Shell Command Injection
iSQL 1.0 - Command Injection
Microsoft Authorization Manager 6.1.7601 - 'azman' XML External Entity Injection
Microsoft Excel Starter 2010 - XML External Entity Injection
Microsoft Windows Media Center 6.1.7600 - 'ehshell.exe' XML External Entity Injection

Samba 2.2.x - Remote Root Buffer Overflow
Samba 2.2.x - Buffer Overflow
PoPToP PPTP 1.1.4-b3 - Remote Root Exploit
Snort 1.9.1 - 'p7snort191.sh' Remote Root Exploit
PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit
PoPToP PPTP 1.1.4-b3 - Remote Command Execution
Snort 1.9.1 - 'p7snort191.sh' Remote Command Execution
PoPToP PPTP 1.1.4-b3 - 'poptop-sane.c' Remote Command Execution

Sendmail 8.12.8 - Prescan() BSD Remote Root Exploit
Sendmail 8.12.8 - Prescan() BSD Remote Command Execution

WsMp3d 0.x - Remote Root Heap Overflow
WsMp3d 0.x - Heap Overflow

Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit
Atftpd 0.6 - 'atftpdx.c' Remote Command Execution

Samba 2.2.8 - (Brute Force Method) Remote Root Exploit
Samba 2.2.8 - (Brute Force Method) Remote Command Execution

WU-FTPD 2.6.2 - Off-by-One Remote Root Exploit
WU-FTPD 2.6.2 - Off-by-One Remote Command Execution

WU-FTPD 2.6.2 - Remote Root Exploit
WU-FTPD 2.6.2 - Remote Command Execution

WU-FTPD 2.6.0 - Remote Root Exploit
WU-FTPD 2.6.0 - Remote Command Execution

LPRng 3.6.22/23/24 - Remote Root Exploit
LPRng 3.6.22/23/24 - Remote Command Execution

LPRng 3.6.24-1 - Remote Root Exploit
LPRng 3.6.24-1 - Remote Command Execution
WU-FTPD 2.6.1 - Remote Root Exploit
SSH (x2) - Remote Root Exploit
WU-FTPD 2.6.1 - Remote Command Execution
SSH (x2) - Remote Command Execution

BSD TelnetD - Remote Root Exploit (1)
BSD TelnetD - Remote Command Execution (1)

Sendmail with clamav-milter < 0.91.2 - Remote Root Exploit
Sendmail with clamav-milter < 0.91.2 - Remote Command Execution

ProFTPd IAC 1.3.x - Remote Root Exploit
ProFTPd IAC 1.3.x - Remote Command Execution

Exim 4.63 - Remote Root Exploit
Exim 4.63 - Remote Command Execution

Splunk - Remote Root Exploit
Splunk - Remote Command Execution

FreeBSD OpenSSH 3.5p1 - Remote Root Exploit
FreeBSD OpenSSH 3.5p1 - Remote Command Execution

HP Data Protector (Linux) - Remote Root Shell
HP Data Protector (Linux) - Remote Command Execution

FreeBSD ftpd and ProFTPd on FreeBSD - Remote Root Exploit
FreeBSD ftpd and ProFTPd on FreeBSD - Remote Command Execution

Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion (Root Remote Code Execution)
Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion (Remote Code Execution)

BSD TelnetD - Remote Root Exploit (2)
BSD TelnetD - Remote Command Execution (2)

Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion (Root Remote Code Execution)
Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion (Remote Command Execution)

Sendmail 8.6.9 IDENT - Remote Root Exploit
Sendmail 8.6.9 IDENT - Remote Command Execution

Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Shell
Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Exploit

ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/root SQL Injection
ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/Root SQL Injection

H-Sphere Webshell 2.4 - Remote Root Exploit
H-Sphere Webshell 2.4 - Remote Command Execution

MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Root Exploit
MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Command Execution

Ubiquiti AirOS 5.5.2 - Remote Authenticated Root Command Execution
Ubiquiti AirOS 5.5.2 - Authenticated Remote Command Execution

Allied Telesis AT-MCF2000M 3.0.2 - Gaining Root Shell Access
Allied Telesis AT-MCF2000M 3.0.2 - Remote Command Execution

Novell NCP - Unauthenticated Remote Root Exploit
Novell NCP - Unauthenticated Remote Command Execution

Seowonintech Devices - Remote Root Exploit
Seowonintech Devices - Remote Command Execution

ASUS RT-AC66U - acsd Parameter Remote Root Shell
ASUS RT-AC66U - 'acsd' Parameter  Remote Command Execution

ASUS RT-N56U - Remote Root Shell Buffer Overflow (ROP)
ASUS RT-N56U - Remote Buffer Overflow (ROP)

NovaSTOR NovaNET 12.0 - Remote Root Exploit
NovaSTOR NovaNET 12.0 - Remote Command Execution

ALCASAR 2.8 - Remote Root Code Execution
ALCASAR 2.8 - Remote Code Execution

F5 iControl - Remote Root Command Execution (Metasploit)
F5 iControl - Remote Command Execution (Metasploit)

Barracuda Firmware 5.0.0.012 - Authenticated Remote Root Exploit (Metasploit)
Barracuda Firmware 5.0.0.012 - Authenticated Remote Command Execution (Metasploit)

Seagate Central 2014.0410.0026-F - Remote Root Exploit
Seagate Central 2014.0410.0026-F - Remote Command Execution

Proxmox VE 3/4 - Insecure Hostname Checking Remote Root Exploit
Proxmox VE 3/4 - Insecure Hostname Checking Remote Command Execution

Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Root Exploit (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Root Exploit (Metasploit)
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit) (3)
Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Command Execution (Metasploit)
BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution
Alcatel Lucent Omnivista 8770 - Remote Code Execution

Windows x86 - Password Protected TCP Bind Shell (637 bytes)
Windows x86 - Password Protected TCP Bind Shellcode (637 bytes)

Windows x86 - URLDownloadToFileA() + SetFileAttributesA() + WinExec() + ExitProcess() Shellcode (394 bytes)
Windows x86 - URLDownloadToFileA() / SetFileAttributesA() / WinExec() / ExitProcess() Shellcode (394 bytes)

Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon Shellcode (83_ 148_ 177 bytes)
Linux/x86-64 - Syscall Persistent Bind Shell / Multi-terminal / Password / Daemon Shellcode (83_ 148_ 177 bytes)

Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal Shellcode (84_ 122_ 172 bytes)
Linux/x86-64 - Subtle Probing Reverse Shell / Timer_ Burst / Password / Multi-Terminal Shellcode (84_ 122_ 172 bytes)
Linux/x86 - NetCat Bind Shell with Port (44 / 52 bytes)
Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes)
Linux/x86 - NetCat Bind Shellcode with Port (44 / 52 bytes)
Linux/x86 - zsh TCP Port 9090 Bind Shellcode (96 bytes)

Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit
Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Command Execution

SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Root/SYSTEM Exploit
SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x - Remote Command Execution

D-Link DSR Router Series - Remote Root Shell
D-Link DSR Router Series - Remote Command Execution

Alacate-Lucent OmniVista 4760 - Multiple Cross-Site Scripting Vulnerabilities
Alcatel Lucent Omnivista 4760 - Multiple Cross-Site Scripting Vulnerabilities

ALCASAR 2.8.1 - Remote Root Code Execution
ALCASAR 2.8.1 - Remote Code Execution

SevOne NMS 5.3.6.0 - Remote Root Exploit
SevOne NMS 5.3.6.0 - Remote Command Execution

Iris ID IrisAccess ICU 7000-2 - Remote Root Command Execution
Iris ID IrisAccess ICU 7000-2 - Remote Command Execution

NUUO NVRmini 2 3.0.8 - Remote Root Exploit
NUUO NVRmini 2 3.0.8 - Remote Code Execution

EyeLock nano NXT 3.5 - Remote Root Exploit
EyeLock nano NXT 3.5 - Remote Code Execution

InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Root Command Execution
InfraPower PPS-02-S Q213V1 - Unauthenticated Remote Command Execution

2016-12-06 05:01:19 +00:00

1 commit