exploit-db-mirror

1408 commits 1 branch 0 tags 286 MiB

Author	SHA1	Message	Date
Offensive Security	d304cc3d3e	DB: 2017-11-24 116602 new exploits Too many to list!	2017-11-24 20:56:23 +00:00
Offensive Security	9640473c86	DB: 2017-07-20 23 new exploits Linux Kernel 3.0.5 - 'test_root()' Function Local Denial of Service Linux Kernel 3.0.5 - 'test_root()' Local Denial of Service SquirrelMail - 'chpasswd' Privilege Escalation (Brute Force Exploit) SquirrelMail - 'chpasswd' Local Privilege Escalation (Brute Force) Kaspersky 17.0.0 - Local CA root Incorrectly Protected Kaspersky 17.0.0 - Local CA Root Incorrectly Protected Castripper 2.50.70 - '.pls' File Stack Buffer Overflow DEP Bypass Castripper 2.50.70 - '.pls' File Stack Buffer Overflow (DEP Bypass) WICD - Local Privilege Esclation Exploit WICD 1.7.1 - Local Privilege Escalation Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 - Insecure File Permissions Crouzet em4 soft 1.1.04 / M3 soft 3.1.2.0 - Insecure File Permissions Oracle Solaris 11.1/11.3 (RSH) - Local Privilege Escalation 'Stack Clash' Exploit OpenBSD - 'at' Local Privilege Escalation 'Stack Clash' Exploit Oracle Solaris 11.1/11.3 (RSH) - 'Stack Clash' Local Privilege Escalation OpenBSD - 'at' 'Stack Clash' Local Privilege Escalation Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap' Local Privilege Escalation 'Stack Clash' Exploit Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64' Local Privilege Escalation 'Stack Clash' Exploit Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic' Local Privilege Escalation 'Stack Clash' Exploit Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap' 'Stack Clash' Local Privilege Escalation Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64' 'Stack Clash' Local Privilege Escalation Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic' 'Stack Clash' Local Privilege Escalation Hashicorp vagrant-vmware-fusion <= 4.0.20 - Local root Privilege Esclation Hashicorp vagrant-vmware-fusion < 4.0.20 - Local Root Privilege Escalation HP OpenView Network Node Manager (OV NNM) 7.53 - OvJavaLocale Buffer Overflow McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion / Remote Code Execution Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion / Remote Code Execution Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion / Remote Command Execution Trend Micro Interscan VirusWall localweb - Directory Traversal Novell Zenworks Mobile Device Managment 2.6.1/2.7.0 - Local File Inclusion (Metasploit) Thomson SpeedTouch 500 Series - LocalNetwork Page name Parameter Cross-Site Scripting Zimbra Collaboration Server 7.2.2/8.0.2 - Local File Inclusion (Metasploit) XAMPP 1.6.x - 'showcode.php' Local File Inclusion Yealink VoIP Phone SIP-T38G - Local File Inclusion InterPhoto Image Gallery 2.4.2 - 'IPLANG' Parameter Local File Inclusion Lotus Mail Encryption Server 2.1.0.1 (Protector for Mail) - Local File Inclusion / Remote Code Execution (Metasploit) DreamBox DM800 - 'file' Parameter Local File Disclosure Xavi 7968 ADSL Router - webconfig/lan/lan_config.html/local_lan_config host_name_txtbox Parameter Cross-Site Scripting TP-Link TL-WR841N Router - Local File Inclusion Mobile USB Drive HD - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities Multiple D-Link DIR Series Routers - 'model/__show_info.php' Local File Disclosure Linux/x86_64 - Reverse Shell (192.168.1.8:4444) Shellcode (104 bytes) Vivvo Article Manager 3.4 - (root) Local File Inclusion Vivvo Article Manager 3.4 - 'root' Local File Inclusion 60cycleCMS 2.5.2 - (DOCUMENT_ROOT) Multiple Local File Inclusion 60cycleCMS 2.5.2 - 'DOCUMENT_ROOT' Multiple Local File Inclusion HP OpenView Network Node Manager (OV NNM) 7.53 - 'OvJavaLocale' Buffer Overflow McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion / Remote Code Execution Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion / Remote Code Execution Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion / Remote Command Execution Trend Micro Interscan VirusWall localweb - Directory Traversal Novell Zenworks Mobile Device Managment 2.6.1/2.7.0 - Local File Inclusion (Metasploit) Thomson SpeedTouch 500 Series - LocalNetwork Page name Parameter Cross-Site Scripting Campsite 2.6.1 - 'LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - 'LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion Campsite 2.6.1 - 'LocalizerConfig.php' 'g_documentRoot' Parameter Remote File Inclusion Campsite 2.6.1 - 'LocalizerLanguage.php' 'g_documentRoot' Parameter Remote File Inclusion Zimbra Collaboration Server 7.2.2/8.0.2 - Local File Inclusion (Metasploit) XAMPP 1.6.x - 'showcode.php' Local File Inclusion Yealink VoIP Phone SIP-T38G - Local File Inclusion InterPhoto Image Gallery 2.4.2 - 'IPLANG' Parameter Local File Inclusion Lotus Mail Encryption Server 2.1.0.1 (Protector for Mail) - Local File Inclusion / Remote Code Execution (Metasploit) DreamBox DM800 - 'file' Parameter Local File Disclosure Xavi 7968 ADSL Router - webconfig/lan/lan_config.html/local_lan_config host_name_txtbox Parameter Cross-Site Scripting TP-Link TL-WR841N Router - Local File Inclusion Mobile USB Drive HD - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities Multiple D-Link DIR Series Routers - 'model/__show_info.php' Local File Disclosure Barracuda Load Balancer Firmware <= 6.0.1.006 - Remote Command Injection (Metasploit) Barracuda Load Balancer Firmware < 6.0.1.006 - Remote Command Injection (Metasploit) Sonicwall Secure Remote Access 8.1.0.2-14sv - Command Injection Sonicwall < 8.1.0.6-21sv - 'gencsr.cgi' Command Injection (Metasploit) Netscaler SD-WAN 9.1.2.26.561201 - Command Injection (Metasploit) Sonicwall < 8.1.0.2-14sv - 'sitecustomization.cgi' Command Injection (Metasploit) Citrix CloudBridge - 'CAKEPHP' Cookie Command Injection	2017-07-20 05:01:21 +00:00

Author

SHA1

Message

Date

Offensive Security

d304cc3d3e

DB: 2017-11-24

116602 new exploits

Too many to list!

2017-11-24 20:56:23 +00:00

Offensive Security

9640473c86

DB: 2017-07-20

23 new exploits

Linux Kernel 3.0.5 - 'test_root()' Function Local Denial of Service
Linux Kernel 3.0.5 - 'test_root()' Local Denial of Service

SquirrelMail - 'chpasswd' Privilege Escalation (Brute Force Exploit)
SquirrelMail - 'chpasswd' Local Privilege Escalation (Brute Force)

Kaspersky 17.0.0 - Local CA root Incorrectly Protected
Kaspersky 17.0.0 - Local CA Root Incorrectly Protected

Castripper 2.50.70 - '.pls' File Stack Buffer Overflow DEP Bypass
Castripper 2.50.70 - '.pls' File Stack Buffer Overflow (DEP Bypass)

WICD - Local Privilege Esclation Exploit
WICD 1.7.1 - Local Privilege Escalation

Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 - Insecure File Permissions
Crouzet em4 soft 1.1.04 / M3 soft 3.1.2.0 - Insecure File Permissions
Oracle Solaris 11.1/11.3 (RSH) - Local Privilege Escalation 'Stack Clash' Exploit
OpenBSD - 'at' Local Privilege Escalation 'Stack Clash' Exploit
Oracle Solaris 11.1/11.3 (RSH) - 'Stack Clash' Local Privilege Escalation
OpenBSD - 'at' 'Stack Clash' Local Privilege Escalation
Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap' Local Privilege Escalation 'Stack Clash' Exploit
Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64' Local Privilege Escalation 'Stack Clash' Exploit
Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic' Local Privilege Escalation 'Stack Clash' Exploit
Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap' 'Stack Clash' Local Privilege Escalation
Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64' 'Stack Clash' Local Privilege Escalation
Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic' 'Stack Clash' Local Privilege Escalation

Hashicorp vagrant-vmware-fusion <= 4.0.20 - Local root Privilege Esclation
Hashicorp vagrant-vmware-fusion < 4.0.20 - Local Root Privilege Escalation

HP OpenView Network Node Manager (OV NNM) 7.53 - OvJavaLocale Buffer Overflow

McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion / Remote Code Execution

Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion / Remote Code Execution

Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion / Remote Command Execution

Trend Micro Interscan VirusWall localweb - Directory Traversal

Novell Zenworks Mobile Device Managment 2.6.1/2.7.0 - Local File Inclusion (Metasploit)

Thomson SpeedTouch 500 Series - LocalNetwork Page name Parameter Cross-Site Scripting

Zimbra Collaboration Server 7.2.2/8.0.2 - Local File Inclusion (Metasploit)

XAMPP 1.6.x - 'showcode.php' Local File Inclusion

Yealink VoIP Phone SIP-T38G - Local File Inclusion

InterPhoto Image Gallery 2.4.2 - 'IPLANG' Parameter Local File Inclusion

Lotus Mail Encryption Server 2.1.0.1 (Protector for Mail) - Local File Inclusion / Remote Code Execution (Metasploit)

DreamBox DM800 - 'file' Parameter Local File Disclosure

Xavi 7968 ADSL Router - webconfig/lan/lan_config.html/local_lan_config host_name_txtbox Parameter Cross-Site Scripting

TP-Link TL-WR841N Router - Local File Inclusion

Mobile USB Drive HD - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities

Multiple D-Link DIR Series Routers - 'model/__show_info.php' Local File Disclosure

Linux/x86_64 - Reverse Shell (192.168.1.8:4444) Shellcode (104 bytes)

Vivvo Article Manager 3.4 - (root) Local File Inclusion
Vivvo Article Manager 3.4 - 'root' Local File Inclusion

60cycleCMS 2.5.2 - (DOCUMENT_ROOT) Multiple Local File Inclusion
60cycleCMS 2.5.2 - 'DOCUMENT_ROOT' Multiple Local File Inclusion

HP OpenView Network Node Manager (OV NNM) 7.53 - 'OvJavaLocale' Buffer Overflow

McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion / Remote Code Execution

Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion / Remote Code Execution

Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion / Remote Command Execution

Trend Micro Interscan VirusWall localweb - Directory Traversal

Novell Zenworks Mobile Device Managment 2.6.1/2.7.0 - Local File Inclusion (Metasploit)

Thomson SpeedTouch 500 Series - LocalNetwork Page name Parameter Cross-Site Scripting
Campsite 2.6.1 - 'LocalizerConfig.php' g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - 'LocalizerLanguage.php' g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - 'LocalizerConfig.php' 'g_documentRoot' Parameter Remote File Inclusion
Campsite 2.6.1 - 'LocalizerLanguage.php' 'g_documentRoot' Parameter Remote File Inclusion

Zimbra Collaboration Server 7.2.2/8.0.2 - Local File Inclusion (Metasploit)

XAMPP 1.6.x - 'showcode.php' Local File Inclusion

Yealink VoIP Phone SIP-T38G - Local File Inclusion

InterPhoto Image Gallery 2.4.2 - 'IPLANG' Parameter Local File Inclusion

Lotus Mail Encryption Server 2.1.0.1 (Protector for Mail) - Local File Inclusion / Remote Code Execution (Metasploit)

DreamBox DM800 - 'file' Parameter Local File Disclosure

Xavi 7968 ADSL Router - webconfig/lan/lan_config.html/local_lan_config host_name_txtbox Parameter Cross-Site Scripting

TP-Link TL-WR841N Router - Local File Inclusion

Mobile USB Drive HD - Multiple Local File Inclusion / Arbitrary File Upload Vulnerabilities

Multiple D-Link DIR Series Routers - 'model/__show_info.php' Local File Disclosure

Barracuda Load Balancer Firmware <= 6.0.1.006 - Remote Command Injection (Metasploit)
Barracuda Load Balancer Firmware < 6.0.1.006 - Remote Command Injection (Metasploit)
Sonicwall Secure Remote Access 8.1.0.2-14sv - Command Injection
Sonicwall < 8.1.0.6-21sv - 'gencsr.cgi' Command Injection (Metasploit)
Netscaler SD-WAN 9.1.2.26.561201 - Command Injection (Metasploit)
Sonicwall < 8.1.0.2-14sv - 'sitecustomization.cgi' Command Injection (Metasploit)
Citrix CloudBridge - 'CAKEPHP' Cookie Command Injection

2017-07-20 05:01:21 +00:00

Renamed from platforms/windows/remote/35410.py (Browse further)

2 commits