security without boundaries

Register | Login

FilesNewsUsersAuthors

Home Files News About Contact Add New

Showing 1 - 8 of 8

Files from joernchen

sudo 1.8.3p1 Format String

Posted Jan 30, 2012

Authored by joernchen | Site phenoelit.de

sudo versions 1.8.0 through 1.8.3p1 suffer from a format string vulnerability that allows for privilege escalation.

tags | exploit

MD5 | b2036d45402949553965c07da5b6d34c

Download | Favorite | Comments (0)

Gitorious Remote Command Execution

Posted Jan 28, 2012

Authored by joernchen | Site phenoelit.de

Gitorious versions prior to 2.1.1 suffer from a remote command execution vulnerability.

tags | exploit, remote

MD5 | 29144dc4f809ee2b0f9f56dd45971982

Download | Favorite | Comments (0)

Gitorious Arbitrary Command Execution

Posted Jan 21, 2012

Authored by joernchen | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in the in gitorious. Unvalidated input is send to the shell allowing command execution.

tags | exploit, arbitrary, shell

MD5 | 689ddf3546d96485c325e6ed260ee72a

Download | Favorite | Comments (0)

Spreecommerce 0.60.1 Arbitrary Command Execution

Posted Oct 10, 2011

Authored by joernchen | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in the Spreecommerce search. Unvalidated input is called via the Ruby send method allowing command execution.

tags | exploit, arbitrary, ruby

MD5 | c5507048e088c83936d0f914767dec99

Download | Favorite | Comments (0)

Spreecommerce Arbitrary Command Execution

Posted Apr 22, 2011

Authored by joernchen | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in the Spreecommerce API searchlogic. Unvalidated input is called via the Ruby send method allowing command execution.

tags | exploit, arbitrary, ruby

MD5 | 51ac93a2c2e2d1830bf37204c78c23a9

Download | Favorite | Comments (0)

Distributed Ruby Send instance_eval/syscall Code Execution

Posted Mar 28, 2011

Authored by joernchen | Site metasploit.com

This Metasploit module exploits remote code execution vulnerabilities in dRuby.

tags | exploit, remote, vulnerability, code execution

MD5 | 1ddfb7438e9601a8ff41f0ece5b3ef06

Download | Favorite | Comments (0)

Distributed Ruby Send Syscall Vulnerability

Posted Mar 23, 2011

Authored by joernchen | Site metasploit.com

This Metasploit module exploits remote syscalls in DRuby.

tags | exploit, remote

MD5 | c0bf40e9779a3089040539556689b6eb

Download | Favorite | Comments (0)

Redmine SCM Repository Arbitrary Command Execution

Posted Dec 27, 2010

Authored by joernchen | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in the Redmine repository controller. The flaw is triggered when a rev parameter is passed to the command line of the SCM tool without adequate filtering.

tags | exploit, arbitrary

MD5 | 786ab1c4d70bf6985b3a787fcf48a0f6

Download | Favorite | Comments (0)