Exploits/Remote

AV Evasion Improvements v2

This update updates AV evasion for agents generated using the binary wrapper, which is used by Package and Register, Serve Agent in Web Server, and similar executable generating modules.

Trojan Agents Enhancements Rev 02

This update improves the reliability and AV Evasion of Agents generated with modules: . Package and Register Agent . Send Agent by E-Mail . Serve Agent in Web Server

CloudMe Sync Buffer Overflow Exploit

Unauthenticated remote attackers that can connect to the "CloudMe Sync" client application listening on port 8888, can send a malicious payload causing a Buffer Overflow condition. This will result in an attacker controlling the programs execution flow and allowing arbitrary code execution on the victims PC.

GoAhead WebServer Remote Code Execution Exploit

Embedthis GoAhead before 3.6.5 and after 2.5.0 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0.

AllMediaServer HTTP Request Buffer Overflow Exploit

AllMediaServer is prone to a buffer overflow when handling specially crafted HTTP request packets.

Advantech WebAccess Webvrpcs Service DrawSrv Untrusted Pointer Dereference Exploit

The specific flaw exists within the implementation of the 0x2723 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this functionality to execute code under the context of Administrator.

Dup Scout Enterprise Username Buffer Overflow Exploit

Dup Scout is prone to a buffer overflow when handling an overly long username.

VX Search Enterprise POST Buffer Overflow Exploit

VX Search Enterprise is prone to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring.

Adobe ColdFusion Java JMX-RMI Remote Code Execution Exploit

Adobe ColdFusion is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine.