Exploits/Remote File Disclosure

OpenSSH xauth Command Injection Vulnerability Exploit

An authenticated user may inject arbitrary xauth commands by sending an x11 channel request that includes a newline character in the x11 cookie. The newline acts as a command separator to the xauth binary. The injected xauth commands are performed with the effective permissions of the logged in user. This attack requires the server to have 'X11Forwarding yes' enabled. This module injects source xauth command to retrieve arbitrary files.

HP Intelligent Management IctDownloadServlet Directory Traversal Exploit

This module exploits a directory traversal vulnerability in HP Intelligent Management Center. Due to a lack of authentication and a directory traversal vulnerability in the IctDownloadServlet component, an attacker can retrieve arbitrary files.

HP Intelligent Management FaultDownloadServlet Directory Traversal Exploit

This module exploits a directory traversal vulnerability in HP Intelligent Management Center. Due to a lack of authentication and a directory traversal vulnerability in the FaultDownloadServlet component, an attacker can retrieve arbitrary files.