what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 3,166 RSS Feed

Java Files

ABB Cylon Aspect 3.08.01 jsonProxy.php Denial Of Service
Posted Oct 30, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect version 3.08.01 is vulnerable to an unauthenticated denial of service attack in the jsonProxy.php endpoint. An attacker can remotely restart the main Java server by accessing the FTControlServlet with the restart parameter. The endpoint proxies requests to localhost without requiring authentication, enabling attackers to disrupt system availability by repeatedly triggering server restarts.

tags | exploit, java, denial of service, php
SHA-256 | bcacda1a1bffa6ee6d70a54beaff09b511b2a7ae2d1b536e862440ab2a2c5dd7
ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Project Download
Posted Oct 30, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect version 3.08.01 is vulnerable to an unauthorized project file disclosure in jsonProxy.php. An unauthenticated remote attacker can issue a GET request abusing the DownloadProject servlet to download sensitive project files. The jsonProxy.php script bypasses authentication by proxying requests to localhost (AspectFT Automation Application Server), granting remote attackers unauthorized access to internal Java servlets. This exposes potentially sensitive project data and configuration details without requiring authentication.

tags | exploit, java, remote, php
SHA-256 | daeb2790f0aa17137e230e9743c822114097df90c546bcf21d4fe680c859fd52
ABB Cylon Aspect 3.08.01 jsonProxy.php Servlet Inclusion Authentication Bypass
Posted Oct 30, 2024
Authored by LiquidWorm | Site zeroscience.mk

ABB Cylon Aspect version 3.08.01 is vulnerable to remote, arbitrary servlet inclusion. The jsonProxy.php endpoint allows unauthenticated remote attackers to access internal services by proxying requests to localhost. This results in an authentication bypass, enabling attackers to interact with multiple java servlets without authorization, potentially exposing sensitive system functions and information.

tags | exploit, java, remote, arbitrary, php
SHA-256 | a08a2149099c34ec40fd07e93366c624394f11cf20f4846541af94c2dc635080
Debian Security Advisory 5794-1
Posted Oct 22, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5794-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.

tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2024-21208, CVE-2024-21210, CVE-2024-21217, CVE-2024-21235
SHA-256 | d38e317023dbf069ec3844471d1111a0cc4ddfa3e3de5ea812dcba5c6ee80347
Red Hat Security Advisory 2024-8116-03
Posted Oct 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-8116-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-48161
SHA-256 | 732d16b8012b7b71e251ab4230e7cac070ff5b1ccfdfbaa3aaff7788dfb741f9
Red Hat Security Advisory 2024-8127-03
Posted Oct 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-8127-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-48161
SHA-256 | 62549d5d249924ab961dd7c9b2c4a2eb819188a6a21baaade32a5676ad2e9ba8
Red Hat Security Advisory 2024-8124-03
Posted Oct 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-8124-03 - An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-48161
SHA-256 | 09ca931ccbece2e3c273aa9346148ddeef8b4e734787060ac22f7d5b453be882
Red Hat Security Advisory 2024-8121-03
Posted Oct 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-8121-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-48161
SHA-256 | e1e58e77cfd820257808d773543569a667a391713e1d11ebbadfadcf3e57a647
Red Hat Security Advisory 2024-8117-03
Posted Oct 17, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-8117-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-48161
SHA-256 | 7f9544d495cbddbbd330b1e7905507867956341a00b87d290247635782edec7a
Red Hat Security Advisory 2024-8120-03
Posted Oct 16, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-8120-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.

tags | advisory, java, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2023-48161
SHA-256 | a31a89ccdfddb7493f56a94e2aa1b76645fa4f9b01e8c05489ce2432675a1e89
Red Hat Security Advisory 2024-6595-03
Posted Sep 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-6595-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
SHA-256 | 3e5f50c65cd7e6f3ce8cf24387da74023844d4e5a06fe414bf0108bca72fb376
HP SiteScope SOAP Call GetSiteScopeConfiguration Configuration Access
Posted Sep 1, 2024
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in HP SiteScope which allows to retrieve the HP SiteScope configuration, including administrative credentials. It is accomplished by calling the getSiteScopeConfiguration operation available through the APISiteScopeImpl AXIS service. The HP SiteScope Configuration is retrieved as file containing Java serialization data. This Metasploit module has been tested successfully on HP SiteScope 11.20 over Windows 2003 SP2 and Linux Centos 6.3.

tags | exploit, java, bypass
systems | linux, windows, centos
SHA-256 | 49a6293f49b3d88908408822f05f60de61f16258c0921f50adecb84a90811493
Dicoogle PACS Web Server Directory Traversal
Posted Sep 1, 2024
Authored by h00die, Carlos Avila | Site metasploit.com

This Metasploit module exploits an unauthenticated directory traversal vulnerability in the Dicoogle PACS Web Server v2.5.0 and possibly earlier, allowing an attacker to read arbitrary files with the web server privileges. While the application is java based, the directory traversal was only successful against Windows targets.

tags | exploit, java, web, arbitrary
systems | windows
SHA-256 | 8f2ecf1201b59abdcaedb189bb29a75443dfe162b8acf3116d81747473b35059
ColoradoFTP Server 1.3 Build 8 Directory Traversal Information Disclosure
Posted Sep 1, 2024
Authored by h00die, RvLaboratory | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability found in ColoradoFTP server versions less than or equal to 1.3 Build 8. This vulnerability allows an attacker to download and upload arbitrary files from the server GET/PUT command including file system traversal strings starting with \\\. The server is written in Java and therefore platform independent, however this vulnerability is only exploitable on the Windows version.

tags | exploit, java, arbitrary
systems | windows
SHA-256 | 7e76e2aec08f2e3f16cf05e5b0254151c26776c93d30882fbf3f8626e7c8ac0f
JBoss Seam 2 Remote Command Execution
Posted Aug 31, 2024
Authored by Cristiano Maruti, guerrino di massa | Site metasploit.com

JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. This Metasploit modules also has been tested successfully against IBM WebSphere 6.1 running on iSeries. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.

tags | exploit, java, remote, arbitrary
systems | linux, redhat
advisories | CVE-2010-1871
SHA-256 | e5fbbf205a52fd3db322ca559e03ddc183be3dbb1aecbc317c893104e8a8f598
Tomcat UTF-8 Directory Traversal
Posted Aug 31, 2024
Authored by ruggine, aushack | Site metasploit.com

This Metasploit module tests whether a directory traversal vulnerability is present in versions of Apache Tomcat 4.1.0 - 4.1.37, 5.5.0 - 5.5.26 and 6.0.0 - 6.0.16 under specific and non-default installations. The connector must have allowLinking set to true and URIEncoding set to UTF-8. Furthermore, the vulnerability actually occurs within Java and not Tomcat; the server must use Java versions prior to Sun 1.4.2_19, 1.5.0_17, 6u11 - or prior IBM Java 5.0 SR9, 1.4.2 SR13, SE 6 SR4 releases. This Metasploit module has only been tested against RedHat 9 running Tomcat 6.0.16 and Sun JRE 1.5.0-05. You may wish to change FILE (hosts,sensitive files), MAXDIRS and RPORT depending on your environment.

tags | exploit, java
systems | linux, redhat
advisories | CVE-2008-2938
SHA-256 | 074505843e22daa8b105c810b3e9494a29fe2f2609c3910af390ea2827e231d0
ManageEngine Password Manager SQLAdvancedALSearchResult.cc Pro SQL Injection
Posted Aug 31, 2024
Authored by Pedro Ribeiro | Site metasploit.com

ManageEngine Password Manager Pro (PMP) has an authenticated blind SQL injection vulnerability in SQLAdvancedALSearchResult.cc that can be abused to escalate privileges and obtain Super Administrator access. A Super Administrator can then use his privileges to dump the whole password database in CSV format. PMP can use both MySQL and PostgreSQL databases but this module only exploits the latter as MySQL does not support stacked queries with Java. PostgreSQL is the default database in v6.8 and above, but older PMP versions can be upgraded and continue using MySQL, so a higher version does not guarantee exploitability. This Metasploit module has been tested on v6.8 to v7.1 build 7104 on both Windows and Linux. The vulnerability is fixed in v7.1 build 7105 and above.

tags | exploit, java, sql injection
systems | linux, windows
advisories | CVE-2014-8499
SHA-256 | 3bb1458e9aceabbc6baaf58c805fc36d04c4e787a9a2a98f33a3d697bff053f3
SAP Solution Manager Remote Unauthorized OS Commands Execution
Posted Aug 31, 2024
Authored by Dmitry Chastuhin, Pablo Artuso, Vladimir Ivanov, Yvan Genuer | Site metasploit.com

This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet (tc~smd~agent~application~eem) of SAP Solution Manager (SolMan) running version 7.2. The vulnerability occurs due to missing authentication checks when submitting SOAP requests to the /EemAdminService/EemAdmin page to get information about connected SMDAgents, send HTTP request (SSRF), and execute OS commands on connected SMDAgent. Works stable in connected SMDAgent with Java version 1.8. Successful exploitation of the vulnerability enables unauthenticated remote attackers to achieve SSRF and execute OS commands from the agent connected to SolMan as a user from which the SMDAgent service starts, usually the daaadm.

tags | exploit, java, remote, web
advisories | CVE-2020-6207
SHA-256 | d3cd670695bc394e4f3ed861de2d7c717dac789ada16fbb0c7c9e1612d66ab86
Oracle DB 11g R1/R2 DBMS_JVM_EXP_PERMS OS Code Execution
Posted Aug 31, 2024
Authored by Jay Turla | Site metasploit.com

This Metasploit module exploits a flaw (0 day) in DBMS_JVM_EXP_PERMS package that allows any user with create session privilege to grant themselves java IO privileges. Identified by David Litchfield. Works on 11g R1 and R2 (Windows only).

tags | exploit, java
systems | windows
advisories | CVE-2010-0866
SHA-256 | 006cfc0a4524c0c405c992d5d7214fecbb227221dad92bae08a82e1fbd7a8153
Oracle DB 10gR2, 11gR1/R2 DBMS_JVM_EXP_PERMS OS Command Execution
Posted Aug 31, 2024
Authored by Jay Turla | Site metasploit.com

This Metasploit module exploits a flaw (0 day) in DBMS_JVM_EXP_PERMS package that allows any user with create session privilege to grant themselves java IO privileges. Identified by David Litchfield. Works on 10g R2, 11g R1 and R2 (Windows only).

tags | exploit, java
systems | windows
advisories | CVE-2010-0866
SHA-256 | 00d590fbd57dbb615bbbaadeb7e287e8503367f162551807d3d208dadf8fc2c4
Apache Tapestry HMAC secret key leak
Posted Aug 31, 2024
Authored by Johannes Moritz, Yann Castel | Site metasploit.com

This exploit finds the HMAC secret key used in Java serialization by Apache Tapestry. This key is located in the file AppModule.class by default and looks like the standard representation of UUID in hex digits (hd) : 6hd-4hd-4hd-4hd-12hd If the HMAC key has been changed to look differently, this module wont find the key because it tries to download the file and then uses a specific regex to find the key.

tags | exploit, java
advisories | CVE-2021-27850
SHA-256 | b1c7d62902e4bda90669843700bef91f0006f013f404b5ebf2f2d9ae7a80eaf5
Hashtable Collisions
Posted Aug 31, 2024
Authored by Dan S. Wallach, Alexander Klink, Krzysztof Kotowicz, Christian Mehlmauer, Julian Waelde, Scott A. Crosby | Site metasploit.com

This Metasploit module uses a denial-of-service (DoS) condition appearing in a variety of programming languages. This vulnerability occurs when storing multiple values in a hash table and all values have the same hash value. This can cause a web server parsing the POST parameters issued with a request into a hash table to consume hours of CPU with a single HTTP request. Currently, only the hash functions for PHP and Java are implemented. This Metasploit module was tested with PHP + httpd, Tomcat, Glassfish and Geronimo. It also generates a random payload to bypass some IDS signatures.

tags | exploit, java, web, php
advisories | CVE-2011-4858, CVE-2011-4885, CVE-2011-5034, CVE-2011-5035
SHA-256 | b029e67e4fc45769ef0806adf780beee36692122a886f5bb14135c025f43efbc
Microsoft CBC Padding Oracle In Azure Blob Storage Encryption Library
Posted Aug 8, 2024
Authored by rcorrea35 | Site github.com

The Azure Storage Encryption library in Java and other languages is vulnerable to a CBC Padding Oracle attack, similar to CVE-2020-8911. The library is not vulnerable to the equivalent of CVE-2020-8912, but only because it currently only supports AES-CBC as encryption mode. This is Google's proof of concept exploit.

tags | exploit, java, proof of concept
advisories | CVE-2022-30187
SHA-256 | 6c56ab2bf4efebb0273749421604fdf5621afcb2f63120ab2ed4f06a76ac978b
Debian Security Advisory 5738-1
Posted Aug 7, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5738-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of Java sandbox restrictions.

tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21145, CVE-2024-21147
SHA-256 | 813d265dc739824c4ab6e69f47a1f908b3c5100ef0d4a956995fb6a17a51c84c
Debian Security Advisory 5736-1
Posted Aug 5, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5736-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of Java sandbox restrictions.

tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21144, CVE-2024-21145, CVE-2024-21147
SHA-256 | 957d1e7febf0e6ffc2970d2843195a0864cd1906e9b17bd7a94d8dc578a923fa
Page 1 of 127
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close