[Canvas] D2 Exploitation Pack 1.49, February 1 2012
DSquare Security
sales at d2sec.com
Wed Feb 1 15:22:18 EST 2012
D2 Exploitation Pack 1.49 has been released with 5 new exploits.
This month we provide you a new client side exploit for Novell Zenworks which
has been added to D2 Client Insider. The remote exploits of this release are
for Struts (two different exploits) and Zope/Plone.
Also, you will find a Linux kernel privilege escalation exploit (included in
Kernvuln).
D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.
For sales inquiries and orders, please contact sales at d2sec.com
--
DSquare Security, LLC
http://www.d2sec.com
Changelog:
version 1.49 February 1, 2012
------------------------------
canvas_modules - Added
- d2sec_launchhelp : Novell Zenworks Software Packaging LaunchHelp.dll ActiveX Control Remote Code Execution Vulnerability (Exploit Windows)
- d2sec_zopeplone : Zope/Plone Remote Code Execution Vulnerability (Web Exploit)
- d2sec_struts2 : Apache Struts2 (DebuggingInterceptor) remote command execution vulnerability (Web Exploit)
- d2sec_struts3 : Apache Struts2 (ParametersInterceptor) remote command execution vulnerability (Web Exploit)
- d2sec_kernvuln :
-> add Linux Local Privilege Escalation via SUID /proc/pid/mem Vulnerability
canvas_modules - Updated
- d2sec_clientinsider updated with new exploit
More information about the Canvas
mailing list