[Canvas] D2 Exploitation Pack 1.52, May 2 2012
DSquare Security
sales at d2sec.com
Wed May 2 13:55:39 EDT 2012
D2 Exploitation Pack 1.52 has been released with 4 new exploits and 1 new tool.
This month we provide you two client side exploits for Quest InTrust and Tivoli
Provisioning Manager. Also, you will find a remote code execution exploit for
phpMyAdmin and a local privilege escalation through pcAnywhere included in D2
execwrapper tool.
The tool of this month will help you to fingerprint a remote WMware ESX/ESXi.
D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.
For sales inquiries and orders, please contact sales at d2sec.com
--
DSquare Security, LLC
http://www.d2sec.com
Changelog:
version 1.52 May 2, 2012
------------------------------
canvas_modules - Added :
- d2sec_intrust : Quest InTrust AnnotateX.dll Uninitialized Pointer Code Execution Vulnerability (Exploit Windows)
- d2sec_isig : Tivoli Provisioning Manager Express Stack Overflow Vulnerability (Exploit Windows)
- d2sec_phpmyadmin_rce : Phpmyadmin config file code injection vulnerability (Web Exploit)
- d2sec_vmware_fingerprint : VMWare ESX/ESXi Fingerprint Scanner (Tools)
canvas_modules - Updated :
- d2sec_clientinsider updated with new exploits
- d2sec_execwrapper :
-> Symantec pcAnywhere Insecure File Permissions Local Privilege Escalation Exploit
- d2sec_sshmosdef : minor update
d2sec_modules - Updated :
- d2sec_defaultpass updated with Open Mesh Router default account
More information about the Canvas
mailing list