[Canvas] D2 Exploitation Pack 1.70, November 4 2013
DSquare Security
sales at d2sec.com
Thu Nov 7 17:02:43 EST 2013
D2 Exploitation Pack 1.70 has been released with 5 new exploits and
one new tool.
This month we provide you two remote code execution exploits for
HP PCM+ SNAC Registration Server and one client side exploit for
Indusoft Thin Client.
Also you can find two new exploits for pwnrouter and a tool to
bruteforce default accounts on AS400 ftpd.
D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.
For sales inquiries and orders, please contact sales at d2sec.com
--
DSquare Security, LLC
http://www.d2sec.com
Changelog:
version 1.70 Nov 4, 2013
------------------------------
canvas_modules - Added :
- d2sec_hppcm : HP PCM+ SNAC Registration Server UpdateCertificatesServlet Remote Code Execution Vulnerability (Web Exploit)
- d2sec_hppcm2 : HP PCM+ SNAC Registration Server UpdateDomainControllerServlet Remote Code Execution Vulnerability (Web Exploit)
- d2sec_indusoft : Indusoft Thin Client 7.1 ActiveX Buffer Overflow Vulnerability (Exploit Windows)
- d2sec_as400_ftpd_default_accounts : AS400 Ftpd Default Accounts Bruteforcer (Tool)
- d2sec_pwnrouter :
- Backdoor D-LINK Vulnerability
- Pirelli Discus Password Disclosure Vulnerability
- GUI improvments
canvas_modules - Updated :
- d2sec_clientinsider updated with new exploit
- d2sec_passdisclo updated with CVE-2013-0337 - Nginx log files before 1.3.14
More information about the Canvas
mailing list