[Canvas] D2 Exploitation Pack 1.55, August 2 2012

DSquare Security sales at d2sec.com
Fri Aug 3 04:48:05 EDT 2012


D2 Exploitation Pack 1.55 has been released with 4 new exploits.

This month we provide you a client-side exploit for Dell Webcam and
a remote web expoit for Zend which is used in major web applications.

Also you can find a local user hash disclosure pour OSX and a privilege
escalation with Symantec LiveUpdate Administrator.

D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.

For sales inquiries and orders, please contact sales at d2sec.com


--
DSquare Security, LLC
http://www.d2sec.com


Changelog:

version 1.55 August 2, 2012
------------------------------

canvas_modules - Added :
- d2sec_crazytalk : Dell Webcam ActiveX crazytalk4.ocx Code Execution Vulnerability (Exploit Windows)
- d2sec_zend_xmlrpc : Multiple Zend Local file disclosure via XXE injection Vulnerabilities (Web Exploit)
- d2sec_OSX_CVE-2011-3435 : Local User Hash Disclosure Vulnerability (Exploit MacOSX)

canvas_modules - Updated :
- d2sec_execwrapper :
  -> Symantec LiveUpdate Administrator Insecure File Permissions Local Privilege Escalation Exploit
  -> Minor update



More information about the Canvas mailing list