[Canvas] D2 Exploitation Pack 1.52, May 2 2012

DSquare Security sales at d2sec.com
Wed May 2 13:55:39 EDT 2012

D2 Exploitation Pack 1.52 has been released with 4 new exploits and 1 new tool.

This month we provide you two client side exploits for Quest InTrust and Tivoli
Provisioning Manager. Also, you will find a remote code execution exploit for 
phpMyAdmin and a local privilege escalation through pcAnywhere included in D2
execwrapper tool.

The tool of this month will help you to fingerprint a remote WMware ESX/ESXi.

D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.

For sales inquiries and orders, please contact sales at d2sec.com

DSquare Security, LLC


version 1.52 May 2, 2012

canvas_modules - Added :
- d2sec_intrust : Quest InTrust AnnotateX.dll Uninitialized Pointer Code Execution Vulnerability (Exploit Windows)
- d2sec_isig : Tivoli Provisioning Manager Express Stack Overflow Vulnerability (Exploit Windows)
- d2sec_phpmyadmin_rce : Phpmyadmin config file code injection vulnerability (Web Exploit)
- d2sec_vmware_fingerprint : VMWare ESX/ESXi Fingerprint Scanner (Tools)

canvas_modules - Updated :
- d2sec_clientinsider updated with new exploits
- d2sec_execwrapper :
  -> Symantec pcAnywhere Insecure File Permissions Local Privilege Escalation Exploit
- d2sec_sshmosdef : minor update

d2sec_modules - Updated :
- d2sec_defaultpass updated with Open Mesh Router default account

More information about the Canvas mailing list