[Canvas] D2 Exploitation Pack 1.56, September 1 2012

DSquare Security sales at d2sec.com
Sun Sep 2 19:59:50 EDT 2012

D2 Exploitation Pack 1.56 has been released with 4 new exploits.

This month we provide you a client-side exploit for IBM Lotus Quickr 
and a remote exploit for HP OpenView Performance Manager.

Also you can find two local privilege escalation exploits for MacOSX,
the first one via Tunnelblick and the second one via Viscosity.

D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.

For sales inquiries and orders, please contact sales at d2sec.com

DSquare Security, LLC


version 1.56 September 1, 2012

canvas_modules - Updated :
- d2sec_qp2 : IBM Lotus Quickr QP2 ActiveX Remote Code Execution Vulnerability (Exploit Windows)
- d2sec_hpovpm : HP OpenView Performance Manager PMParamHandler Remote Code Execution Vulnerability (Exploit Windows)
- d2sec_tunnelblick : Tunnelblick Local Privileges Escalation (Exploit MacOSX) 
- d2sec_viscosity : Viscosity Local Privileges Escalation (Exploit MacOSX) 

canvas_modules - Updated :
- d2sec_clientinsider updated with new exploit
- d2sec_checkenv :
  - minor updates for Windows and Linux targets
  - add OSX support
- d2sec_lotus_scan : minor bugfixes

d2sec_modules - Updated
- d2sec_bigbrother with twiddle.sh in JBoss AS 5.0 and EAP 5.0 Vulnerability 

More information about the Canvas mailing list