[Canvas] D2 Exploitation Pack 1.61, February 1 2013

DSquare Security sales at d2sec.com
Mon Feb 4 18:59:00 EST 2013

D2 Exploitation Pack 1.61 has been released with 5 new exploits.

This month we provide you one client-side exploit for IBM Rational 
ClearQuest which have been included in D2 ClientInsider and a remote
code execution for Oracle Business Transaction Management Server.

Also you can find a local privilege escalation via CUPS. D2 pwnrouter
has been updated with a new exploit and D2 passdisclo too.

D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.

For sales inquiries and orders, please contact sales at d2sec.com

DSquare Security, LLC


version 1.61 February 1, 2013

canvas_modules - Added : 
- d2sec_clearquest : IBM Rational ClearQuest CQOle ActiveX Code Execution Vulnerability (Exploit Windows)
- d2sec_btm : Oracle Business Transaction Management Server FlashTunnel Service Remote Code Execution Vulnerability (Web Exploit)
- d2sec_pwnrouters :
  - TP-LINK TL-WR841N Router Remote Command Execution Vulnerability

canvas_modules - Updated :
- d2sec_clientinsider updated with new exploits
- d2sec_nessus updated with export feature
- d2sec_qualys updated with export feature
- d2sec_passdisclo updated with CVE-2012-4574 - Pulp in Red Hat CloudForms before 1.1 

d2sec_modules - Added :
- d2sec_cups : CUPS Local Privilege Escalation Vulnerability

More information about the Canvas mailing list