[Canvas] D2 Exploitation Pack 1.66, July 1 2013

DSquare Security sales at d2sec.com
Fri Jul 5 17:20:27 EDT 2013

D2 Exploitation Pack 1.66 has been released with 4 new exploits.

This month we provide you a client-side exploit for Oracle WebCenter 
Content which has been included in D2 ClientInsider and a remote code 
execution exploit for Novell ZENworks Mobile Management.

Also you can find a local privilege escalation exploit for Linux and
another one for FreeBSD.

D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.

For sales inquiries and orders, please contact sales at d2sec.com

DSquare Security, LLC


version 1.66 July 1, 2013

canvas_modules - Added :
- d2sec_coao : Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Control Remote Code Execution Vulnerability (Exploit Windows)
- d2sec_zmdm : Novell ZENworks Mobile Management DUSAP.php Remote Code Execution Vulnerability (Web Exploit)
- d2sec_kernvuln :
  - d2sec_perf_swevent_init : Linux kernel perf_swevent_init Local Privilege Escalation Exploit

canvas_modules - Updated :
- d2sec_clientinsider updated with new exploit

d2sec_modules - Added :
- d2sec_mmap : FreeBSD 9 Address Space Manipulation Privilege Escalation Vulnerability (Exploit FreeBSD)

More information about the Canvas mailing list