[Canvas] D2 Exploitation Pack 1.68, September 1 2013

DSquare Security sales at d2sec.com
Thu Sep 5 17:25:56 EDT 2013

D2 Exploitation Pack 1.68 has been released with 6 new exploits.

This month we provide you two client-side exploits for HP LoadRunner
which have been included in D2 ClientInsider and one privilege 
escalation exploit for VMware.

Also you can find three new exploits for pwnrouter.

D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.

For sales inquiries and orders, please contact sales at d2sec.com

DSquare Security, LLC


version 1.68 Sep 1, 2013

canvas_modules - Added :
- d2sec_lrweb : HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution Vulnerability (Exploit Windows)
- d2sec_micwa : HP LoadRunner micWebAjax.dll ActiveX NotifyEvent Buffer Overflow Vulnerability (Exploit Windows)
- d2sec_pwnrouter :
  - Western Digital My Net Series Information Disclosure Vulnerability
  - Sitecom N300/N600 Undocumented Telnet service and hard-coded credentials Vulnerability
  - Netgear Prosafe Information Disclosure Vulnerability

canvas_modules - Updated :
- d2sec_clientinsider updated with new exploits
- d2sec_defaultpass updated with SAP BusinessObjects Axis2

d2sec_modules - Added :
- d2sec_vmware : VMWare Setuid vmware-mount Unsafe popen(3) Vulnerability (Linux Exploit)

More information about the Canvas mailing list