what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

Files from Tanya Secker

First Active2012-04-12
Last Active2024-08-31
Plixer Scrutinizer NetFlow And SFlow Analyzer HTTP Authentication Bypass
Posted Aug 31, 2024
Authored by MC, sinn3r, Jonathan Claudius, Tanya Secker | Site metasploit.com

This will add an administrative account to Scrutinizer NetFlow and sFlow Analyzer without any authentication. Versions such as 9.0.1 or older are affected.

tags | exploit
advisories | CVE-2012-2626
SHA-256 | 49a2f85914fe62a59a5b35436be0129aeb6f0625b2437d7ef4016b0001eb50ea
Download | Favorite | View
Tableau Server Blind SQL Injection
Posted Feb 11, 2014
Authored by Tanya Secker | Site trustwave.com

Tableau server suffers from a remote blind SQL injection vulnerability. Versions 8.1.X before 8.1.2 and 8.0.X before 8.0.7 are affected.

tags | exploit, remote, sql injection
advisories | CVE-2014-1204
SHA-256 | ebf6b43d894838fe1a6ca916802d8cfcb730ad9a2026321cedbb90facb145ccd
Download | Favorite | View
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
Posted Aug 8, 2012
Authored by sinn3r, Mario Ceballos, Jonathan Claudius, Tanya Secker | Site metasploit.com

This exploits an insecure config found in Scrutinizer NetFlow & sFlow Analyzer. By default, the software installs a default password in MySQL, and binds the service to "0.0.0.0". This allows any remote user to login to MySQL, and then gain arbitrary remote code execution under the context of 'SYSTEM'. Examples of default credentials include: 'scrutinizer:admin', and 'scrutremote:admin'.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2012-3951, OSVDB-84317
SHA-256 | 61e06a2fa99c7125dcd2af5faeafdcb8556b0880070d66206fa0180b420ee612
Download | Favorite | View
Scrutinizer 8.6.2 Bypass / Cross Site Scripting / SQL Injection
Posted Apr 12, 2012
Authored by Tanya Secker | Site trustwave.com

Scrutinizer NetFlow and sFlow Analyzer version 8.6.2 suffers from authentication bypass, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2012-1258, CVE-2012-1259, CVE-2012-1260, CVE-2012-1261
SHA-256 | 86781806a8d76416882371c450d483f0f4d9a6334ea56d9463f55a227d424643
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close