Ben Williams

10 exploits Active since Oct 2000
CVE-2012-4347 METASPLOIT ruby WORKING POC
Symantec Messaging Gateway - Path Traversal
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do.
CVE-2012-3579 METASPLOIT ruby WORKING POC
Symantec Messaging Gateway < 9.5.4 - Access Control
Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session.
CVE-2000-0763 EXPLOITDB c WORKING POC
xlockmore/xlockf < unknown - Privilege Escalation
xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option.
CVE-2012-0308 EXPLOITDB text WORKING POC
Symantec Messaging Gateway <10.0 - CSRF
Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to hijack the authentication of administrators.
CVE-2012-4347 EXPLOITDB text WORKING POC
Symantec Messaging Gateway - Path Traversal
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do.
CVE-2012-3579 EXPLOITDB ruby WORKING POC
Symantec Messaging Gateway < 9.5.4 - Access Control
Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session.
EIP-2026-100930 EXPLOITDB text WORKING POC
Websense 7.6 - Triton Report Management Interface Cross-Site Scripting
EIP-2026-100933 EXPLOITDB text WORKING POC
Websense Triton - Multiple Vulnerabilities
EIP-2026-100932 EXPLOITDB text WORKING POC
Websense 7.6 Triton - 'ws_irpt.exe' Remote Command Execution
EIP-2026-100931 EXPLOITDB text WRITEUP
Websense 7.6 Products - 'favorites.exe' Authentication Bypass