Daniele Martini - Security Researcher - Exploit Intelligence Platform

CVE-2012-6096 METASPLOIT ruby WORKING POC

Nagios < 3.4.3 - Memory Corruption

Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable.

View Code

CVE-2012-6066 METASPLOIT ruby WORKING POC

Freesshd < 1.2.6 - Authentication Bypass

freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.

View Code

CVE-2012-6066 EXPLOITDB ruby WORKING POC

Freesshd < 1.2.6 - Authentication Bypass

freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.

View Code

CVE-2012-6096 EXPLOITDB ruby WORKING POC

Nagios < 3.4.3 - Memory Corruption

Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable.

View Code