"DefPack" Updates

DefPack 1.5

- Acunetix Web Vulnerability Scanner 9.5
- CellVision Systems Control Remote Buffer Overflow. [0-day]
- HP Data Protector Remote Code Execution Vulnerability
- Solarwinds Orion Service SQL Injection Vulnerability. CVE-2014-9566



DefPack 1.4

- RuggedCom devices password generator tool. www.exploit-db.com/exploits/18779/
- FSSO Prior to build 237 - Denial of Service. CVE-2015-2281



DefPack 1.3

- Cisco CUCM Unified Communications Manager directory traversal vulnerability. CVE-2011-2562,CVE-2011-2561,CVE-2011-2560,CVE-2011-1643


DefPack 1.2

ag_trend_micro_DoS - TrendMicro Control Manager CmdProcessor.exe DoS. based on public vuln
ag_solarwinds_rce - Solarwinds Firewall Security Manager. CVE-2015-2284



DefPack 1.1

ag_Symantec_Messaging_Gateway - Symantec Messaging Gateway 9.5.3-3 Arbitrary File Download
ag_symantec_web_gateway_rce - Command injection in Symantec Web Gateway pbcontrol.php



DefPack 1.0

June 10, 2015

First Beta release of the Defence Exploits package contains 17 modules.

- ag_ibm_security_appscan_rce - IBM Security AppScan Standard <= 9.0.2 - OLE Automation Array Remote Code Execution Exploit

- ag_acunetix_sbo - Stack buffer overflow in acunetix

- ag_anti_malware_urce - Malwarebytes Anti-Malware Update Remote Code Execution Exploit

- ag_Bitdefender_GravityZone - Bitdefender GravityZone Directory Traversal Vulnerability

- ag_Check_Point_Firewall - Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow

- ag_Fortigate_Firewalls_CSRF - Fortigate Firewalls - CSRF Vulnerability

- ag_ManageEngine_Firewall_Analyzer_DirTrav - ManageEngine Firewall Analyzer Directory Traversal

- ag_mcafee_epo_xxe - McAfee ePolicy Orchestrator Authenticated XXE Credentials Exposure

- ag_McAfee_overwrite_arbitrary_files - McAfee Virtual Technician (MVT) 6.5.0.2101 Arbitrary File Replace

- ag_pcAnywhere_DoS - Symantec pcAnywhere 12.5.x through 12.5.3 DoS

- ag_Symantec_Data_Center_sql - Symantec Data Center SQL Injection

- ag_symantec_endpoint_manager_rce - This module exploits XXE and SQL injection flaws in Symantec Endpoint Protection Manager

- ag_symantec_endpoint_protection_afd - Symantec Endpoint Protection 12.1.4023.4080 Arbitrary File Deletion Exploit

- ag_symantec_pcanywhere_1250 - Symantec pcanywhere buffer overflow

- ag_Symantec_Web_Gateway_lfi_2 - Symantec Web Gateway 5.0.2.8 Local File Inclusion

- ag_Symantec_Web_Gateway_sql - Symantec Web Gateway 5.0.2 Blind SQL Injection

- ag_WatchGuard_DoS - WatchGuard Firewall XTM Denial Of Service Exploit