|
|
|
0 members (),
811
guests, and
25
robots. |
|
Key:
Admin,
Global Mod,
Mod
|
|
S |
M |
T |
W |
T |
F |
S |
|
|
|
|
1
|
2
|
3
|
4
|
|
5
|
6
|
7
|
8
|
9
|
10
|
11
|
|
12
|
13
|
14
|
15
|
16
|
17
|
18
|
|
19
|
20
|
21
|
22
|
23
|
24
|
25
|
|
26
|
27
|
28
|
29
|
30
|
31
|
|
|
There are no members with birthdays on this day. |
#675129
Thu 20 Oct 2022 02:34:PM
|
Joined: Feb 2001
Posts: 381,903
Launch Director
|
OP
Launch Director
Joined: Feb 2001
Posts: 381,903 |
This Metasploit module creates a .tar file that can be emailed to a Zimbra server to exploit CVE-2022-41352. If successful, it plants a JSP-based backdoor in the public web directory, then executes that backdoor. The core vulnerability is a path-traversal issue in the cpio command-line utility that can extract an arbitrary file to an arbitrary location on a Linux system (CVE-2015-1197). Most Linux distros have chosen not to fix it. This issue is exploitable on Red Hat-based systems (and other hosts without pax installed) running versions Zimbra Collaboration Suite 9.0.0 Patch 26 and below and Zimbra Collaboration Suite 8.8.15 Patch 33 and below. Source: Zimbra Collaboration Suite TAR Path Traversal
|
|
CMS The Best Conveyancing solicitors conveyancing quotes throughout the UK
For any webhosting enquiries please email webmaster@aus-city.com
|
|
Forums60
Topics684,850
Posts719,461
Members2,957
| |
Most Online3,142
Jan 16th, 2023
|
|
|
|
|
Copyright 1996 - 2023 by David Cottle. Designed by David Bate Jr. All Rights Reserved.
By using this forum, the user agrees not to transfer any data or technical information received under the agreement, to any other entity without the express approval of the AUS-CITY Forum Admins and/or authors of individual posts (Forum Admins and DoD/USSPACECOM for the analysis of satellite tracking data).
Two-line elements (TLE) and all other satellite data presented and distributed via this forum and e-mail lists of AUS-CITY are distributed with permission from DoD/USSTRATCOM.
Reprise Hosting
|
|
