CVE-2013-4983

Related Files

Sophos Web Protection Appliance sblistpack Arbitrary Command Execution

Posted Sep 17, 2013

Authored by Francisco Falcon, juan vazquez | Site metasploit.com

This Metasploit module exploits a command injection vulnerability on Sophos Web Protection Appliance 3.7.9, 3.8.0 and 3.8.1. The vulnerability exists on the sblistpack component, reachable from the web interface without authentication. This Metasploit module has been tested successfully on Sophos Virtual Web Appliance 3.7.0.

tags | exploit, web

advisories | CVE-2013-4983, OSVDB-97029

SHA-256 | bcde5e8d8f05d7b1ad0a9daef6977f314f81b4851a6c07b2830229371f0f0838

Download | Favorite | View

Sophos Web Protection Appliance Command Injection

Posted Sep 7, 2013

Authored by Core Security Technologies, Francisco Falcon | Site coresecurity.com

Core Security Technologies Advisory - Sophos Web Protection Appliance versions 3.7.9 and earlier, 3.8.1, and 3.8.0 suffer from multiple OS command injection vulnerabilities.

tags | exploit, web, vulnerability

advisories | CVE-2013-4983, CVE-2013-4984

SHA-256 | 9b18440c26f1295d0a92ba4d7e6ec1dd5c6560e29f7da1ea8bd466580e248550

Download | Favorite | View