This is a presentation called Router Exploitation. It was given at BlackHat 2009. It discusses various vendors such as Cisco, Juniper, Huawei, and more.
d251e8ce38047dd92c1a121ab52dccf2904bfc18ca85475675ae8202a6a1241d
FreeBSD Security Advisory - FreeBSD is binary-compatible with the Linux operating system through a loadable kernel module/optional kernel component. A programming error in the handling of some Linux system calls may result in memory locations being accessed without proper validation. It is possible for a local attacker to overwrite portions of kernel memory, which may result in a privilege escalation or cause a system panic.
6702f60b55d6453bd757f5c5f78ebb7b3615928a68a5c006f536a774870013bf
FreeBSD Security Advisory - The internal authentication server of hostapd does not sufficiently validate the message length field of EAP-TLS messages. A remote attacker could cause the hostapd daemon to abort by sending specially crafted EAP-TLS messages, resulting in a Denial of Service.
2e64da0ea32a2dac049fee64d2e2a83e329082a4961e1f7560ffefb7f8cc5160
FreeBSD Security Advisory - The BIND daemon would crash when a query is made on a resource record with RDATA that exceeds 65535 bytes. The BIND daemon would lock up when a query is made on specific combinations of RDATA. A remote attacker can query a resolving name server to retrieve a record whose RDATA is known to be larger than 65535 bytes, thereby causing the resolving server to crash via an assertion failure in named. An attacker who is in a position to add a record with RDATA larger than 65535 bytes to an authoritative name server can cause that server to crash by later querying for that record. The attacker can also cause the server to lock up with specific combinations of RDATA.
06e1aee7809f7e8aa741e07c76a29eb43443068d25922ef3f329e9890d2bf998
Greenstone Digital Library Software suffers from cross site scripting, password file disclosure, broken salt, and log forging vulnerabilities.
6abb1bda55fdf2a144f85a5781c58e9555df57ab3346329f169d03b28b7f55e7
Cisco WAG120N suffers from a remote command execution vulnerability in setup.cgi.
3f3738e0fe87c901ce923fe505448e7d8a980e7ffb970f817472dc722f51bd86
Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues.
adf8111d665f3a46a324885a6c9a7d02bae0571ab36a5bde6b53d6b571145526
Debian Linux Security Advisory 2576-1 - Andy Lutomirski discovered that tcsd (the TPM userspace daemon) was missing a of input validation. Using carefully crafted input, it can lead to a denial of service by making the daemon crash with a segmentation fault.
800af7d0630c558f72202a51ab53232166e3ed09332a713e3e5689149fd3c4f5
Red Hat Security Advisory 2012-1485-01 - IBM J2SE version 1.4.2 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
5800d65e57ad9bb4e73df7eaa0bf267ac6bcb62d0f916aca821a78511a0157d9
Ubuntu Security Notice 1639-1 - It was discovered that unity-firefox-extension incorrectly handled certain callbacks. A remote attacker could use this issue to cause unity-firefox-extension to crash, resulting in a denial of service, or possibly execute arbitrary code.
725ac6c165fe02ee10a51066b105b9aea48d1b95568665478b3c69d1c88f5843
TrouSerS denial of service proof of concept exploit.
e1cf51f8e3c0f3a2a12e173d4fc14069721e2a542f1a4f8e7716091868d553af
Secunia Security Advisory - ReVuln has reported a vulnerability in Call of Duty Modern Warfare 3, which can be exploited by malicious people to cause a DoS (Denial of Service).
74ae4696c1690a30b0918055fc1a5eb30c489119c5e4523dc2362020cf1e00ca
Secunia Security Advisory - Ubuntu has issued an update for tomcat6. This fixes a weakness and a vulnerability, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
7cb59ea2e45d8333ddd3b466f12449c124b01db49e998b327743b090a28cfb0c
Secunia Security Advisory - High-Tech Bridge has discovered a vulnerability in dotProject, which can be exploited by malicious people to conduct cross-site scripting attacks.
9254f30b6bc9e99898900c97f26701aeede9c5d8b3800b5e3810b05450eeab14
Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya Call Management System, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
7e289a6e4af084024ca3b3175510fcf37297a5b6d02e08fed1a3d4c1de4d0048
Secunia Security Advisory - High-Tech Bridge has discovered multiple vulnerabilities in dotProject, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
eeea1944294076d423641a51cc2075fc77766ddab9325f5699f12aef28bab64c
Secunia Security Advisory - Two vulnerabilities have been reported in Feng Office, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.
033c24c702e8b144736cb6bf26738d0caca812541fa1d03e1cd442f12b0388a8
Secunia Security Advisory - SUSE has issued an update for java-1.7.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
5916af721afbab5dc6b13fe9a2a4ce94c3a911d2d68f7e1c03282a8abbb29eca
Secunia Security Advisory - Ubuntu has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.
072dd70eed54a592832d4588a549e408d601ebb51dc0c48d38fec0072b372619
Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.
74a413a72b87d02f434300b001cca1f8c74a546e8b2b4f58a788f62b513f185c
Secunia Security Advisory - MustLive has discovered a vulnerability in the Archiv plugin for TinyMCE, which can be exploited by malicious people to conduct cross-site scripting attacks.
e61911237faefb0492e36bb2c56ef88903872517fc0e3c3017168898c4f8d6b1
Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli Endpoint Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
7bf30cd539a60fa266e64347af762078a74e09b1516c253556a70aa89b0358f6
Secunia Security Advisory - MustLive has discovered a vulnerability in Liferay Portal, which can be exploited by malicious people to conduct cross-site scripting attacks.
2383056ef5acab921fc8e5538069ae76048303bc413079a050e04059b937a119
Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox and Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.
d53be8d6c393007d6db144b8e9757ca8073932b0d5a4778903aebdc6ccb18e3d
Secunia Security Advisory - Symantec has acknowledged some vulnerabilities in multiple products, which can be exploited by malicious people to compromise a vulnerable system.
fd631d8103a4e841d239abc9bf12f82160ee5cc33f32ac7baba0395cfac8e382