what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files from S. Viehbock

First Active2012-12-04
Last Active2014-11-06
Symantec Endpoint Protection 12.1.4023.4080 XXE / XSS / Arbitrary File Write
Posted Nov 6, 2014
Authored by S. Viehbock | Site sec-consult.com

Symantec Endpoint Protection version 12.1.4023.4080 suffers from XXE injection, cross site scripting, and arbitrary file write vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss
advisories | CVE-2014-3437, CVE-2014-3438, CVE-2014-3439
MD5 | f6fb226d1e2212ecf7f04c4de57782a7
F5 BIG-IP 11.5.1 Cross Site Scripting
Posted Aug 28, 2014
Authored by S. Viehbock | Site sec-consult.com

F5 BIG-IP versions 11.5.1 and below suffer from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-4023
MD5 | 1edf12bed5c1cdadc32d85e80675f569
Bitdefender GravityZone File Disclosure / Missing Authentication
Posted Jul 16, 2014
Authored by S. Viehbock | Site sec-consult.com

Bitdefender GravityZone versions prior to 5.1.11.432 suffer from local file disclosure, insecure service configuration, and missing authentication vulnerabilities.

tags | exploit, local, vulnerability
MD5 | f532a7346452550138acf848b8953d7b
Citrix Netscaler Disclosure / Cross Site Scripting
Posted Jul 16, 2014
Authored by S. Viehbock | Site sec-consult.com

Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway are susceptible to cookie disclosure and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2014-4346, CVE-2014-4347
MD5 | 433de575bf1d97e92c38874846086b9c
OpenVPN Access Server Arbitrary Code Execution
Posted Jul 16, 2014
Authored by S. Viehbock | Site sec-consult.com

Remote attackers can execute arbitrary code and execute other attacks on computers with the OpenVPN Access Server "Desktop Client" installed.

tags | advisory, remote, arbitrary
MD5 | 812c5b2d372b3c5e84171c2fc96b6ce2
CoSoSys Endpoint Protector 4 SQL Injection / Backdoor
Posted May 22, 2014
Authored by S. Viehbock | Site sec-consult.com

CoSoSys Endpoint Protector 4 suffers from remote SQL injection, unauthenticated access, information disclosure, and backdoor vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
MD5 | 64f23e130a9c41e408aa75a28a520543
AVG Remote Administration Bypass / Code Execution / Static Keys
Posted May 8, 2014
Authored by S. Viehbock | Site sec-consult.com

AVG Remote Administration version 13.0.0.2892 suffers from authentication bypass, remote code execution, missing entity authentication, and use of static encryption key vulnerabilities.

tags | exploit, remote, vulnerability, code execution
MD5 | 0ceb53d7421ba8d3afa0f52b91c0cb87
Plex Media Server 0.9.9.10 CSRF / Disclosure
Posted Apr 11, 2014
Authored by S. Viehbock | Site sec-consult.com

Plex Media Server version 0.9.9.10 suffers from use of plain text protocols, insecure use of SSL/TLS, unauthenticated information disclosure, and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, protocol, info disclosure, csrf
MD5 | 39dd2a247716b1702d660a532f37b217
Symantec LiveUpdate Administrator 2.3.2.99 Password Reset / SQL Injection
Posted Mar 28, 2014
Authored by S. Viehbock | Site sec-consult.com

Symantec LiveUpdate Administrator versions 2.3.2.99 and below suffer from password reset and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
advisories | CVE-2014-1644, CVE-2014-1645
MD5 | a8ff4d370b9610bdeaefb0bdd8fbb50d
Plex Media Server 0.9.9.2.374-aa23a69 Bypass / File Disclosure
Posted Feb 28, 2014
Authored by S. Viehbock | Site sec-consult.com

Plex Media Server versions 0.9.9.2.374-aa23a69 and below suffer from authentication bypass and local file disclosure vulnerabilities.

tags | exploit, local, vulnerability
MD5 | caef9d52859c1aa6653bf1f05c425a35
Symantec Endpoint Protection 11.0 / 12.0 / 12.1 XXE / SQL Injection
Posted Feb 19, 2014
Authored by S. Viehbock | Site sec-consult.com

Symantec Endpoint Protection versions 11.0, 12.0, and 12.1 suffer from unauthenticated XML external entity injection and unauthenticated local SQL injection vulnerabilities.

tags | advisory, local, vulnerability, sql injection
advisories | CVE-2013-5014, CVE-2013-5015
MD5 | e1dfb43c1297d5ce77dadc1b62edf4d6
Citrix Netscaler 10.0 Denial Of Service
Posted Oct 3, 2013
Authored by S. Viehbock | Site sec-consult.com

A vulnerability was found in the nsconfigd daemon (TCP port 3008/SSL and 3010). This daemon can be crashed by sending a specially crafted message. No prior authentication is necessary. A watchdog daemon (pitboss) automatically restarts nsconfigd after the first six crashes and then reboots the appliance. By sending just a few packets the appliance can be kept in a constant reboot loop resulting in total loss of availability. The vulnerabilities have been verified to exist in Citrix NetScaler VPX (Build 70.7.nc), which was the most recent version at the time of discovery.

tags | advisory, tcp, vulnerability
MD5 | 5db1d933932e69032c28e640b2a8e8aa
Vodafone EasyBox Default WPS PIN Algorithm Weakness
Posted Aug 6, 2013
Authored by S. Viehbock | Site sec-consult.com

Vodafone EasyBox versions 802 and 803 suffer from a default WPS PIN algorithm weakness. The algorithm that generates the default WPS-PIN is entirely based on the MAC address (=BSSID) and serial number of the device. The serial number can be derived from the MAC address.

tags | exploit
MD5 | e736512983518e1ef585fc36440ecb71
Siemens OpenScape Branch / Session Border Controller XSS / Disclosure / Injection
Posted Jun 14, 2013
Authored by S. Viehbock | Site sec-consult.com

Siemens OpenScape Branch and OpenScape Session Border Controller products suffer from cross site scripting, statistical information disclosure, OS command injection, and file disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
MD5 | 9ec6668b959312aa539a59f206c08d23
Barracuda Networks SSHd Backdoor Accounts
Posted Jan 24, 2013
Authored by S. Viehbock | Site sec-consult.com

Multiple Barracuda Networks products suffer from having static backdoor accounts that allow for remote administrative access via SSH.

tags | exploit, remote
MD5 | b71e1002857582b289a768aca1b4774f
Barracuda SSL VPN Authentication Bypass
Posted Jan 24, 2013
Authored by S. Viehbock | Site sec-consult.com

Barracuda SSL VPN suffers from multiple authentication bypass vulnerabilities.

tags | advisory, vulnerability
MD5 | 74869e58c597d068a938287b0a40dcf2
F5 BIG-IP 11.2.0 SQL Injection
Posted Jan 22, 2013
Authored by S. Viehbock | Site sec-consult.com

F5 BIG-IP versions 11.2.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2012-3000
MD5 | a7a55720e2e38546a4cf71e1619e01ad
F5 BIG-IP 11.2.0 XML External Entity Injection
Posted Jan 22, 2013
Authored by S. Viehbock | Site sec-consult.com

F5 BIG-IP versions 11.2.0 and below suffer from an XML external entity injection (XXE) vulnerability.

tags | exploit
advisories | CVE-2012-2997
MD5 | 1da474b1bdd496828a1188f6b28a4075
F5 FirePass SSL VPN 7.0.0 HF-70-6 Local File Inclusion
Posted Dec 4, 2012
Authored by S. Viehbock | Site sec-consult.com

F5 FirePass SSL VPN versions 7.0.0 HF-70-6 and below suffer from an unauthenticated local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 678d1317af85b3a13c477ac95e5a1cf1
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close