all things security
Showing 1 - 13 of 13 RSS Feed

Files from Stefan Viehbock

First Active2011-12-29
Last Active2017-06-07
WiMAX CPE Authentication Bypass
Posted Jun 7, 2017
Authored by Stefan Viehbock | Site sec-consult.com

Various WiMAX CPEs are vulnerable to an authentication bypass. An attacker can set arbitrary configuration values without prior authentication. The vulnerability is located in commit2.cgi (implemented in libmtk_httpd_plugin.so).

tags | exploit, arbitrary, cgi
MD5 | cd86304aec43ab3feeb8080444d44eba
Sony IPELA ENGINE IP Cameras Backdoor Accounts
Posted Dec 6, 2016
Authored by Stefan Viehbock | Site sec-consult.com

Sony IPELA ENGINE IP Cameras contain multiple backdoors that, among other functionality, allow an attacker to enable the Telnet/SSH service for remote administration over the network. Other available functionality may have undesired effects to the camera image quality or other camera functionality. After enabling Telnet/SSH, another backdoor allows an attacker to gain access to a Linux shell with root privileges.

tags | exploit, remote, shell, root
systems | linux
MD5 | 4de5c510fc38fb6a30c60e297e892ce3
Aruba Networks / Alcatel-Lucent Private Key Disclosure
Posted Sep 6, 2016
Authored by Stefan Viehbock | Site sec-consult.com

Various Aruba Networks and Alcatel-Lucent products have a private key for a browser-trusted certificate embedded in firmware.

tags | exploit
MD5 | 2bcaeda20daeb354c30c87179b7f74f2
Ubiquiti Networks Hardcoded Keys / Remote Management
Posted Nov 5, 2015
Authored by Stefan Viehbock | Site sec-consult.com

Various Ubiquiti Networks products suffer from having hardcoded keys and also having remote management interfaces enabled that can be leveraged by these credentials.

tags | exploit, remote
MD5 | 798c3baf0730c8d5707356ccbd8c96f9
NetUSB Stack Buffer Overflow
Posted Oct 10, 2015
Authored by Stefan Viehbock | Site sec-consult.com

NetUSB stack buffer overflow denial of service exploit.

tags | exploit, denial of service, overflow
advisories | CVE-2015-3036
MD5 | 208b1ef93b9b7964d1e9e55b7139989e
KCodes NetUSB Buffer Overflow
Posted May 21, 2015
Authored by Stefan Viehbock | Site sec-consult.com

KCodes NetUSB suffers from a kernel stack buffer overflow vulnerability.

tags | advisory, overflow, kernel
advisories | CVE-2015-3036
MD5 | 2c9b512013df0c3329d23013cf4edc6f
TP-LINK Local File Disclosure
Posted Apr 10, 2015
Authored by Stefan Viehbock | Site sec-consult.com

Multiple TP-LINK products suffer from a local file disclosure vulnerability.

tags | exploit, local
advisories | CVE-2015-3035
MD5 | 64365844e37da0b003f56f54e4464af0
Symantec SDCS:SA / SCSP XSS / Bypass / SQL Injection / Disclosure
Posted Jan 22, 2015
Authored by Stefan Viehbock | Site sec-consult.com

Symantec Data Center Security: Server Advanced (SDCS:SA) and Symantec Critical System Protection (SCSP) suffer from cross site scripting, remote SQL injection, information disclosure, and policy bypass vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, info disclosure
advisories | CVE-2014-7289, CVE-2014-9224, CVE-2014-9225, CVE-2014-9226
MD5 | ce7ad911e7bff54035b13d0c3f8ae997
VDG Security SENSE 2.3.13 File Disclosure / Bypass / Buffer Overflow
Posted Dec 19, 2014
Authored by Stefan Viehbock | Site sec-consult.com

VDG Security SENSE version 2.3.13 suffers from buffer overflow, authentication bypass, file disclosure, password disclosure, and information leakage vulnerabilities.

tags | exploit, overflow, vulnerability
MD5 | 0157945edec568b0f555ed2eb945c2e4
Symantec Endpoint Protection Manager Remote Command Execution
Posted Feb 26, 2014
Authored by Chris Graham, Stefan Viehbock | Site metasploit.com

This Metasploit module exploits XXE and SQL injection flaws in Symantec Endpoint Protection Manager versions 11.0, 12.0 and 12.1. When supplying a specially crafted XXE request an attacker can reach SQL injection affected components. As xp_cmdshell is enabled in the included database instance, it's possible to execute arbitrary system commands on the remote system with SYSTEM privileges.

tags | exploit, remote, arbitrary, sql injection
advisories | CVE-2013-5014, CVE-2013-5015
MD5 | 3d5e8769437aef3160d16a8ac935fe7c
Symantec Messaging Gateway 9.5 Default SSH Password
Posted Sep 6, 2012
Authored by Ben Williams, sinn3r, Stefan Viehbock | Site metasploit.com

This Metasploit module exploits a default misconfiguration flaw on Symantec Messaging Gateway. The 'support' user has a known default password, which can be used to login to the SSH service, and gain privileged access from remote.

tags | exploit, remote
advisories | CVE-2012-3579, OSVDB-85028
MD5 | 863c340d7696860e8e64d03efd4da61e
Symantec Messaging Gateway 9.5.x Support Backdoor
Posted Aug 30, 2012
Authored by Stefan Viehbock | Site sec-consult.com

Symantec Messaging Gateway version 9.5.x suffers from a vendor-supplied backdoor vulnerability. By default the 'support' user is enabled and uses an insecure password. This user is not visible in the web interface and therefore cannot be disabled. As the appliance provides a SSH daemon on all interfaces, this account can be used to gain remote shell access on the device.

tags | advisory, remote, web, shell
MD5 | 2abb36076a2b7977e7a2ddc3ed3ed632
Brute Forcing Wi-Fi Protected Setup
Posted Dec 29, 2011
Authored by Stefan Viehbock

This paper discusses a vulnerability in WPS that allows attackers to recover WPA/WPA2 keys in a matter of hours.

tags | paper, wireless
MD5 | 795e111de4ff159c05752bfb679f8945
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    2 Files
  • 23
    Oct 23rd
    10 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close