QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.
448d8a4712caf953aec99fadb1be4168c93a5e989fce7c009cd8577b1290902fQNAP QTS version 4.2.1 Build 20160601 suffers from an arbitrary file overwrite vulnerability.
1b6b302fa261390c5f0c6aa9787378c2eaa3685d815a17a90ab3bfb40b207096QNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from a persistent cross site scripting vulnerability.
96a4d53ecd91f1a17608c43886a495fcf40a7eca582c4989e48e047118b247ceQNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from an OS command injection vulnerability.
892e6af51235735fae4ad4873dc7e3cc493bcb86a765cb905cdf1117cf7df8a9QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.
e766f0f6ff858161e23849a3310ffff9e284a377d2850c7d0aacd1f4541b45deSIEMENS IP Camera CCMW1025 version x.2.2.1798 remote change admin user / password exploit.
e574218048ed693e31f4c6c1c0307b79dfa61879f56aa22331545be561d97c39Debian Linux Security Advisory 3650-1 - Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of Libgcrypt's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.
efa2674601472cec1e98270928a4f9e5f05edc5bf53fa17755195d156213cafeDebian Linux Security Advisory 3649-1 - Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.
ace6c155c376eb89be0ddc0b2ea842d1d45347d5464a43149266d99a003d042aCisco Security Advisory - A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted SNMP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. The attacker must know the SNMP community string to exploit this vulnerability. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic only. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
1cc7055698db7b94225beda27e11474bac5e54b3e15ca2e65c3696e7fef491c0Honeywell IP-Camera HICC-1100PT suffers from an unauthenticated remote credential disclosure vulnerability.
c7e6e374ae953f8fbd0f9c1b224048c318f5e2d2a813014e246f1c1b1a4bc230EXTRABACON is a zero day remote code execution exploit for Cisco Adaptive Security Appliance (ASA) devices. It leverages an SNMP overflow and relies on knowing the target's uptime and software version. Versions affected include 802, 803, 804, 805, 821, 822, 823, 824, 825, 831, 832, 841, 842, 843, 844. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. Cisco is providing mitigations as a patch currently does not exist.
83777ebca2044d8fa4a7a63d7e547773a5635a73a48c9ed4b6c12e3c3006b0b2ESCALATEPLOWMAN is a privilege escalation exploit for WatchGuard firewalls of unknown versions that injects code via the ifconfig command. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
c37b22787e9ddaa9d60b82f9dc16308b3ba221cdbf08473ee961d51b5a3415c6EPICBANANA is a privilege escalation exploit for Cisco Adaptive Security Appliance (ASA) and Cisco Private Internet eXchange (PIX) devices. Exploitation takes advantage of default Cisco credentials (password: cisco). ASA versions affected include 711, 712, 721, 722, 723, 724, 80432, 804, 805, 822, 823, 824, 825, 831, 832 and PIX versions affected include 711, 712, 721, 722, 723, 724, 804. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
7a40affbc0fdeff9a5ab9a5130ea940d7fbd8480e3928286a3ef77ba66d79aadELIGIBLECONTESTANT is a remote code execution exploit for TOPSEC firewalls. It leverages an HTTP POST parameter injection vulnerability. Versions affected include 3.3.005.057.1 to 3.3.010.024.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
59848b46c37a5bd79164b01f6f26b13556c38be3e0e97299b73831a70f6daca1ELIGIBLECANDIDATE is a remote code execution exploit for TOPSEC firewalls. It leverages an HTTP cookie command injection vulnerability. Versions affected include 3.3.005.057.1 to 3.3.010.024.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
01f69cb478b24ecc0b6ad0ff932da831c3cc213dfc04d3eb8664416465ac2181ELIGIBLEBOMBSHELL is a remote code execution exploit for TOPSEC firewalls. It exploits an HTTP cookie command injection vulnerability and uses ETag examination for version detection. Versions affected include 3.2.100.010.1_pbc_17_iv_3 to 3.3.005.066.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
37995ac0e31ed0e1c4a5e6e4e4cf4250865281120cfb9042fed627c4fe480fa2This bundle contains various implants such as BLATSTING, BANANAGLEE, and BANANABALLOT. They are firewall and BIOS implants. Note that these implants are part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
461b46c0bfedff8d2e789d7f1566faa182c6a8c4d926210c1e842f88d00087b5This is an exploit with an unclear attack vector for TOPSEC firewalls running TOS operating system versions 3.2.100.010, 3.3.001.050, 3.3.002.021 and 3.3.002.030. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. This archive also includes the BLATSTING implant that works in conjunction with this exploit.
ae4f378ecbad405382fac8e24df03e338500f8f2240c84275feef4f4de371f1dEGREGIOUSBLUNDER is a remote code execution exploit for Fortigate firewalls. It leverages an HTTP cookie overflow and is different from CVE-2006-6493 as noted by Avast. Models affected include 60, 60M, 80C, 200A, 300A, 400A, 500A, 620B, 800, 5000, 1000A, 3600, and 3600A. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. This archive also includes the BLATSTING implant that works in conjunction with this exploit.
cb7ca3937e0c84ef93eb8359bf23c3cc67d0f661d4cae04a22803efdb1413e40599 bytes small Microsoft Windows x86 InitiateSystemShutdownA() shellcode.
5736ca0d96a750974d24a8ed3e34272c56bad031e258f30171af527cb36dc980This Metasploit module will create a service on the box, and mark it for auto-restart.
79da7c70153554395ef5348119b04ecdb39ab60cb29fef4eae875f83f0352191This Metasploit module will create a cron or crontab entry to execute a payload. The module includes the ability to automatically clean up those entries to prevent multiple executions. syslog will get a copy of the cron entry.
9793155803f506f6e27c18e5277bed947632ef874e5664d5251d4e9d7cb8c507
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed