Sagem Fast is an ADSL Router using a web management interface in order to change configuration settings. The router is vulnerable to an authentication bypass bug which allows unprivileged users to modify the preconfigured root password then log in with administrator permissions.
22949d840ab867cf6603792f10c2fe512c4dd7337b959b8e1cc56ae6e862bc96QuickCms version 5.4 suffers from cross site request forgery and cross site scripting vulnerabilities.
77eab728345f155d905fd86af5dad89e8d24897cf985afdf2915d8fa61b866c9csUpload from cgiscript.net suffers from an authentication bypass vulnerability.
735e30938f02765f8496c0e66fc35e514faf5d375041331fcaf86ea5113eb8c6This Metasploit module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how a listoverridecount field can be modified to treat one structure as another. This bug was originally seen being exploited in the wild starting in April 2014. This Metasploit module was created by reversing a public malware sample.
dc312c58b345cdc30586c860d412b91fcac1d29d8b039194c3e389f62ccf5683This python script is a modification of the heartbleed proof of concept exploit that looks for cookies, specifically user sessions.
6be146c172695396122c8d40d4638e904f2ee1a827bd6f5062014ed22f051f9fThis Perl script listens on TCP port 443 and responds with completely bogus SSL heartbeat responses, unless it detects the start of a byte pattern similar to that used in Jared Stafford's (jspenguin@jspenguin.org) demo for CVE-2014-0160 'Heartbleed'. Run as root for the privileged port. Outputs IPs of suspected heartbleed scan to the console. Rickrolls scanner in the hex dump.
796ad9cc3fad4c720764e5e9bf2d2d16466658b294a8ea3c9c7312235cba21cd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed