what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Photos In Wifi 1.0.1 File Upload
Posted Sep 28, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Photos in Wifi version 1.0.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 4a00b037a1dc3051f06630d1a90f45ed20afc5751a1f8f286020dfd2832f6a2b

Related Files

Ubuntu Security Notice USN-2666-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2666-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167, CVE-2015-4700
SHA-256 | 47d9b2874b908191ceb7d6cc05e67c129969a7a846612e0abf42f762272cf153
Ubuntu Security Notice USN-2667-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2667-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003
SHA-256 | 122e7a4e496bfa1708ef0318f8bb997c9f1c401557f2e3bc34b52513381ea323
Ubuntu Security Notice USN-2664-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2664-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4167, CVE-2015-4700
SHA-256 | fa189e6b6391daa79f6ab7ceb545b2f97b172e45e1ec80055aa050d2726b9e27
Ubuntu Security Notice USN-2665-1
Posted Jul 7, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2665-1 - A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1420, CVE-2015-4001, CVE-2015-4002, CVE-2015-4003
SHA-256 | 7fe5d45987e82d6beb0aa597ea875fbc6a50d820627071ddf51320c0b6d6db2e
TimeDoctor Pro 1.4.72.3 Insecure Transport
Posted Jul 1, 2015
Authored by Fernando Munoz

TimeDoctor autoupdate feature downloads and executes files over plain HTTP and doesn't perform any check with the files. An attacker with MITM capabilities (i.e., when user connects to a public wifi) could override the Timedoctor subdomain and then execute custom binaries on the machine where the application is running.

tags | advisory, web
advisories | CVE-2015-4674
SHA-256 | cf5cbb9e12db32d37835bd9deea463c5dc52c32a82f8ba56eb0159a2d82fdd01
My Wifi Router 1.0 Buffer Overflow
Posted Jun 13, 2015
Authored by Sudhakar Dwivedi

My Wifi Router version 1.0 suffers from a buffer overflow vulnerability.

tags | advisory, overflow
SHA-256 | e82c965f3dcb1eeb55f2121093aeda9d8103007349472a43cb457e3c6d220f49
WiFi HD 8.1 Denial Of Service / Directory Traversal
Posted Jun 6, 2015
Authored by Wh1t3Rh1n0

WiFi HD version 8.1 suffers from denial of service and directory traversal vulnerabilities.

tags | exploit, denial of service, vulnerability, file inclusion
SHA-256 | e88ab7c1136a0a93f2e8b89487282d54d89d46e4a835a4a5a458b9c6d034a9cb
Wifi Drive Pro 1.2 Local File Inclusion
Posted Apr 21, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Wifi Drive Pro version 1.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | c5cf5d3f463bf90cc37405e42f2ed0f1feba8800be2c7df9bc9363ef6c8a6500
Netatmo Weather Station Cleartext Password Leak
Posted Feb 13, 2015
Authored by jullrich

During initial setup, the weather station will submit its complete configuration unencrypted to the manufacturer cloud service. This configuration includes confidential information like the user's Wifi password.

tags | advisory
advisories | CVE-2015-1600
SHA-256 | 26c45dc9330c4b9106868739be6a04123e25c4881dd15ee9236e856c7b66fbf4
Android WiFi-Direct Denial Of Service
Posted Jan 26, 2015
Authored by Core Security Technologies, Andres Blanco | Site coresecurity.com

Core Security Technologies Advisory - Some Android devices are affected by a denial of service attack when scanning for WiFi Direct devices. An attacker could send a specially crafted 802.11 Probe Response frame causing the Dalvik subsystem to reboot because of an Unhandle Exception on WiFiMonitor class.

tags | exploit, denial of service
advisories | CVE-2014-0997
SHA-256 | feb52e38d88fae494e9480f07d94fba29e88f585adbd14e6a5b09a5a89af5f6c
WiFi File Browser Pro 2.0.8 Code Execution
Posted Jan 14, 2015
Authored by Hadji Samir, Vulnerability Laboratory

WiFi File Browser Pro version 2.0.8 suffers from a code execution vulnerability.

tags | exploit, code execution
SHA-256 | 3a17fedccf065dba2df2c8cc06ab986128e6739ee172a59e2c48817e94704d18
WifiPhisher Phishing Tool
Posted Jan 4, 2015
Authored by sophron | Site github.com

Wifiphisher is a security tool that mounts fast automated phishing attacks against WPA networks in order to obtain the secret passphrase. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining WPA credentials.

tags | tool, wireless
SHA-256 | ec5629cf75d78e38ffa5b6ad34949dab7b4453c9a4a959c8c265a2d3fd64a02d
iWifi For Chat 1.1 Denial Of Service
Posted Dec 16, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

iWifi for Chat versions 1.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 3cab99079172c9e06514750282830fd8acfb059162cad3a99c24f705cc4e0a7b
Debian Security Advisory 3052-1
Posted Oct 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3052-1 - Jouni Malinen discovered an input sanitization issue in the wpa_cli and hostapd_cli tools included in the wpa package. A remote wifi system within range could provide a crafted string triggering arbitrary code execution running with privileges of the affected wpa_cli or hostapd_cli process.

tags | advisory, remote, arbitrary, code execution
systems | linux, debian
advisories | CVE-2014-3686
SHA-256 | 753b9e912256fa78da742abe670ee67537c6c4abcae01ccf1d07b62619d1837f
Telefonica O2 Connection Manager 8.7 Service Trusted Path Privilege Escalation
Posted Oct 10, 2014
Authored by LiquidWorm | Site zeroscience.mk

The O2 Connection Manager's service suffers from an unquoted search path issue impacting the Import WiFi 'TGCM_ImportWiFiSvc' service for Windows. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.

tags | exploit, arbitrary, local, root
systems | windows
SHA-256 | 458cb76ca91d0d44238a91041eb864f394ddc934e2e995011da173b076eb06d6
Apple Security Advisory 2014-09-17-2
Posted Sep 17, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-09-17-2 - Apple TV 7 is now available and addresses wifi credential interception, information disclosure, code execution, and various other vulnerabilities.

tags | advisory, vulnerability, code execution, info disclosure
systems | apple
advisories | CVE-2011-2391, CVE-2013-6663, CVE-2014-1384, CVE-2014-1385, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-4357, CVE-2014-4364, CVE-2014-4369, CVE-2014-4371, CVE-2014-4372, CVE-2014-4373, CVE-2014-4375, CVE-2014-4377, CVE-2014-4378, CVE-2014-4379, CVE-2014-4380, CVE-2014-4381, CVE-2014-4383, CVE-2014-4388, CVE-2014-4389, CVE-2014-4404, CVE-2014-4405, CVE-2014-4407, CVE-2014-4408, CVE-2014-4410, CVE-2014-4411
SHA-256 | c7b02c75d378a545f8aa6249ce72817c0d53275ba9408b5e1c074ffa5b986f5a
Apple Security Advisory 2014-09-17-1
Posted Sep 17, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-09-17-1 - iOS 8 is now available and addresses wifi credential interception, identifier disclosure, path traversal, and various other vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2011-2391, CVE-2013-5227, CVE-2013-6663, CVE-2013-6835, CVE-2014-1348, CVE-2014-1360, CVE-2014-1384, CVE-2014-1385, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-4352, CVE-2014-4353, CVE-2014-4354, CVE-2014-4356, CVE-2014-4357, CVE-2014-4361, CVE-2014-4362, CVE-2014-4363, CVE-2014-4364, CVE-2014-4366, CVE-2014-4367, CVE-2014-4368, CVE-2014-4369, CVE-2014-4371, CVE-2014-4372, CVE-2014-4373, CVE-2014-4374
SHA-256 | 9aea82d38a9a0bbd2a4dc19603d0bb6cbf3c4bc828f5ec2b4416c139ceb66db7
MIUI Wifi Connection Message Wireless Enable
Posted Sep 17, 2014
Site nipc.org.cn

MIUI versions 4.1.17 and 5.30 have a flaw where NFC can be used to enable wifi.

tags | advisory
SHA-256 | 8f0385e79db656d96c679b780cecef8edc53320f2104c9d1fe56d10ff1f6cc51
USB & WiFi Flash Drive 1.3 Code Execution
Posted Sep 16, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

USB & WiFi Flash Drive version 1.3 suffers from a code execution vulnerability.

tags | exploit, code execution
SHA-256 | 5f67a4819878789c4eaf919650741ce0f3db9fe98bf25f5622ecb03ec07b13ab
PhotoSync Wifi / Bluetooth 1.0 Local File Inclusion
Posted Aug 6, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

PhotoSync Wifi and Bluetooth version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | d3483e908f63901493046e31452b90ead46276bba888524dbc8ac0d24edd4ebb
Video WiFi Transfer 1.01 Directory Traversal
Posted Aug 4, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Video WiFi Transfer version 1.01 suffers from a directory traversal vulnerability.

tags | exploit
SHA-256 | a1e4345f9f57c640e427b649d6399872f828be3569ea63b0191fe4f95f544b4c
Photo WiFi Transfer 1.01 Directory Traversal
Posted Aug 3, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Photo WiFi Transfer version 1.01 suffers from a directory traversal vulnerability.

tags | exploit
SHA-256 | 1aa823b490ae3034f340604d446c57cda18cd37a0e00d5b90ff571baddb13c0f
WiFi HD 7.3.0 LFI / Traversal / Command Injection / CSRF
Posted Jul 29, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

WiFi HD version 7.3.0 suffers from local file inclusion, directory traversal, command injection, and cross site request forgery vulnerabilities.

tags | exploit, local, vulnerability, file inclusion, csrf
SHA-256 | 385a35c17ef6e5d6fe31cad54fc9c513afe14f1ef33ed25c6b35b80ff42a5f85
NG WifiTransfer Pro 1.1 Local File Inclusion
Posted Jun 3, 2014
Authored by LariX4, Vulnerability Laboratory | Site vulnerability-lab.com

NG WifiTransfer Pro version 1.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 582cb0caa7b800b3eec240541ede7b6b7c23ca1a5e21863808c02a9b6214e277
Depot WiFi 1.0.0 Code Execution / Local File Inclusion
Posted Apr 25, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Depot WiFi version 1.0.0 for iOS suffers from code execution and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, code execution, file inclusion
systems | apple, ios
SHA-256 | 239876a4258fa1ffcf2718fcb13020b5cd7008ce28f17eef80d30d9eaea994bd
Page 1 of 4
Back1234Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close