exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

Netgear 1.0.0.24 Cross Site Request Forgery
Posted Jan 11, 2016
Authored by CSW Research Lab, Sathish Kumar

Netgear router version 1.0.0.24 with JNR1010 firmware suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | da6530ed94ec74ddcb325b48d68b02ef2fe16d9c6ec393e137a00d4987f9e68a

Related Files

Secunia Security Advisory 44087
Posted Apr 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Yamaha RT Series Routers, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 25a70cac1dc439d1698ce567e34c804acc75f9e09c2d3cdd7fb11b5c0e289d9e
Fiberhome HG-110 Cross Site Scripting / Local File Inclusion
Posted Apr 8, 2011
Authored by Zerial

Fiberhome HG-110 routers suffer from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | 25b1b59839207535d1b10fdda49adf6dd271eec45326a77d87756b0b77bb02e4
O2 Classic Router Cross Site Request Forgery / Cross Site Scripting
Posted Apr 7, 2011
Authored by Hanno Boeck | Site hboeck.de

O2 Classic Router suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2010-1482, CVE-2011-0746
SHA-256 | 94d6ca9d702ec4f5fdb7414e8e935b6e8e12b2ba4c775e2b2fd39a04eff4c71f
ICMPv6 Router Announcement Flooding Denial Of Service
Posted Apr 6, 2011
Authored by van Hauser

An ICMPv6 router announcement flooding denial of service vulnerability affects multiple systems including Cisco, Juniper, Microsoft, and FreeBSD. Cisco has addressed the issue but Microsoft has decided to ignore it.

tags | advisory, denial of service
systems | cisco, freebsd, juniper
advisories | CVE-2010-4670, CVE-2010-4671, CVE-2010-4669
SHA-256 | b678a0b413550ec37fd50aa3338c0642a3b7f81dcdd9c330b6d7ffb73e786564
IBM Lotus Domino iCalendar MAILTO Buffer Overflow
Posted Apr 6, 2011
Authored by sinn3r, A.Plaskett | Site metasploit.com

This Metasploit module exploits a vulnerability found in IBM Lotus Domino iCalendar. By sending a long string of data as the "ORGANIZER;mailto" header, process "nRouter.exe" crashes due to a Cstrcpy() routine in nnotes.dll, which allows remote attackers to gain arbitrary code execution. Note: In order to trigger the vulnerable code path, a valid Domino mailbox account is needed.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2010-3407, OSVDB-68040
SHA-256 | 58a0109fc5ef5bec16039ceb68600f3e20fe6be1a9d5c1104237dc5b1f0cde5e
THOMSON Router 7.4.4.7 Cross Site Scripting
Posted Apr 3, 2011
Authored by Edgard Chammas

THOMSON Router version 7.4.4.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 28ac8611235849ab8377f46542bf45884a585a6271e093ddb136304cdd156345
Eircom Netopia Router Backdoor
Posted Mar 27, 2011
Authored by Netcat, Hex, Chess

Eircom Netopia Routers suffers from multiple backdoor vulnerabilities that allow for remote privilege escalation.

tags | exploit, remote, vulnerability
SHA-256 | 71bcdd74f2f246a4e1c36551a5c8752d3b4b4478ddc329287636a9d46a506f73
OpenNHRP NBMA Next Hop Resolution 0.12.1
Posted Mar 24, 2011
Authored by Timo Teras | Site sourceforge.net

OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.

Changes: The GRE key is now exported to opennhrp-script (to allow dual-DMVPN setups). Minor bugs in config directives were fixed, along with building for certain configurations.
tags | encryption, protocol
systems | cisco, linux
SHA-256 | e657a68a0dd07b6c368fe00d1937671ad68ffa75f21313c5fc8553e7f3ebcfdc
Secunia Security Advisory 43494
Posted Mar 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in SEIL Routers, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | e6d84002ad68f2297e06e2a40400b12d77e4f8ce3d5cf1b5aa659f46ab7e2497
Comtrend ADSL Router BTC (VivaCom) Cross Site Request Forgery
Posted Mar 4, 2011
Authored by Todor Donev

Comtrend ADSL router BTC (VivaCom) CT-5367 C01_R12 suffers from a cross site request forgery vulnerability that allows for password changes. Successful exploitation allows remote root access to the device.

tags | exploit, remote, root, csrf
SHA-256 | 7787b03f3c56cdbf0d32b20b5495b9e6aa2e1f78000dc7155d3ea2bf26850ee9
Cisco Security Advisory 20110223-fwsm
Posted Feb 23, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in the Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers that may cause the Cisco FWSM to reload after processing a malformed Skinny Client Control Protocol (SCCP) message. Devices are affected when SCCP inspection is enabled. Cisco has released free software updates that address this vulnerability.

tags | advisory, protocol
systems | cisco
advisories | CVE-2011-0394
SHA-256 | 2d3c304b1169c0947fbea1a762b1e12011ff5021a0b46976a1ef04bb54325ee7
Zero Day Initiative Advisory 11-048
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-048 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nrouter.exe service while processing a malformed calendar meeting request. The process copies the contents of the name parameter within the Content-Type header into a fixed size stack buffer. By providing enough data this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, code execution
SHA-256 | 9e6b48942aef107760324058e3ae367162c825c55a3df189d7b05a6b4a064e41
Zero Day Initiative Advisory 11-046
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-046 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NRouter service while transporting malformed e-mails. The vulnerable code copies data from the ATTACH:CID and Content-ID headers within an e-mail into a fixed length stack buffer. By providing a large enough file name, this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, code execution
SHA-256 | bdd4162ce5354caa85ddefb3baeb8113ed3c2ef0947470f6bc5a8bacece36c39
D-LINK DIR-280 Direct Access Administrative Password Change
Posted Feb 2, 2011
Authored by Andres Otondo

D-LINK DIR-280 router allows for an unauthenticated direct access administrative password changing vulnerability.

tags | exploit
SHA-256 | 50a92d0ee3378b8021ffdc21994e9c7d01dfc808b43830056e81bf6ed5e61ce0
Huawei Echo Life HG520 mac2wepkey Utility
Posted Jan 26, 2011
Authored by Hochoa

Huawei HG520 and HG530 routers are vulnerable to weak cipher attacks. It is possible to generate the default WEP/WPA key from the MAC address. This python code demonstrates the issue.

tags | cracker, python
SHA-256 | c5c634174c47951bb956edb6dd96f6515e4a2e857387c1b589cc81559cfed7b3
WiRouter KeyRec 1.0.3
Posted Jan 16, 2011
Authored by Salvatore Fresta | Site salvatorefresta.net

WiRouter KeyRec is a powerful and platform independent piece of software that recovers the default WPA passphrases of the supported router's models (Telecom Italia Alice AGPF, Fastweb Pirelli, Fastweb Tesley).

Changes: This release updates the Web site from where the AGPF configuration file is downloaded.
tags | tool, wireless
SHA-256 | a56eb4b141af2d150c59a58ef916eeaf440c3055e0d00be55e231ee87b419174
DD-WRT 24-preSP2 Information Disclosure
Posted Dec 27, 2010
Authored by Craig Heffner | Site devttys0.com

Remote attackers can gain sensitive information about a DD-WRT router and internal clients, including IP addresses, MAC addresses and host names. This information can be used for further network attacks as well as very accurate geolocation. This is exploitable even if remote administration is disabled. Version 24-preSP2 is affected.

tags | exploit, remote, info disclosure
SHA-256 | 7102053c920ae264843dc40d0a21522a645ecbba49d6f4df097245cfdadc92f8
Firewall Builder With GUI 4.1.3
Posted Dec 8, 2010
Site fwbuilder.org

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Changes: This release comes with a number of usability improvements and bugfixes, such as the addition of an Advanced User mode to reduce the number of tooltips for power users, and the addition of a new policy rule checkbox to define whether new rules have logging enabled or disabled by default. Critical bugfixes include improved support for Windows systems that use PuTTY sessions and configuration of IP broadcast addresses on interfaces. Fixes related to cluster configurations include support for import of branching rules when a cluster is created and generating NAT rules that require the iptables REDIRECT target.
tags | tool, firewall
systems | cisco, linux, unix, openbsd
SHA-256 | f8af490bc3a09124eb5ac6ce1157366530cb516cf856a398b6ece819b6e6643e
Secunia Security Advisory 42425
Posted Dec 8, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Craig Heffner has reported a security issue in multiple D-Link DIR routers, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable device.

tags | advisory
SHA-256 | 897c2b42c12fdadcf0833fa5f58144152e8fdedb327f51fe21ad52f5dfdd065a
Secunia Security Advisory 42490
Posted Dec 8, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Linksys WRT54G2 and BEFSR41 routers, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | eeacdb42cf555d69b25ba5f7a211b2334671de00bf0f541f949afbdc087ede74
DIR-615 Privilege Escalation
Posted Dec 5, 2010
Authored by Craig Heffner | Site devttys0.com

This file provides a detailed description of a privilege escalation vulnerability that has been confirmed to affect the DIR-615 revD router running firmware version 4.11.

tags | advisory
SHA-256 | a160c910db3449d12d52aa5b71001bba6e2a99708a556a84bf479eddf5694cb0
Linksys Router Cross Site Request Forgery
Posted Dec 3, 2010
Authored by Martin Barbella

Proof of concept exploits for cross site request forgery vulnerabilities found in the Linksys WRT54G2 and WRT54G routers.

tags | exploit, vulnerability, proof of concept, csrf
SHA-256 | b828c25f846a2d0368ccab279f0ecc63d70d06cad75e64a301b44245aa6d868b
D-Link Router Authentication Bypass
Posted Dec 3, 2010
Authored by Craig Heffner | Site devttys0.com

D-Link routers such as the DIR-615 revD, DIR-320 and DIR-300 all suffer from multiple remote authentication bypass vulnerabilities.

tags | exploit, remote, vulnerability
SHA-256 | f1a9231c26177ad1738cc646517d63f8730f5f15148496f3064ab23103362ee0
FloppyFW Router/Firewall On A Disc 3.0.14
Posted Nov 28, 2010
Authored by Thomas Lundquist | Site zelow.no

Floppyfw is a router and firewall in one image. It uses Linux basic firewall capabilities, and has a simple packaging system. It is ideal for masquerading and securing networks on ADSL and cable lines, using static IP, DHCP, and PPPoE. Installation involves editing of only one file on the floppy. This is the iso version.

Changes: VLAN support and better DMZ support. The latest 2.4 kernel.
tags | tool, firewall
systems | linux
SHA-256 | b7142e9a63474752a6984ebdad22fc58cd0680114f5119ae4d49fd6452cb83df
Cisco IOS Router Exploitation
Posted Jul 26, 2009
Authored by FX | Site recurity-labs.com

Whitepaper called Cisco IOS Router Exploitation. This paper describes the challenges with the exploitation of memory corruption software vulnerabilities in Cisco IOS. The goal is to map out the problem space in order to allow for the anticipation of developments in the future, as current research suggests that exploitation of such vulnerabilities in the wild is not currently the case. By understanding the challenges that an attacker faces, defensive strategies can be better planned, a required evolution with the current state of Cisco IOS router networks.

tags | paper, vulnerability
systems | cisco
SHA-256 | c8f425e5b59d8610a92403e4d24fbd0a74109b64e2b2600c739f8f66b44a6701
Page 4 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close