what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Barracuda Web Application Firewall 8.0.1.008 Post Auth Root
Posted Jul 29, 2016
Authored by Russell Sanford | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web Application Firewall firmware versions 8.0.1.008 (2016-03-22) and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.

tags | exploit, remote, web, local, root
SHA-256 | e629172103ae4ff6e305d3b64279d72809b63af1ee85c6af41c91df3db7d9d96

Related Files

Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Password Disclosure
Posted Aug 17, 2012
Authored by Alberto Ortega

Alpha Networks ADSL2/2+ Wireless Router version ASL-26555 suffers from a remote administration password disclosure vulnerability. Tested on firmware version 2.0.0.30B_ES.

tags | exploit, remote
SHA-256 | 0acc750576387e5c5c8428df81f18e8f0e01592d9d5308c8ea0f94e991b8de78
Iomega StorCenter/EMC Lifeline Remote Access
Posted Aug 9, 2012
Site emc.com

A vulnerability exists for Iomega network storage devices with EMC Lifeline firmware that can potentially be exploited to gain unauthorized access to remote shares in certain circumstances. If remote access (including port-forwarding) is enabled on affected Iomega devices, all created shares (including shares on connected USB devices) could potentially be accessed by unauthorized remote users or systems due to access control issues.

tags | advisory, remote
advisories | CVE-2012-2283
SHA-256 | 1751607ad763d8c3030dd46fa7360620eefb9a7f9ade9c9368211dd334e6edf7
QNAP Command Injection
Posted Jun 17, 2012
Authored by Phil Taylor, Nadeem Salim | Site senseofsecurity.com.au

QNAP Turbo NAS with firmware versions 3.6.1 Build 0302T and below suffer from a command injection vulnerability that allows for remote code execution.

tags | exploit, remote, code execution
SHA-256 | bcec74851c024f2e1466935f495fd1687810e39d50b44f12aa001bc14964e143
HP Security Bulletin HPSBPI02728 SSRT100692 6
Posted Apr 26, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 6 - In November, 2011, a potential security vulnerability was identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. This revision, version 6, of the Security Bulletin announces the availability of firmware updates for additional devices.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | 6b9303b4257f0a92fb10e6843f9b596fd3b0ff2087609043ce342140b4a101ad
HP Security Bulletin HPSBPI02728 SSRT100692 5
Posted Mar 19, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 5 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 5 of this advisory.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | 34fc17a3a00efdd16c2e510fe459251c21d59b231555ad0e979a5da926ca663a
Secunia Security Advisory 48048
Posted Feb 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sense of Security has reported a security issue in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | bdd99dccd465ec4c59bbf42bc1f0b06ef8b4944a9f0c632126074ac0519348ff
Secunia Security Advisory 48158
Posted Feb 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sense of Security has reported a security issue and a vulnerability in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 9d55a5c4cc119aba5c9ab9d76cce3f9611f9d1be5e38cbfe9ee8fc2efafed802
Secunia Security Advisory 48061
Posted Feb 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sense of Security has reported a security issue in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 52fd7d90f18e1af4afd57abcfc7e0a98cc2f675e2689ddcf564d0e2a43c57ede
HP Security Bulletin HPSBPI02728 SSRT100692 4
Posted Feb 18, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 4 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 4 of this advisory.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | ae3a06d6319920eca0609887ae91355785a811ce0226b7717b8527b4072104ba
HP Security Bulletin HPSBPI02728 SSRT100692 3
Posted Jan 9, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 3 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 3 of this advisory.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | dd5e56f566ad2ca9b114239aba459968b740fd1b964f71a9074e028284d0c8a1
HP Security Bulletin HPSBPI02728 SSRT100692 2
Posted Dec 29, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 2 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 2 of this advisory.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | ff6f22298de3f425de467f22cf364320ca21ac4e7ef6bb1908722100799044d9
IBM TS3100/TS3200 Web UI Authentication Bypass
Posted Dec 21, 2011
Site trustwave.com

The IBM TS3200/TS3200 Web User Interface is vulnerable to an authentication bypass attack. By sending a series of requests to the authentication function, it is possible to trigger a condition which causes the application to grant an access cookie which permits remote administration. Firmware less than A.60 is affected.

tags | exploit, remote, web
advisories | CVE-2011-1372
SHA-256 | 251930962a416ff086d78263b78eb5f8dcc016095a831b437bd5a97ae19df1ac
Secunia Security Advisory 47257
Posted Dec 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged some vulnerabilities in Sun System Firmware, which can be exploited by malicious people to conduct spoofing attacks, cause a DoS (Denial of Service), and potentially compromise a user's system.

tags | advisory, denial of service, spoof, vulnerability
SHA-256 | ca8de27c8fdebbee80901664bdcdd9943caeaf960ed3984e7122403b6e96ff00
HP Security Bulletin HPSBPI02728 SSRT100692
Posted Dec 1, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | d48441fde8682890a6be06f1b7536c5c8c950288456b21ade23cb63724135da3
Apple Security Advisory 2011-11-10-2
Posted Nov 15, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-11-10-2 - Time Capsule and AirPort Base Station (802.11n) Firmware 7.6 is now available and addresses a security vulnerability. dhclient allowed remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message. This issue is addressed by stripping shell meta-characters in dhclient-script.

tags | advisory, remote, arbitrary, shell
systems | apple
advisories | CVE-2011-0997
SHA-256 | 6e8e307de2ea87a65b2fbe4858a5cdefa741c0cb65ec28c910798ebd7cbf3bd9
Digging Inside VxWorks OS And Firmware - Holistic Security
Posted Jul 18, 2011
Authored by Aditya K Sood | Site secniche.org

Whitepaper called Digging Inside VxWorks OS and Firmware - Holistic Security. VxWorks is one of the most widely accepted embedded OSes. In this paper, they have conducted a detailed study of the VxWorks OS security model and firmware in order to understand the potential impact of security vulnerabilities and weaknesses.

tags | paper, vulnerability
SHA-256 | 2c622ddb4286be353e85ab46da20fe4b0ca3a0d882e1cf8d909f856256f15449
Multiple IP Cameras Remote Command Execution
Posted Jun 9, 2011
Authored by Roberto Paleari

IP Cameras such as TRENDnet, Digicom, and iPUX all share a firmware that suffers from undocumented user, command injection, hidden telnet service, and various other vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 2e13035b1da24232cad2b5abbce7c0d6968fb792c214dcbcbecba7542a6aaf4b
Belkin G Wireless Router 5.00.12 Password Hash Disclosure
Posted May 31, 2011
Authored by Aodrulez

Belkin G Wireless Router with firmware version 5.00.12 suffers from a password hash disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 1ff16d35f0826f93976163d23810916b6c842c832770207c9409be7c72c79f0d
Linksys WRT54G Cross Site Scripting
Posted Apr 29, 2011
Authored by Justin C. Klein Keane

The Cisco Linksys Wireless G Broadband Router WRT54G with firmware version 4.21.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
SHA-256 | 33023e6063d14ffdaada37d384498349e1d019e88d22a6bd58eef458b22376b7
Linksys WRT54G Password Disclosure
Posted Apr 11, 2011
Authored by RaFD

Linksys WRT54G with firmware version 7.00.1 suffers from an administrative password disclosure vulnerability via ftpd.

tags | exploit, info disclosure
SHA-256 | 29ac89d17267faf8260fc55d0bf0cea35b3acec9de7d42041acbc8aaabc40393
ProxBrute 0.3
Posted Jan 12, 2011
Authored by Brad Antoniewicz

ProxBrute is a custom firmware written for the proxmark3. It extends the currently available firmware (revision 465) to support brute force attacks against proximity card access control systems. This version of ProxBrute requires the knowledge of a [once] valid tag value to vertically or horizontally escalate the tag's privileges.

tags | cracker
systems | unix
SHA-256 | a155a9dd000312c20ecbe6ca6bab1bc991183e9dea73578a76754b148ab1332a
RoomWizard Credential Disclosure
Posted Jan 6, 2011
Authored by Sean Lam

RoomWizard suffers from a default password and sync connector credential leak vulnerability. Firmware version 3.2.3 is affected.

tags | exploit, info disclosure
advisories | CVE-2010-0214
SHA-256 | cd571a6d6eac92710b122e7baf4146e0163348b1c380b890746f3484d6c692d5
DIR-615 Privilege Escalation
Posted Dec 5, 2010
Authored by Craig Heffner | Site devttys0.com

This file provides a detailed description of a privilege escalation vulnerability that has been confirmed to affect the DIR-615 revD router running firmware version 4.11.

tags | advisory
SHA-256 | a160c910db3449d12d52aa5b71001bba6e2a99708a556a84bf479eddf5694cb0
Secunia Security Advisory 42059
Posted Nov 2, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Intel Xeon 5500 and 5600 Series BMC Firmware, which can be exploited by malicious users to gain escalated privileges.

tags | advisory
SHA-256 | 01e20d92ef50436b1c0eef5c25bdb74ed3a2e0277f94650daf9927dd6874e094
Proventia Network Mail Security System CRLF Injection
Posted Sep 14, 2010
Authored by Dr. Marian Ventuneac

Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to a CRLF Injection vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing injection of custom HTTP cookies, forcing external redirects, potential HTTP Response Splitting attacks, etc.

tags | exploit, web, local
advisories | CVE-2010-0155
SHA-256 | e89f3a47c9d247e4c7ef74ea39c92a4c23d3b46381a0211b7b0b6dd059c87d44
Page 1 of 4
Back1234Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close