exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Master IP CAM 01 Hardcoded Password / Unauthenticated Access
Posted Jan 17, 2018
Authored by Daniele Linguaglossa, Raffaele Sabato

Master IP CAM version 01 has a hardcoded root password and suffers from multiple unauthenticated access vulnerabilities.

tags | exploit, root, vulnerability, bypass
advisories | CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726
SHA-256 | 1b7b16dc033365ff3162c79dfd711a78130a165f689c53737f95802789f1b521

Related Files

Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow
Posted Aug 3, 2012
Authored by Carsten Eiram, juan | Site metasploit.com

This Metasploit module exploits a vulnerability found in Cisco Linksys PlayerPT 1.0.0.15 as the installed with the web interface of Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera. The vulnerability, due to the insecure usage of sprintf in the SetSource method, when handling a specially crafted sURL argument, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page.

tags | exploit, web, overflow, code execution
systems | cisco
advisories | CVE-2012-0284
SHA-256 | 5a88ff9a13dc712f648150200591ec804a09cb0631600c4db7449f3c17604a4b
Cisco Linksys PlayerPT ActiveX Control Buffer Overflow
Posted Jul 27, 2012
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Cisco Linksys PlayerPT 1.0.0.15 as the installed with the web interface of Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera. The vulnerability, due to the insecure usage of sprintf in the SetSource method, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page.

tags | exploit, web, overflow, code execution
systems | cisco
advisories | OSVDB-80297
SHA-256 | 2dfadd85c9c6ae2a3b6dbc4fd0a0377aac24947c5d90300dbf9bd50e9aa7ebe9
InCoP (Invisible CamOuflage Protocol) 0.2
Posted Jul 23, 2012
Authored by Luis Campo Giralte | Site code.google.com

InCoP (Invisible CamOuflage Protocol) enables the communication between secure systems such as NIDS, ideally located in isolated networks. This hybrid daemon is capable of hiding information by learning from the network and, in a second stage, of sending similar traffic in order to hide the messages as a cover channel does.

tags | tool, protocol
systems | unix
SHA-256 | c768e433735d4d709fc03347480e852525e812532fc5d8ba45ee91d978044d24
Secunia Security Advisory 49984
Posted Jul 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Campaign Monitor module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 4cc6d2225fa3b10d157826f31126c15c92831ba5c55771ed210fbcebd5efd142
Drupal Campaign Monitor 6.x Cross Site Scripting
Posted Jul 19, 2012
Site drupal.org

Drupal third party module Campaign Monitor versions 6.x-2.x prior to 6.x-2.5 suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | fcf698f74e9bd805c5289afb6e0ad89ddcb88901f7884f93b45a0a3a837ab1eb
Vivotek Cameras Data Configuration Disclosure
Posted Jul 16, 2012
Authored by Alejandro Leon Morales

Vivotek Cameras suffer from a configuration disclosure vulnerability that leaks password information.

tags | exploit, info disclosure
SHA-256 | d058e2a1787927c136f919f18b911e8101c71269a4d32b051967630ea19ce337
Secunia Security Advisory 49524
Posted Jun 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Edimax IC-3030iWn Network Camera, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | f4cd0de086ff9f40c210133d0848e3f36873522b32307d11c836b710be647608
ACTi Web Configurator cgi-bin Directory Traversal
Posted Apr 26, 2012
Authored by Digital Defense, r@b13$, Shmoov | Site digitaldefense.net

The ACTi Web Configurator 3.0 for ACTi IP Surveillance Cameras contains a directory traversal vulnerability within the cgi-bin directory. An unauthenticated remote attacker can use this vulnerability to retrieve arbitrary files that are located outside the root of the web server.

tags | advisory, remote, web, arbitrary, cgi, root
SHA-256 | cd526d96e19262e3b3c0e25617019f84a594ac02d555f92b3a0491802618f9b0
ToorCamp 2012 Call For Participation
Posted Apr 26, 2012
Site toorcamp.org

ToorCamp is a five-day open-air event for hackers, makers, breakers, and shakers. ToorCamp is where you get together with the rest of the best in a relaxing, beautiful atmosphere, and exchange ideas with the brightest technology experts from around the world. The camp has everything you need: power, internet, food and fun. Bring your tent, bring a friend ? and get ready to reunite and reignite with really smart people, just like you. It will take place at the Hobuck Beach Resort in Neah Bay, Washington August 8th through the 12th, 2012.

tags | paper, conference
SHA-256 | 3ab8ae04cdb392e8cde6a855fe0321cfdb2744923dd3c58966ac7e044efc4d60
TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow
Posted Apr 7, 2012
Authored by rgod, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in TRENDnet SecurView Internet Camera's ActiveX control. By supplying a long string of data as the sFilter argument of the OpenFileDlg() function, it is possible to trigger a buffer overflow condition due to WideCharToMultiByte (which converts unicode back to) overwriting the stack more than it should, which results arbitrary code execution under the context of the user.

tags | exploit, overflow, arbitrary, code execution, activex
advisories | OSVDB-80661
SHA-256 | dbd0c9ab83279260de0fbf18041f491375843cf365e6a1c3874208c117b871ef
Jogjacamp Cross Site Scripting
Posted Apr 4, 2012
Authored by the_cyber_nuxbie

Jogjacamp suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3147ee47d9ced5d677c07167d08d56a086eb813bcbb26c507ecba32c48c3c6e5
Secunia Security Advisory 48601
Posted Apr 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in TRENDnet UltraMJCam ActiveX Control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, activex
SHA-256 | d232e8935e3373309b56ab8fbad2bb22548f62f8d9e9ac48fea9f8f5defc153a
Secunia Security Advisory 48602
Posted Mar 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Camera Stream Client ActiveX Control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, activex
SHA-256 | 0f4504cc49e35bf338bc479bad45e5714cbb5312754432f200fd859dc09d41e8
D-Link SecuriCam DCS-5605 Network Surveillance Buffer Overflow
Posted Mar 29, 2012
Authored by rgod | Site retrogod.altervista.org

The D-Link SecuriCam DCS-5605 Network Surveillance DcsCliCtrl.dll active-x control suffers from a buffer overflow vulnerability. Proof of concept code included.

tags | exploit, overflow, activex, proof of concept
systems | linux
SHA-256 | 1edd0a6afe6d31147b097c2127b64cc9e88a0013161e4c6fafa7d291d19e8ba8
TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam Buffer Overflow
Posted Mar 29, 2012
Authored by rgod | Site retrogod.altervista.org

The TRENDnet SecurView TV-IP121WN wireless internet camera UltraMJCam active-x control suffers from an OpenFileDlg() WideCharToMultiByte remote buffer overflow. Proof of concept code included.

tags | exploit, remote, overflow, activex, proof of concept
systems | linux
SHA-256 | a1448bcd0d8740d3db37283f486bc15f2158a7b7818ccafbfc0569b5d3cb8984
Cisco Linksys WVC200 PlayerPT Buffer Overflow
Posted Mar 22, 2012
Authored by rgod | Site retrogod.altervista.org

Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT active-x control (PlayerPT.ocx) suffers from a sprintf buffer overflow vulnerability. Version 1.0.0.15 is affected.

tags | exploit, overflow, activex
systems | cisco
SHA-256 | 3933dd1431da4c063e62908b6d60cf61accefadfda1561e952bfa4c9d5163a86
Dell Webcam CrazyTalk ActiveX BackImage Vulnerability
Posted Mar 22, 2012
Authored by rgod, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability in Dell Webcam's CrazyTalk component. Specifically, when supplying a long string for a file path to the BackImage property, an overflow may occur after checking certain file extension names, resulting in remote code execution under the context of the user.

tags | exploit, remote, overflow, code execution
advisories | OSVDB-80205
SHA-256 | c9f9dfe042de7f5d659677f6a10aa38d77f8bd3e8e047325d2dceb11e6f8874c
Secunia Security Advisory 48450
Posted Mar 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Dell Webcam Central, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 66db5b09e29e9cef90b64187179f01dcb147da69964aa4b9278638837a67ea71
Dell Webcam CrazyTalk4Native.dll Buffer Overflow
Posted Mar 20, 2012
Authored by rgod | Site retrogod.altervista.org

The Dell Webcam software bundled active-x control CrazyTalk4Native.dll suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow, activex
SHA-256 | 4602832995fbcf6a2ccdc7e3b461f2c912eb866acd281ca2f1041eff63882cc0
Red Hat Security Advisory 2012-0396-01
Posted Mar 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0396-01 - JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. A flaw was found in the way LDAP authentication was handled. If the LDAP bind account credentials became invalid, subsequent log in attempts with any password for user accounts created via LDAP were successful. A remote attacker could use this flaw to log into LDAP-based JBoss ON accounts without knowing the correct passwords.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2012-1100
SHA-256 | 145fc959fbc7cc8bfb9b7e7eccef6c448ffafe94e95ffa18be3f080b0c3cbf48
Adobe Flash Player .mp4 'cprt' Overflow
Posted Mar 8, 2012
Authored by sinn3r, Alexander Gavrun, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt .mp4 file loaded by Flash, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the "Iran's Oil and Nuclear Situation.doc" phishing campaign.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2012-0754, OSVDB-79300
SHA-256 | bc712e2a0634304709e04fab0e0b399f87ad8994ef78b54e906ba338a89de632
WebcamXP / Webcam7 Directory Traversal
Posted Feb 23, 2012
Authored by Silent Dream

WebcamXP and Webcam7 suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | d8deb6afe4f219e4e760d3a7e556e9078532191fa12d6a586fda9d318e44c4fa
Secunia Security Advisory 47853
Posted Feb 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OCaml, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | e72fa6518578bdc435ab20d1c4fd5806e8bc2a704b1ec39f6375f5998435c4f9
Secunia Security Advisory 47783
Posted Feb 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Campaign Enterprise, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 3ce42bdb5f60e8ad47a6fed415c8988e58fa4af143f71d54c28015e96c991dec
Campaign Enterprise 11.0.421 SQL Injection
Posted Jan 31, 2012
Authored by Craig Freyman

Campaign Enterprise version 11.0.421 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a6e7c8d4760e5b9abb987effc8b747e80986605d0bf70dbc3709453031e5931f
Page 1 of 4
Back1234Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close