exploit the possibilities
Showing 26 - 50 of 100 RSS Feed

Files

ADB Authorization Bypass
Posted Jul 4, 2018
Authored by Johannes Greil | Site sec-consult.com

Depending on the firmware version/feature-set of the ISP deploying the ADB device, a standard user account may not have all settings enabled within the web GUI. An authenticated attacker is able to bypass those restrictions by adding a second slash in front of the forbidden entry of the path in the URL. It is possible to access forbidden entries within the first layer of the web GUI, any further subsequent layers/paths (sub menus) were not possible to access during testing but further exploitation can't be ruled out entirely. Versions affected include ADB P.RG AV4202N, DV2210, VV2220, and VV5522.

tags | exploit, web
advisories | CVE-2018-13109
MD5 | e41c2384f02b6cc08acf7b55cfe6e66e

Related Files

Red Hat Security Advisory 2014-0590-01
Posted Jun 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0590-01 - JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations content to be processed by an application using Xalan-Java could use this flaw to bypass the intended constraints of the secure processing feature. Depending on the components available in the classpath, this could lead to arbitrary remote code execution in the context of the application server running the application that uses Xalan-Java.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2014-0107
MD5 | ba4c0f63ffa363226040ec88e757ca6a
Red Hat Security Advisory 2014-0591-01
Posted Jun 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0591-01 - JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations content to be processed by an application using Xalan-Java could use this flaw to bypass the intended constraints of the secure processing feature. Depending on the components available in the classpath, this could lead to arbitrary remote code execution in the context of the application server running the application that uses Xalan-Java.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2014-0107
MD5 | 7d82341a1753f3b892049f95e1fade44
Red Hat Security Advisory 2014-0578-01
Posted May 29, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0578-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances, managing networks, and controlling access through users and projects. It was found that overwriting the disk inside of an instance with a malicious image, and then switching the instance to rescue mode, could potentially allow an authenticated user to access arbitrary files on the compute host depending on the file permissions and SELinux constraints of those files. Only setups that used libvirt to spawn instances and which had the use of cow images disabled were affected.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2014-0134
MD5 | c961d7733af86ece5abefa1b729783ba
Citrix Netscaler Diffie-Hellman Key Exchange Issue
Posted May 6, 2014
Authored by Graham Sutherland | Site portcullis-security.com

The remote configuration Java applet in Citrix Netscaler versions prior to 10.1-122.17/9.3-66.5 contains a poor implementation of the Diffie-Hellman key exchange algorithm. The random number generator used to produce secret values is the java.util.Random class, which is not of cryptographic quality. Publicly known predictors exist for the underlying RNG, and the seed is either 32-bit or 48-bit depending on the host system.

tags | advisory, java, remote
advisories | CVE-2014-2881
MD5 | c58d9edb0baca3c2246b4d1e220ff5bf
Red Hat Security Advisory 2014-0453-01
Posted May 1, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0453-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations content to be processed by an application using Xalan-Java could use this flaw to bypass the intended constraints of the secure processing feature. Depending on the components available in the classpath, this could lead to arbitrary remote code execution in the context of the application server running the application that uses Xalan-Java.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2014-0107
MD5 | 3c153b7fc7511a39343292eb3e5ed1a8
Red Hat Security Advisory 2014-0454-01
Posted May 1, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0454-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations content to be processed by an application using Xalan-Java could use this flaw to bypass the intended constraints of the secure processing feature. Depending on the components available in the classpath, this could lead to arbitrary remote code execution in the context of the application server running the application that uses Xalan-Java.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2014-0107
MD5 | dafc826316e1ba0edaa00ce99b2e962c
Red Hat Security Advisory 2014-0348-01
Posted Apr 1, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0348-01 - Xalan-Java is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations content to be processed by an application using Xalan-Java could use this flaw to bypass the intended constraints of the secure processing feature. Depending on the components available in the classpath, this could lead to arbitrary remote code execution in the context of the application server running the application that uses Xalan-Java.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2014-0107
MD5 | 5d5cfce263889f1a1136098147b6d01f
Mandriva Linux Security Advisory 2013-262
Posted Oct 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-262 - In PyCrypto before v2.6.1, the Crypto.Random pseudo-random number generator exhibits a race condition that may cause it to generate the same 'random' output in multiple processes that are forked from each other. Depending on the application, this could reveal sensitive information or cryptographic keys to remote attackers.

tags | advisory, remote, crypto
systems | linux, mandriva
advisories | CVE-2013-1445
MD5 | c914eb6d7cd918d111b7385f10b3736c
Red Hat Security Advisory 2013-1307-01
Posted Oct 1, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1307-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. It was found that PHP did not check for carriage returns in HTTP headers, allowing intended HTTP response splitting protections to be bypassed. Depending on the web browser the victim is using, a remote attacker could use this flaw to perform HTTP response splitting attacks.

tags | advisory, remote, web, php
systems | linux, redhat
advisories | CVE-2006-7243, CVE-2011-1398, CVE-2012-0831, CVE-2012-2688, CVE-2013-1643, CVE-2013-4248
MD5 | 101506133c6ba8b768f1f24a0df2e936
Off-By-One Exploitation Tutorial
Posted Sep 23, 2013
Authored by Saif El-Sherei

This whitepaper is called Off-By-One Exploitation Tutorial. The off by one vulnerability in general means that if an attacker supplied input with certain length if the program has an incorrect length condition the program will write one byte outside the bounds of the space allocated to hold this input causing one of two scenarios depending on the input.

tags | paper
MD5 | 5cb2ae53dcd95b808c534a6a209e1c51
Debian Security Advisory 2742-1
Posted Aug 26, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2742-1 - It was discovered that PHP, a general-purpose scripting language commonly used for web application development, did not properly process embedded NUL characters in the subjectAltName extension of X.509 certificates. Depending on the application and with insufficient CA-level checks, this could be abused for impersonating other users.

tags | advisory, web, php
systems | linux, debian
advisories | CVE-2013-4248
MD5 | 4761b7f22bd806cd43d5cd52f3905bf4
Red Hat Security Advisory 2013-1122-01
Posted Aug 1, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1122-01 - The rhev-guest-tools-iso package contains tools and drivers. These tools and drivers are required by supported Windows guest operating systems when installed as guests on Red Hat Enterprise Virtualization. An unquoted search path flaw was found in the way the Red Hat Enterprise Virtualization Application Provisioning Tool service was installed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2176
MD5 | 3b85e0ab46568848f9a1af4faf600f5b
Red Hat Security Advisory 2013-1101-01
Posted Jul 22, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1101-01 - The virtio-win package provides paravirtualized network drivers for most Microsoft Windows operating systems. Paravirtualized drivers are virtualization-aware drivers used by fully virtualized guests running on Red Hat Enterprise Linux. An unquoted search path flaw was found in the way the QEMU Guest Agent service installation was performed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2231
MD5 | 0235d9a70c0433b12208d99f284abd1c
Red Hat Security Advisory 2013-1100-01
Posted Jul 22, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1100-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. An unquoted search path flaw was found in the way the QEMU Guest Agent service installation was performed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges. This issue was discovered by Lev Veyde of Red Hat.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2231
MD5 | cf9133ca7a535ad9a6483d26eccde5d4
Debian Security Advisory 2723-1
Posted Jul 17, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2723-1 - It was discovered that PHP could perform an invalid free request when processing crafted XML documents, corrupting the heap and potentially leading to arbitrary code execution. Depending on the PHP application, this vulnerability could be exploited remotely.

tags | advisory, arbitrary, php, code execution
systems | linux, debian
advisories | CVE-2013-4113
MD5 | f1a3cbc47939b9fe8b5c22cf6225d053
Red Hat Security Advisory 2013-1044-01
Posted Jul 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1044-01 - The JBoss Seam 2 framework is an application framework for building web applications in Java. The RichFaces component is an open source framework that adds Ajax capability into existing JavaServer Faces applications. A flaw was found in the way RichFaces ResourceBuilderImpl handled deserialization. A remote attacker could use this flaw to trigger the execution of the deserialization methods in any serializable class deployed on the server. This could lead to a variety of security impacts depending on the deserialization logic of these classes.

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2013-2165
MD5 | e1a05bd5bb3e669534dc0a77f05057dc
Red Hat Security Advisory 2013-1045-01
Posted Jul 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1045-01 - RichFaces is an open source framework that adds Ajax capability into existing JavaServer Faces applications. A flaw was found in the way RichFaces ResourceBuilderImpl handled deserialization. A remote attacker could use this flaw to trigger the execution of the deserialization methods in any serializable class deployed on the server. This could lead to a variety of security impacts depending on the deserialization logic of these classes. The fix for this issue introduces a whitelist to limit classes that can be deserialized by RichFaces.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-2165
MD5 | b4973913627f96bd69f25e551c472757
Red Hat Security Advisory 2013-1043-01
Posted Jul 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1043-01 - RichFaces is an open source framework that adds Ajax capability into existing JavaServer Faces applications. A flaw was found in the way RichFaces ResourceBuilderImpl handled deserialization. A remote attacker could use this flaw to trigger the execution of the deserialization methods in any serializable class deployed on the server. This could lead to a variety of security impacts depending on the deserialization logic of these classes. The fix for this issue introduces a whitelist to limit classes that can be deserialized by RichFaces.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-2165
MD5 | e56138e55a8afd95f94c2256481a8368
Red Hat Security Advisory 2013-1042-01
Posted Jul 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1042-01 - RichFaces is an open source framework that adds Ajax capability into existing JavaServer Faces applications. A flaw was found in the way RichFaces ResourceBuilderImpl handled deserialization. A remote attacker could use this flaw to trigger the execution of the deserialization methods in any serializable class deployed on the server. This could lead to a variety of security impacts depending on the deserialization logic of these classes. The fix for this issue introduces a whitelist to limit classes that can be deserialized by RichFaces.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-2165
MD5 | b54e988dc447e6311e74704b02f32e42
Mandriva Linux Security Advisory 2013-177
Posted Jun 25, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-177 - Updated dbus packages fix security vulnerability. Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in _dbus_printf_string_upper_bound(). This vulnerability can be exploited by a local user to crash system services that use libdbus, causing denial of service. Depending on the dbus services running, it could lead to complete system crash.

tags | advisory, denial of service, local
systems | linux, mandriva
advisories | CVE-2013-2168
MD5 | 659ae4c2b1bfd769215afd3570c4f34f
FreeBSD Security Advisory - mmap Privilege Escalation
Posted Jun 18, 2013
Site security.freebsd.org

FreeBSD Security Advisory - Due to insufficient permission checks in the virtual memory system, a tracing process (such as a debugger) may be able to modify portions of the traced process's address space to which the traced process itself does not have write access. This error can be exploited to allow unauthorized modification of an arbitrary file to which the attacker has read access, but not write access. Depending on the file and the nature of the modifications, this can result in privilege escalation. To exploit this vulnerability, an attacker must be able to run arbitrary code with user privileges on the target system.

tags | advisory, arbitrary
systems | freebsd
advisories | CVE-2013-2171
MD5 | 6b93f76d05b988e765c69c621431c185
Debian Security Advisory 2707-1
Posted Jun 13, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2707-1 - Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in _dbus_printf_string_upper_bound(). This vulnerability can be exploited by a local user to crash system services that use libdbus, causing denial of service. Depending on the dbus services running, it could lead to complete system crash.

tags | advisory, denial of service, local
systems | linux, debian
advisories | CVE-2013-2168
MD5 | 16c9da1b05f1f7333e08915f04083297
Red Hat Security Advisory 2013-0925-01
Posted Jun 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0925-01 - The rhev-guest-tools-iso package contains tools and drivers. These tools and drivers are required by supported Windows guest operating systems when installed as guests on Red Hat Enterprise Virtualization. An unquoted search path flaw was found in the way the Red Hat Enterprise Virtualization agent was installed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges. An unquoted search path flaw was found in the way the SPICE service was installed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2151, CVE-2013-2152
MD5 | 156ccc804841ec0c75d38991d0b207c5
Red Hat Security Advisory 2013-0924-01
Posted Jun 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0924-01 - spice-vdagent-win provides a service and an agent that can be installed and run on Windows guests. An unquoted search path flaw was found in the way the SPICE service was installed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2152
MD5 | 16a012382e80c53ed61486a3057b683b
Red Hat Security Advisory 2013-0514-02
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0514-02 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that PHP did not check for carriage returns in HTTP headers, allowing intended HTTP response splitting protections to be bypassed. Depending on the web browser the victim is using, a remote attacker could use this flaw to perform HTTP response splitting attacks. An integer signedness issue, leading to a heap-based buffer underflow, was found in the PHP scandir() function. If a remote attacker could upload an excessively large number of files to a directory the scandir() function runs on, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code.

tags | advisory, remote, web, arbitrary, php
systems | linux, redhat
advisories | CVE-2011-1398, CVE-2012-0831, CVE-2012-2688
MD5 | 70139b0d7da02cc9f3a03467941e9a21
Page 2 of 4
Back1234Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close