exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

FANUC Robotics Virtual Robot Controller 8.23 Buffer Overflow
Posted Jul 16, 2019
Authored by Sebastian Hamann

FANUC Robotics Virtual Robot Controller version 8.23 suffers from a stack-based buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2019-13585
MD5 | 24accc856caa22d0d70441294d2efb6a

Related Files

Tormux Ruby TOR Controller 0.1
Posted Jul 21, 2012
Authored by dirtyfilthy | Site github.com

tormux.rb is a single file, zero dependency ruby tor controller for reverse multiplexing outgoing connections between tor exit nodes. By default tor only builds a single circuit, and all your traffic will travel out of a single exit node until the circuit is destroyed and a new circuit is created. but tormux.rb will build and maintain one circuit for each of the number of exit nodes you specify, and round robin your outgoing tor connections between them automatically.

tags | tool, ruby
systems | unix
MD5 | 681810a62e0c8a2971d8cc9b0225acc0
Debian Security Advisory 2455-1
Posted Apr 20, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2455-1 - Helmut Hummel of the typo3 security team discovered that typo3, a web content management system, is not properly sanitizing output of the exception handler. This allows an attacker to conduct cross-site scripting attacks if either third-party extensions are installed that do not sanitize this output on their own or in the presence of extensions using the extbase MVC framework which accept objects to controller actions.

tags | advisory, web, xss
systems | linux, debian
advisories | CVE-2012-2112
MD5 | 5f9d9d8e05c845911b4758c7c3903684
Samsung Device Endless Restart / Possible Buffer Overflow
Posted Apr 20, 2012
Authored by Luigi Auriemma | Site aluigi.org

Samsung devices with support for remote controllers suffer from endless restart and possible buffer overflow vulnerabilities. Proof of concept code included.

tags | exploit, remote, overflow, vulnerability, proof of concept
systems | linux
MD5 | 97710f5ad1ab8c0c45c80302584713cc
Secunia Security Advisory 48478
Posted Mar 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Aruba Mobility Controller, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
MD5 | 5a077667acf1e539c0eb74a417671ca4
Aruba Networks Security Advisory - 031912
Posted Mar 20, 2012
Authored by Greg Ose | Site arubanetworks.com

Aruba Networks Security Advisory - This file encapsulates two different advisories for Aruba. An OS command injection vulnerability has been discovered in the Aruba Remote Access Point's Diagnostic Web Interface. When running the diagnostic web interface, arbitrary system commands can be executed as the root user on the Remote device by an unauthenticated attacker. An EAP-TLS 802.1X user authentication bypass vulnerability was discovered during standard internal bug reporting procedures in the Aruba Mobility Controller. This vulnerability only affects customers with EAP-TLS 802.1X local termination enabled.

tags | advisory, remote, web, arbitrary, local, root, bypass
MD5 | 160189ed43f67e75e99520e923033d40
Secunia Security Advisory 48232
Posted Mar 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in multiple Cisco Wireless Lan Controllers, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | cisco
MD5 | efbac7e0f15a90f589552d6ca5252d62
Cisco Security Advisory 20120229-wlc
Posted Mar 1, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by denial of service and unauthorized access vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available that mitigate some of these vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
advisories | CVE-2012-0368, CVE-2012-0369, CVE-2012-0370, CVE-2012-0371
MD5 | 57699ce5fc5235c15972638024e2edb6
TrendMicro Control Manager 5.5 Buffer Overflow
Posted Feb 24, 2012
Authored by blue, Luigi Auriemma | Site metasploit.com

This Metasploit module exploits a vulnerability in the CmdProcessor.exe component of Trend Micro Control Manager up to version 5.5. The specific flaw exists within CmdProcessor.exe service running on TCP port 20101. The vulnerable function is the CGenericScheduler::AddTask function of cmdHandlerRedAlertController.dll. When processing a specially crafted IPC packet, controlled data is copied into a 256-byte stack buffer. This can be exploited to execute remote code under the context of the user.

tags | exploit, remote, tcp
advisories | CVE-2011-5001, OSVDB-77585
MD5 | 7ddef7492fc7b4ecaa024912ce5d983a
Java MixerSequencer Object GM_Song Structure Handling
Posted Feb 17, 2012
Authored by Peter Vreugdenhil, juan vazquez | Site metasploit.com

This Metasploit module exploits a flaw within the handling of MixerSequencer objects in Java 6u18 and before. Exploitation id done by supplying a specially crafted MIDI file within an RMF File. When the MixerSequencer objects is used to play the file, the GM_Song structure is populated with a function pointer provided by a SONG block in the RMF. A Midi block that contains a MIDI with a specially crafted controller event is used to trigger the vulnerability. When triggering the vulnerability "ebx" points to a fake event in the MIDI file which stores the shellcode. A "jmp ebx" from msvcr71.dll is used to make the exploit reliable over java updates.

tags | exploit, java, shellcode
advisories | CVE-2010-0842, OSVDB-63493
MD5 | 832d568f84262995932885096374fd29
Red Hat Security Advisory 2012-0051-01
Posted Jan 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0051-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host. A flaw was found in the way the KVM subsystem of a Linux kernel handled PIT IRQs when there was no virtual interrupt controller set up. A malicious user in the kvm group on the host could force this situation to occur, resulting in the host crashing.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2011-4622, CVE-2012-0029
MD5 | eb412e012fdeeec9674c1901233256b0
Secunia Security Advisory 47632
Posted Jan 22, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in GE Energy D20/D200 Substation Controller, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable device.

tags | advisory, vulnerability
MD5 | 3a9d648192a79d0f110343b9277b054f
Zero Day Initiative Advisory 11-345
Posted Dec 8, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-345 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trent Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within CmdProcessor.exe service running on TCP port 20101. The vulnerable function is the CGenericScheduler::AddTask function of cmdHandlerRedAlertController.dll. When processing a specially crafted IPC packet, controlled data is copied into a 256-byte stack buffer. This can be exploited to execute remote code under the context of the user

tags | advisory, remote, arbitrary, tcp
MD5 | a94d56edf29b12fb1ec8aaf626a9e64e
Red Hat Security Advisory 2011-1533-04
Posted Dec 6, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1533-04 - Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud based enterprise environments. It integrates components of the Red Hat Directory Server, MIT Kerberos, Red Hat Certificate System, NTP and DNS. It provides web browser and command-line interfaces. Its administration tools allow an administrator to quickly install, set up, and administer a group of domain controllers to meet the authentication and identity management requirements of large scale Linux and UNIX deployments. A Cross-Site Request Forgery flaw was found in Red Hat Identity Management. If a remote attacker could trick a user, who was logged into the management web interface, into visiting a specially-crafted URL, the attacker could perform Red Hat Identity Management configuration changes with the privileges of the logged in user.

tags | advisory, remote, web, csrf
systems | linux, redhat, unix
advisories | CVE-2011-3636
MD5 | 7cd7c5f46a10875dc34350c66fbbfb79
Zero Day Initiative Advisory 11-307
Posted Oct 26, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-307 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists because Java does not sufficiently verify parameters certain functions. The function MixerSequencer.nAddControllerEventCallback fails to check for negative index numbers before writing user supplied data into a static array. This allows a malicious applet to write user controlled data outside the array boundaries resulting in remote code execution under the context of the current user.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2011-3545
MD5 | 8e9135f414c7da205ae927055f20f584
Joomla Controller SQL Injection
Posted Jul 15, 2011
Authored by SOLVER

The Joomla Controller component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 26726a342243321947f0e5c6d9a2927c
Secunia Security Advisory 45199
Posted Jul 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Aruba Mobility Controller and AirWave, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | 19eea36dca28b270383cda9100360f23
Secunia Security Advisory 45160
Posted Jul 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in Aruba Mobility Controller, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | 413bfe01c19a4ead5866402787e30164
Blue Coat BCAAA Remote Code Execution
Posted Jul 7, 2011
Authored by Paul Harrington | Site ngssecure.com

The software referred to as BCAAA (Blue Coat Authentication and Authorization Agent) is installed on a domain server (not necessarily a domain controller, a member server is enough) and acts as an intermediary between a Blue Coat ProxySG and the domain. The BCAAA Windows Service is vulnerable to a stack-based buffer overflow, this can lead to remote code execution running with SYSTEM privileges. Affected are all versions of BCAAA associated with ProxySG releases 4.2.3, 4.3, 5.2, 5.3, 5.4, 5.5, and 6.1 available prior to April 21, 2011 or with a build number less than 60258. All versions of BCAAA associated with ProxyOne are also vulnerable.

tags | exploit, remote, overflow, code execution
systems | windows
MD5 | c551a2b0d4aaa5f8536d2fb46e6270e4
Red Hat Security Advisory 2011-0883-01
Posted Jun 22, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0883-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update includes backported fixes for security issues. These issues, except for CVE-2011-1182, only affected users of Red Hat Enterprise Linux 6.0 Extended Update Support as they have already been addressed for users of Red Hat Enterprise Linux 6 in the 6.1 update, RHSA-2011:0542. Security fixes: Buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology based controllers. A local, unprivileged user could use these flaws to cause a denial of service, an information leak, or escalate their privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2010-3881, CVE-2010-4251, CVE-2010-4805, CVE-2011-0999, CVE-2011-1010, CVE-2011-1082, CVE-2011-1090, CVE-2011-1163, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495
MD5 | 4a6ae8c3495f4a85a880c7b44a2338fb
Red Hat Security Advisory 2011-0833-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0833-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw in the dccp_rcv_state_process() function could allow a remote attacker to cause a denial of service, even when the socket was already closed. Multiple buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology based controllers. A local, unprivileged user could use these flaws to cause a denial of service, an information leak, or escalate their privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-0726, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494, CVE-2011-1495, CVE-2011-1577, CVE-2011-1763
MD5 | bde747ec06cbdfaa6b01930157a97ef5
Secunia Security Advisory 44640
Posted May 19, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Intel Ethernet 10 Gigabit Ethernet Controllers, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 60c999b2f0caf53db367155aab055de3
Secunia Security Advisory 44384
Posted Apr 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco Wireless LAN Controllers, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
MD5 | d672309f0c9ff9765756b035506134b6
Cisco Security Advisory 20110427-wlc
Posted Apr 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by a denial of service (DoS) vulnerability where an unauthenticated attacker could cause a device reload by sending a series of ICMP packets. Cisco has released free software updates that address this vulnerability. There are no available workarounds to mitigate this vulnerability.

tags | advisory, denial of service
systems | cisco
advisories | CVE-2011-1613
MD5 | 0f5bbe9e9adcdb0cbf1b0cb360f194c1
Cisco ACS 1121 Default Credentials
Posted Apr 2, 2011
Authored by Jonathan Waldo

The Cisco ACS 1121 OEM IBM xSeries Baseboard Management Controller comes with default credentials.

tags | exploit
systems | cisco
MD5 | 53aa202b1480f0d11ae6834ffeb7be2f
Zero Day Initiative Advisory 11-110
Posted Mar 22, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-110 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Lotus Domino Server Controller. Authentication is not required to exploit this vulnerability. The flaw exists within the remote console functionality which listens by default on TCP port 2050. When handling A user authentication the server uses a user supplied COOKIEFILE path to retrieve stored credentials. The application then compares this data against the user provided username and cookie. The path to the COOKIEFILE can be a UNC path allowing the attacker to control both the known good credentials and the challenge credentials. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
MD5 | e1e50dd7b9921a9d20b48d77bf4b8767
Page 1 of 4
Back1234Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    16 Files
  • 18
    Sep 18th
    8 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close