what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

VIGILANTE-2000007
Posted Aug 28, 2000
Authored by Vigilante | Site vigilante.com

Vigilante Advisory #7 - A malicious user can crash an Intel Express 550F or a host behind it by sending a packet with a malformed header. To restart the box you need remove it from it's power source as the reset button loses functionality as well. Affected systems: Intel Express Switch 550F - Firmware version 2.63 - Firmware version 2.64.

tags | exploit
SHA-256 | e5543dcadd99ee203a752f663a687366bd68f30736388f7036df6793e11c9e4c

Related Files

Proventia Network Mail Security System Insecure Direct Object Reference
Posted Sep 14, 2010
Authored by Dr. Marian Ventuneac

Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to an Insecure Direct Object Reference vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing OS command execution, local file inclusion resulting in exposure of appliance configuration files, source code, etc.

tags | exploit, web, local, file inclusion
advisories | CVE-2010-0154
SHA-256 | 4faf8158f2565688d604706ac1cf4006697d9a3c4dc9926cebbe5d8ab0579ade
Proventia Network Mail Security System Cross Site Scripting
Posted Sep 14, 2010
Authored by Dr. Marian Ventuneac

Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to multiple persistent and reflected XSS attacks. When exploited by an external/internal attacker, such identified vulnerabilities could lead to Session Hijack, Information Disclosure, force installation of malicious file or Trojan on users' PCs, etc.

tags | exploit, web, local, trojan, vulnerability, info disclosure
advisories | CVE-2010-0152
SHA-256 | 7d77648766361a40b7d96f7ef892d0dab12d44b36490044262f591af031bf755
Proventia Network Mail Security System Cross Site Request Forgery
Posted Sep 14, 2010
Authored by Dr. Marian Ventuneac

Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to XSRF attacks. When exploited by an attacker, the identified vulnerabilities could lead to compromising the security of the appliance, including unauthorized alteration of appliance's settings, DoS attacks, etc.

tags | advisory, web, local, vulnerability
advisories | CVE-2010-0153
SHA-256 | e79b5a9fb4e89af714cf275dfcd4e03761b0ba0e0db20144b1e00d48f36b7d68
Tandberg Denial Of Service
Posted Aug 30, 2010
Authored by David Klein

Tandberg MXP systems with a firmware prior to 9.0 suffer from a SNMP related denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 7a27927c605b454f1e6b03e8335b08ee519475e3f0fc0627c3d6fe6dcd38f69e
McAfee UTM Firewall Cross Site Scripting
Posted Jun 12, 2010
Authored by Adam Baldwin

McAfee UTM Firewall firmware versions 3.0.0 through 4.0.6 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d74a18c2c94d3ec9137055c30cb90322d16fe5992676d7772281967380bf88d1
Secunia Security Advisory 37635
Posted Jun 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 513ca15470bda1ae480e9eab09b861ea156ef118cfa8ba1b1c7a18ee13b8a52b
iOmega Home Media Network Drive Arbitrary Access
Posted Apr 15, 2010
Authored by fizix610

iOmega Home Media Network Hard Drive firmware version 2.038 through 2.061 suffer from an unauthenticated access vulnerability.

tags | exploit
SHA-256 | 2cd1de52837d1fdcc72f8f653ffe102295eda8e88b928a3da31fdfe6dfcfb58f
Tandberg VCS Authentication Bypass
Posted Apr 12, 2010
Authored by Timothy D. Morgan | Site vsecurity.com

Virtual Security Research, LLC. Security Advisory - On December 2nd, VSR identified an authentication bypass vulnerability in TANDBERG's Video Communication Server, firmware version x4.2.1. This vulnerability allows for the complete bypass of authentication in the administrative web console. Since this web interface can be used to execute arbitrary code on the appliance as root (via software updates), the severity is considered critical.

tags | advisory, web, arbitrary, root, bypass
advisories | CVE-2009-4509
SHA-256 | db51c425156ad6e9f3fa40fb9a1383e98edfded1cb0710c6c58c4a658f0b3a0b
Secunia Security Advisory 39003
Posted Mar 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Broadcom Integrated NIC Management Firmware for HP PCs, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | edbfcb722522d366f075a5e520a388cfcb72317593dd3a50d8e5e6df836bb7fc
EFIPW Apple EFI Firmware Password Changer 0.2a
Posted Jan 31, 2010
Authored by Paul Makowski | Site code.google.com

EFIPW is a tool that can be used to decode and modify Apple EFI firmware passwords via the command line. It is designed after the non open source OFPW utility and is designed to work on Intel machines running Leopard or newer. Useful for lab deployments (setting the firmware password of machines as a post install item) and pen tests (recovering the EFI firmware password).

Changes: Complete Python rewrite. Works on Snow Leopard again.
tags | tool
systems | unix, apple
SHA-256 | 83fe779b6bcdb2cbbb4da3359a7a5d0e75ca7ff27c8901c902ff4d15ec0f684b
Hacking D-Link Routers With HNAP
Posted Jan 11, 2010
Site sourcesec.com

Hacking D-Link Routers With HNAP - Multiple D-Link routers suffer from insecure implementations of the Home Network Administration Protocol which allow unauthenticated and/or unprivileged users to view and configure administrative settings on the router. Further, the mere existence of HNAP allows attackers to completely bypass the CAPTCHA login features that D-Link has made available in recent firmware releases.

tags | paper, protocol
SHA-256 | e9ae50f05b83bf98f76e90aa3dd3f3e9bf3fea8493bf25bf0c5291e5191f43a3
Barracuda Web Firewall 660 Firmware 7.3.1.007 Input Validation
Posted Dec 21, 2009
Authored by Global-Evolution

The Bararcuda web firewall 660 with firmware 7.3.1.007 suffers from input validation vulnerabilities that allow for session hijacking and more.

tags | exploit, web, vulnerability
SHA-256 | bf65427cf42c5a384779e3d121dfd96b62f502dac235f59d56843334b08a4a7d
Obeseus Distributed Denial Of Service Detector
Posted Nov 3, 2009
Authored by Mark Osborne, Simon Ratcliffe | Site loud-fat-bloke.co.uk

Obeseus is a light-weight, high-speed ip DDOS detector that has been designed to run on an Intel probe running an advanced 10 Gb/s FPGA card. Firmware Routines on the card ensure that the attack is identified right down to host/port with zero load on the PCI bus. This is the pre-port to FPGA beta version written in "c" with PCAP and BPF.

tags | tool
systems | unix
SHA-256 | b67e244ec592a0c5a1242966f36937d8dfd7d5e17d6725951479d2a05fc108b9
Everfocus EDSR 1.4 Cam Exploit
Posted Oct 15, 2009
Authored by Andrea Fabrizi | Site andreafabrizi.it

The Everfocus EDSR firmware fails to correctly handle authentication and sessions. This remote exploit takes advantages of versions 1.4 and below and lets you view the live cameras of remote DVRs.

tags | exploit, remote
SHA-256 | 10026da1a7949dc0eaf28f986ef241f8679e65ad5c74df580ec8f86a61a39823
Cisco Security Advisory 20090624-video
Posted Jun 25, 2009
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Video Surveillance Stream Manager firmware for the Cisco Video Surveillance Services Platforms and Cisco Video Surveillance Integrated Services Platforms contain a denial of service (DoS) vulnerability that could result in a reboot on systems that receive a crafted packet. Cisco Video Surveillance 2500 Series IP Cameras contain an information disclosure vulnerability that could allow an authenticated user to view any file on a vulnerable camera. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.

tags | advisory, denial of service, vulnerability, info disclosure
systems | cisco
advisories | CVE-2009-2045, CVE-2009-2046
SHA-256 | 3b56d120b6856f73ef48b6879e7de75cf47fb8f500ff02f80c93c32f09dfc51d
Garmin Communicator Plug-In Domain Locking Security Bypass
Posted May 7, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Garmin Communicator Plug-In, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to a synchronisation error in the GARMINAXCONTROL.GarminAxControl_t.1 ActiveX control (npGarmin.dll). This can be exploited to bypass the domain locking and dialog box presented to the user asking for confirmation that the untrusted site may access private data. Successful exploitation allows full access (such as deleting data, retrieving personal information, or installing firmware updates) to any Garmin GPS products connected to the user's system. Garmin Communicator Plug-In (npGarmin.dll) version 2.6.4.0 is affected.

tags | advisory, activex
advisories | CVE-2009-0194
SHA-256 | d2f086ac3f174a9241e5c568f24970ed3a5b1893adb4e0b56c252fa22c46ae09
EFIPW Apple EFI Firmware Password Changer
Posted Apr 14, 2009
Authored by Paul Makowski | Site code.google.com

EFIPW is a tool that can be used to decode and modify Apple EFI firmware passwords via the command line. It is designed after the non open source OFPW utility and is designed to work on Intel machines running Leopard or newer. Useful for lab deployments (setting the firmware password of machines as a post install item) and pen tests (recovering the EFI firmware password).

tags | tool
systems | unix, apple
SHA-256 | 32600871a5188868b50004beb3b523ddca7180f0dcad55c13de60f87401435fa
Linksys Wireless ADSL Router Denial Of Service Exploit
Posted Dec 31, 2008
Authored by r0ut3r

Linksys Wireless ADSL Router httpd denial of service exploit for WAG54G V.2 with firmware 1.02.20.

tags | exploit, denial of service
SHA-256 | 14dd874d904b5b4eacda3a2f64f6d57318849cd08be9a4e01e8fc280387d9dc3
Secunia Security Advisory 32582
Posted Nov 12, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sun System Firmware, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
SHA-256 | bdea59d092405f0d2b8d983835f4cf3a860a3658e439ddd72b003444fa34c3ad
marvell-null.txt
Posted Sep 4, 2008
Authored by Laurent Butti, Julien Tinnes

The Netgear WN802T (firmware 1.3.16) with the MARVELL 88W8361P-BEM1 chipset suffers from a NULL SSID association request vulnerability that allows for denial of service and possibly code execution.

tags | advisory, denial of service, code execution
advisories | CVE-2008-1197
SHA-256 | ccb13de54f066e877156a14ba07fa1ac4f865e9ef7de15ecd8de515a0d4f33f9
marvell-overflow.txt
Posted Sep 4, 2008
Authored by Laurent Butti, Julien Tinnes

The Netgear WN802T (firmware 1.3.16) with the MARVELL 88W8361P-BEM1 chipset suffers from an overflow vulnerability when parsing malformed EAPoL-Key packets.

tags | advisory, overflow
advisories | CVE-2008-1144
SHA-256 | 38d2065be0b8a4aeb8224079f08d4c79ba5ac17ce0b4e9162721a30007efe569
IVIZ-08-005.txt
Posted Aug 26, 2008
Authored by Jonathan Brossard | Site ivizsecurity.com

The password checking routine of the IBM Lenovo BIOS firmware fails to sanitize the BIOS keyboard buffer after reading user input, resulting in plain text password leakage to local users.

tags | advisory, local
SHA-256 | a488508939d0aa7156c8686aa75fbaba363e073efc4b44072a2a13c40dde1e04
IVIZ-08-004.txt
Posted Aug 26, 2008
Authored by Jonathan Brossard | Site ivizsecurity.com

The password checking routine of Intel BIOS firmware fails to sanitize the BIOS keyboard buffer after reading user input, resulting in plain text password leakage to local users.

tags | advisory, local
SHA-256 | a3dae1efa2a513a1e4d34e8620de7b40c67b3bd5327e513a672c4257d6bfcb28
AST-2008-011.txt
Posted Jul 23, 2008
Authored by Tilghman Lesher | Site asterisk.org

Asterisk Project Security Advisory - An attacker may request an Asterisk server to send part of a firmware image. However, as this firmware download protocol does not initiate a handshake, the source address may be spoofed. Therefore, an IAX2 FWDOWNL request for a firmware file may consume as little as 40 bytes, yet produces a 1040 byte response. Coupled with multiple geographically diverse Asterisk servers, an attacker may flood an victim site with unwanted firmware packets.

tags | advisory, spoof, protocol
advisories | CVE-2008-3264
SHA-256 | 033fd05fff387ab0474d5a49f0a057699dcb0943d8893658905cf254d19d1aa2
linksys54g-bypass.txt
Posted Jun 24, 2008
Authored by meathive | Site kingpinz.info

The Linksys WRT54G (firmware 1.00.9) suffers from multiple security bypass vulnerabilities.

tags | exploit, vulnerability, bypass
advisories | CVE-2008-1247
SHA-256 | 6b72b26de9c2d8e0c66310a390f706c7cbc59b771a63edf2616425a62a197785
Page 2 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close