Hikvision DVR Basic Authentication Buffer Overflow (CVE-2014-4880)

A buffer overflow vulnerability has been reported in Hikvision DVR. The vulnerability is due to a boundary error in Basic Authentication Handling of an RTSP transaction. Successful exploitation may cause a denial of service condition or allow the attacker to inject and execute arbitrary code on t...

jetAudio 8.1.3 Basic (mp3) - Crash POC

Exploit for windows platform in category dos / poc Exploit Title : jetAudio 8.1.3 Basic Corrupted mp3 Crash POC Product : jetAudio Basic Date : 8.12.2014 Exploit Author : ITDefensor Vulnerability Research Team http://itdefensor.ru/ Software Link : http://www.jetaudio.com/download/ Vulnerable...

jetAudio 8.1.3 Basic (mp3) - Crash (PoC)

jetAudio 8.1.3 Basic mp3 - Crash PoC Exploit Title : jetAudio 8.1.3 Basic Corrupted mp3 Crash POC Product : jetAudio Basic Date : 8.12.2014 Exploit Author : ITDefensor Vulnerability Research Team http://itdefensor.ru/ Software Link : http://www.jetaudio.com/download/ Vulnerable version : 8.1.3...

jetAudio 8.1.3 Basic (mp3) - Crash (PoC)

Exploit Title : jetAudio 8.1.3 Basic Corrupted mp3 Crash POC Product : jetAudio Basic Date : 8.12.2014 Exploit Author : ITDefensor Vulnerability Research Team http://itdefensor.ru/ Software Link : http://www.jetaudio.com/download/ Vulnerable version : 8.1.3 Latest at the moment and probably...

SmoothWall 3.1 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: SmoothWall 3.1 Multiple vulnerabilities Date: 21/12/2014 Author: Yann CAM @ Synetis Vendor or Software Link: www.smoothwall.org - www.smoothwall.org/download/ Version: 3.1 Category: CSRF password reset & XSS persistent Google dork: Tested on: Smoothwall Linux distribution Smoothwal...

EAP6: Plain text password logging during security audit

It was found that the security audit functionality logged request parameters in plain text. This may have caused passwords to be included in the audit log files when using BASIC or FORM-based authentication. A local attacker with access to audit log files could possibly use this flaw to obtain...

JetAudio 8.1.3 - '.mp4' Crash (PoC)

Exploit Title : jetAudio 8.1.3 Basic Use-after-free Corrupted mp4 Crash POC Product : jetAudio Basic Date : 12.12.2014 Exploit Author : ITDefensor Vulnerability Research Team http://itdefensor.ru/ Software Link : http://www.jetaudio.com/download/ Vulnerable version : 8.1.3 Latest at the moment an...

JetAudio 8.1.3 - .mp4 Crash (PoC)

JetAudio 8.1.3 - .mp4 Crash PoC Exploit Title : jetAudio 8.1.3 Basic Use-after-free Corrupted mp4 Crash POC Product : jetAudio Basic Date : 12.12.2014 Exploit Author : ITDefensor Vulnerability Research Team http://itdefensor.ru/ Software Link : http://www.jetaudio.com/download/ Vulnerable version...

Mozilla: Bad casting from the BasicThebesLayer to BasicContainerLayer (MFSA 2014-89)

Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type...

Mozilla: Bad casting from the BasicThebesLayer to BasicContainerLayer (MFSA 2014-89)

Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type...

ZTE ZXDSL 831CII - Insecure Direct Object Reference Vulnerability

Exploit for hardware platform in category web applications Exploit Title: ZTE ZXDSL 831 Insecure Direct Object Reference Date: 11/3/2014 Exploit Author: Paulos Yibelo Vendor Homepage: zte.com.cn Software Link: - Version: - Tested on: Windows 7 CVE :- ZTE ZXDSL 831CII suffers from an insecure dire...

ZTE ZXDSL 831CII - Insecure Direct Object Reference

ZTE ZXDSL 831CII - Insecure Direct Object Reference Exploit Title: ZTE ZXDSL 831 Insecure Direct Object Reference Date: 11/3/2014 Exploit Author: Paulos Yibelo Vendor Homepage: zte.com.cn Software Link: - Version: - Tested on: Windows 7 CVE :- ZTE ZXDSL 831CII suffers from an insecure direct obje...

CVE-2014-3694

The 1 bundled GnuTLS SSL/TLS plugin and the 2 bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...

DEBIAN-CVE-2014-3694

The 1 bundled GnuTLS SSL/TLS plugin and the 2 bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...

MGASA-2014-0425 Updated pidgin packages fix security vulnerabilities

In Pidgin before 2.10.10, both of libpurple's bundled SSL/TLS plugins one for GnuTLS and one for NSS failed to check that the Basic Constraints extension allowed intermediate certificates to act as CAs. This allowed anyone with any valid certificate to create a fake certificate for any arbitrary...

UBUNTU-CVE-2014-3694

The 1 bundled GnuTLS SSL/TLS plugin and the 2 bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and...

IPFire 2.15 Bash Command Injection

!/usr/bin/env python Exploit Title : IPFire = 2.15 core 82 Authenticated cgi Remote Command Injection ShellShock Exploit Author : Claudio Viviani Vendor Homepage : http://www.ipfire.org Software Link: http://downloads.ipfire.org/releases/ipfire-2.x/2.15-core82/ipfire-2.15.i586-full-core82.iso Dat...

EAP6: Plain text password logging during security audit

It was found that the security audit functionality logged request parameters in plain text. This may have caused passwords to be included in the audit log files when using BASIC or FORM-based authentication. A local attacker with access to audit log files could possibly use this flaw to obtain...

EAP6: Plain text password logging during security audit

It was found that the security audit functionality logged request parameters in plain text. This may have caused passwords to be included in the audit log files when using BASIC or FORM-based authentication. A local attacker with access to audit log files could possibly use this flaw to obtain...

CVE-2014-6061: Security issue when parsing the Authorization header

Affected Versions All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpFoundation component are affected by this security issue. This issue has been fixed in Symfony 2.3.19, 2.4.9, and 2.5.4. Note that no fixes are provided for Symfony 2.0, 2.1, and 2.2 as they are not...