Verizon Network Extender femtocell hack intercepts calls

A $250 piece of hardware known as a femtocell, used to boost mobile phone signals for consumers and small businesses, is vulnerable to a complete takeover that attackers can use to intercept Internet traffic and cell phone calls. Two researchers from iSEC Partners are expected to provide more...

Samsung Galaxy S4 Android Bootloader Unlocked

Those of you who like to tinker and jailbreak Android phones should take notice of some new research conducted on Samsung Galaxy S4 Android devices shipped by AT&T and Verizon. Both device makers ship the Galaxy S4 smartphones with a locked down bootloader that prevents users from uploading custo...

CVE-2013-3051

The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local...

Design/Logic Flaw

The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local...

CVE-2013-3051

The CVE-2013-3051 issue concerns the TrustZone kernel on certain Motorola builds of Android 4.1.2 (Razr HD, Razr M, Atrix HD with Qualcomm MSM8960). The vulnerability arises because the kernel does not verify the association between a specific physical-address argument and a memory region, enabli...

CVE-2013-3051

The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local...

CVE-2013-3051

The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local...

Trusted Kernel Exploit Used to Unlock Motorola Android Devices

A researcher looking for a way to jailbreak locked down Motorola Android devices found a loophole in hardware-embedded security system to do just that. Dan Rosenberg of Azimuth Security, a consultancy headquartered in Sydney, Australia, reported that he was able to exploit a vulnerability in the...

ASMAX AR 1004g Authentication Bypass Vulnerability

Exploit for hardware platform in category web applications Exploit Title: ASMAX AR 1004g Authentication Bypass Date: 30.01.2013 Exploit Author: lucyoa Vendor Homepage: asmax.pl ASMAX AR 1004g is the most popular router device from asmax. ------------------- Device Info --------------------------...

SuSE 11.1 Security Update : Xen (SAT Patch Number 6653)

Xen was updated to fix several security issues : - A xen HVM guest destroy p2m teardown host DoS vulnerability was fixed, where malicious guest could lock/crash the host. CVE-2012-3433 - A xen HVM guest user mode MMIO emulation DoS was fixed. CVE-2012-3432 - The xen pv bootloader doesn't check th...

SuSE 10 Security Update : Xen (ZYPP Patch Number 8268)

XEN was updated to fix multiple bugs and security issues. The following security issues have been fixed : - xen: hypercall setdebugreg vulnerability XSA-12. CVE-2012-3494 - xen: Qemu VT100 emulation vulnerability XSA-17. CVE-2012-3515 - xen: pv bootloader doesn't check the size of the bzip2 or lz...

CVE-2012-2314

The bootloader configuration module pyanaconda/bootloader.py in Anaconda uses 755 permissions for /etc/grub.d, which allows local users to obtain password hashes and conduct brute force password guessing attacks...

Default credentials

The bootloader configuration module pyanaconda/bootloader.py in Anaconda uses 755 permissions for /etc/grub.d, which allows local users to obtain password hashes and conduct brute force password guessing attacks...

CVE-2012-2314

The CVE-2012-2314 entry relates to the Anaconda bootloader configuration module (pyanaconda/bootloader.py) setting 755 permissions on /etc/grub.d. This permission configuration could allow local users to access password hashes and perform brute-force guessing attacks. The available connected reco...

PT-2012-3945 · Anaconda · Anaconda

Name of the Vulnerable Software and Affected Versions: Anaconda affected versions not specified Description: The issue concerns the bootloader configuration module in Anaconda, specifically the pyanaconda/bootloader.py file, which sets 755 permissions for /etc/grub.d. This setting allows local...

Fedora Update for grub2 FEDORA-2012-7579

Check for the Version of grub2 OpenVAS Vulnerability Test Fedora Update for grub2 FEDORA-2012-7579 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

[SECURITY] Fedora 16 Update: grub2-1.99-13.fc16.3

The GRand Unified Bootloader GRUB is a highly configurable and customizab le bootloader with modular architecture. It support rich varietyof kernel for mats, file systems, computer architectures and hardware devices...

Windows Bitlocker Open to Attack

An attacker with access to the target computer simply boots from a USB flash drive and replaces the BitLocker bootloader with a substitute bootloader which mimics the BitLocker PIN query process but saves the PINs entered by the user to disk in unencrypted form. Read the full article. The H Secur...

CVE-2009-4128

CVE-2009-4128 affects GRUB 2 (1.97) and allows authentication bypass by feeding a 1-character password because GRUB 2 did not properly validate the entire password. Affected systems could be exploited by an attacker with physical access to perform a local brute-force attack. Ubuntu's USN-868-1 an...

PT-2009-6303 · Gnu · Grub

Name of the Vulnerable Software and Affected Versions: GNU GRand Unified Bootloader GRUB 2 version 1.97 Description: The issue allows physically proximate attackers to conduct brute force attacks and bypass authentication by submitting a password whose length is 1, as the software only compares t...