1753 matches found
Konke Smart Plug Authentication Bypass
----------------------------------------------------------------------- Konke Smart Plug Authentication Bypass Vulnerability ----------------------------------------------------------------------- Author : gamehacker&zixian Mail : gh&zixian Date : Oct, 17-2014 Vendor : http://www.kankunit.com/ Li...
Konke Smart Plug K - Authentication Bypass
Konke Smart Plug K - Authentication Bypass ----------------------------------------------------------------------- Konke Smart Plug Authentication Bypass Vulnerability ----------------------------------------------------------------------- Author : gamehacker&zixian Mail : gh&zixian Date : Oct,...
Konke Smart Plug K - Authentication Bypass
----------------------------------------------------------------------- Konke Smart Plug Authentication Bypass Vulnerability ----------------------------------------------------------------------- Author : gamehacker&zixian Mail : gh&zixian Date : Oct, 17-2014 Vendor : http://www.kankunit.com/ Li...
Вышла операционная система OpenWrt 14.07
Встроенная операционная система OpenWrt обновилась до версии 14.07. Эту ОС часто устанавливают на маршрутизаторах как замену проприетарным прошивкам. Основные компоненты OpenWrt включают в себя ядро Linux, util-linux, uClibc и BusyBox. Размер всех компонентов минимизирован, чтобы работать на...
Mandriva Linux Security Advisory : busybox (MDVSA-2014:173)
Updated busybox packages fix security vulnerability : An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. Busybox bundles part...
MGASA-2014-0351 Updated busybox packages fix CVE-2014-4607
Updated busybox packages fix security vulnerability: An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. Busybox bundles part ...
Updated busybox packages fix CVE-2014-4607
Updated busybox packages fix security vulnerability: An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. Busybox bundles part ...
TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution
Exploit for hardware platform in category web applications Vulnerability description: The domain name parameters of the "Parental Control" and "Access Control" features of the TP-Link TL-WR740N v4 FW-Ver. 3.16.6 Build 130529 Rel.47286n router are prone to arbitrary shell command execution as root...
TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution
Exploit Title: TP-Link TL-WR740N v4 router FW-Ver. 3.16.6 Build 130529 Rel.47286n arbitrary shell command execution Date: 08/03/2014 Exploit Author: Christoph Kuhl Vendor Homepage: http://www.tp-link.com Software Link: http://www.tp-link.com.de/resources/software/TL-WR740NV4130529.zip Version:...
docker 0.11 VMM-container Breakout
No description provided by source. / shocker: docker PoC VMM-container breakout C 2014 Sebastian Krahmer Demonstrates that any given docker image someone is asking you to run in your docker setup can access ANY file on your host, e.g. dumping hosts /etc/shadow or other sensitive info, compromisin...
Serial port shell binding, busybox Launching shellcode
No description provided by source. / General: Serial port shell binding, busybox launching shellcode.. yey! Specific: really wish i could tell you what i needed this for.. but meh.. this will bind a busybox sh shell to /dev/ttyS0, the shellcode does not alter the baudrate settings.. 9600 is the...
BusyBox 1.01 HTTPD Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20067/info The httpd daemon of BusyBox is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from...
TRENDnet Shell
Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...
TRENDnet Shell
Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...
TRENDnet Shell
Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...
Netgear D6300B Command Injection / Misconfiguration
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory ID: SYSS-2013-001 Product: NETGEAR Router D6300B / Firmware: V1.0.0.141.0.14 latest Vendor: Netgear Affected Versions: until V1.0.0.141.0.14 latest Tested Versions: V1.0.0.141.0.14 latest Vulnerability Type: Root-Shell, OS Command Injection,...
Scientific Linux Security Update : busybox on SL6.x i386/x86_64 (20131121)
It was found that the mdev BusyBox utility could create certain directories within /dev with world-writable permissions. A local unprivileged user could use this flaw to manipulate portions of the /dev directory tree. CVE-2013-1813 This update also fixes the following bugs : - Previously, due to ...
BusyBox: Multiple vulnerabilities
Background BusyBox is set of tools for embedded systems and is a replacement for GNU Coreutils. Description Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted DHCP reques...
GLSA-201312-02 : BusyBox: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201312-02 BusyBox: Multiple vulnerabilities Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send a specially crafted DHCP...
MGASA-2013-0358 Updated busybox package fixes security vulnerability
It was found that the mdev BusyBox utility could create certain directories within /dev with world-writable permissions. A local unprivileged user could use this flaw to manipulate portions of the /dev directory tree CVE-2013-1813...