196 matches found
[SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU
Hello All, Below, we are providing you with technical details regarding security issues reported by us to Oracle and addressed by the company in a recent Feb 2013 Java SE CPU 1. Issue 29 This issue allows for the creation of arbitrary Proxy objects for interfaces defined in restricted packages...
Embedded Systems, Critical Infrastructure 'Renovation' Outpacing Security
Scott Tousley, deputy director cybersecurity division at Department of Homeland Security Science & Technology, is an advocate of integrating cybersecurity education into all disciplines of IT and business and risk management. “We don’t want to teach cybersecurity as a stovepipe, but to do it so...
Samba remote code execution vulnerability, Patch Released !
Samba remote code execution vulnerability, Patch Released ! Samba is an award-winning free software file, print and authentication server suite for Windows clients. The project was begun by Australian Andrew Tridgell. There is a serious remotely exploitable vulnerability in the Samba open-source...
Smashing the Linux Heap
MIAMI BEACH–There has been a lot of discussion and research in the last decade on exploiting heap overflows in various platforms, especially Windows. But one researcher has found that there is a heap allocator in the Linux kernel that is, as he describes it, “beautifully exploitable.” Meet SLOB...
VxWorks OS Is Open to Attack
Renowned researcher HD Moore next week will reveal how a misconfiguration by developers using the VxWorks operating system found in many embedded systems has left a trail of vulnerable products across various vendors’ products. Read the full article. Dark Reading...
2^6 TCP Control Bit - Fuzzer (No ECN or CWR)
2^6 TCP Control Bit - Fuzzer No ECN or CWR !/usr/bin/perl 2^6 TCP Control Bit Fuzzer No ECN or CWR This code was written originally as a control bit fuzzer for the JunOS 3-9 crash mentioned in PSN-2010-01-623 and http://www.securityfocus.com/news/11571 However it will also be useful in fuzzing...
2^6 TCP Control Bit - Fuzzer (No ECN or CWR)
!/usr/bin/perl 2^6 TCP Control Bit Fuzzer No ECN or CWR This code was written originally as a control bit fuzzer for the JunOS 3-9 crash mentioned in PSN-2010-01-623 and http://www.securityfocus.com/news/11571 However it will also be useful in fuzzing future IP stacks, such as userland IP stacks ...
Simple HTTPd 1.38 - Multiple Vulnerabilities
Luigi Auriemma Application: Simple HTTPD http://shttpd.sourceforge.net Versions: = 1.38 Platforms: Windows, nix, QNX, RTEMS only Windows seems vulnerable Bugs: A directory traversal B scripts and CGI viewing/downloading %20 char found by Shay priel in Jun 2007 Exploitation: remote Date: 07 Dec 20...
[Full-disclosure] Dropbear SSH server Denial of Service
Dropbear SSH server Denial of Service Credits: Pablo Fernandez March 7th, 2006 I. BACKGROUND Dropbear is a relatively small SSH 2 server and client. It runs on a variety of POSIX-based platforms. Dropbear is open source software, distributed under a MIT-style license. Dropbear is particularly...
[Full-disclosure] iDefense Security Advisory 02.07.06: QNX Neutrino RTOS phfont Race Condition Vulnerability
QNX Neutrino RTOS phfont Race Condition Vulnerability iDefense Security Advisory 02.07.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=383 February 7, 2006 I. BACKGROUND QNX Software Systems Ltd.'s Neutrino RTOS QNX is a real-time operating system designed for use in embedd...
vxworks ftpd buffer overflow
It might be possible to make the remote FTP server crash by issuing this command : CEL aaaa...aaaa This problem is similar to the 'aix ftpd' overflow but on embedded vxworks based systems like the 3com nbx IP phone call manager and seems to cause the server to crash. Note that OpenVAS solely reli...
Embedded Lockdown Manager
Embedded Lockdown Manager...
Block Embedded XPe Offering
Block Embedded XPe Offering...
2022-01 Security Only Quality Update for Windows Embedded 8 Standard for x64-based Systems (KB5009619)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...
2020-03 Servicing Stack Update for Windows Embedded 8 Standard for x64-based Systems (KB4540726)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...
2017-06 Security Monthly Quality Rollup for Windows Embedded Standard 7 for x86-based Systems (KB4022719)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...