Lucene search
K

381 matches found

n0where
n0where
added 2016/02/26 4:34 p.m.477 views

Linux Embedded Firmware Dynamic Analysis: FIRMADYNE

FIRMADYNE is an automated and scalable system for performing emulation and dynamic analysis of Linux-based embedded firmware. It includes the following components: modified kernels MIPS: v2.6.32 , ARM: v4.1 , v3.10 for instrumentation of firmware execution; a userspace NVRAM library to emulate a...

7.8AI score
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2016/01/29 12:0 a.m.33 views

Oracle Linux 7 : qemu-kvm (ELSA-2016-0083)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-0083 advisory. - Resolves: bz1298047 CVE-2016-1714 qemu-kvm: Qemu: nvram: OOB r/w access in processing firmware configurations rhel-7.2.z Tenable has extracted the preceding...

8.1CVSS7.7AI score0.06085EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/01/28 3:55 p.m.5 views

Qemu: nvram: OOB r/w access in processing firmware configurations

An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with...

8.1CVSS7.7AI score0.06085EPSS
Exploits0References4
NVD
NVD
added 2015/10/23 9:59 p.m.24 views

CVE-2015-5945

The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters...

7.2CVSS8.1AI score0.00346EPSS
Exploits0References2
Prion
Prion
added 2015/10/23 9:59 p.m.24 views

Code injection

The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters...

7.2CVSS6.4AI score0.00346EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2015/10/23 9:0 p.m.66 views

CVE-2015-5945

CVE-2015-5945 is an Apple OS X Sandbox elevation-of-privilege vulnerability. The issue affects OS X versions prior to 10.11.1 in the Sandbox subsystem and is exploitable by local users via vectors involving NVRAM parameters, enabling privilege escalation. Exploitation status is not detailed in th...

7.2CVSS7.8AI score0.00346EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/10/23 9:0 p.m.27 views

CVE-2015-5945

The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters...

8.2AI score0.00346EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.240 views

Oracle: Security Advisory (ELSA-2015-0674)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.05489EPSS
Exploits3References2
Oracle linux
Oracle linux
added 2015/03/11 12:0 a.m.82 views

kernel security and bug fix update

2.6.32-504.12.2 - infiniband core: Prevent integer overflow in ibumemget address arithmetic Doug Ledford 1181173 1179327 CVE-2014-8159 2.6.32-504.12.1 - fs splice: perform generic write checks Eric Sandeen 1163798 1155900 CVE-2014-7822 2.6.32-504.11.1 - virt kvm: excessive pages un-pinning in...

7.2CVSS0.8AI score0.05489EPSS
Exploits3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

ARRIS DG860A NVRAM Backup Password Disclosure

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.38 views

Cisco IOS 11.x TFTP Server Long File Name Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5328/info A problem has been discovered in Cisco IOS and MGX switches that could result in a denial of service, and potential code execution. It has been discovered that the TFTP server file name handling of Cisco IOS is...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/11/01 12:0 a.m.24 views

ARRIS DG860A NVRAM Backup Password Disclosure

Exploit for hardware platform in category web applications ! /usr/bin/env ruby ARRIS DG860A NVRAM Backup 'Compressor/Decompressor', it really does xor? Gleaned from scmix executable in firmware dump. Backup file is world readable without authentication and contains password information in plain...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2013/10/22 12:0 a.m.13 views

ARRIS DG860A - NVRAM Backup Password Disclosure

ARRIS DG860A - NVRAM Backup Password Disclosure ! /usr/bin/env ruby ARRIS DG860A NVRAM Backup 'Compressor/Decompressor', it really does xor? Gleaned from scmix executable in firmware dump. Backup file is world readable without authentication and contains password information in plain text...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/10/22 12:0 a.m.29 views

ARRIS DG860A - NVRAM Backup Password Disclosure

!/usr/bin/env ruby ARRIS DG860A NVRAM Backup 'Compressor/Decompressor', it really does xor? Gleaned from scmix executable in firmware dump. Backup file is world readable without authentication and contains password information in plain text. box:arris-dev cosmo$ wget http://192.168.0.1/router.dat...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2013/10/18 12:0 a.m.41 views

ARRIS DG860A NVRAM Backup Compressor / Decompressor

! /usr/bin/env ruby ARRIS DG860A NVRAM Backup 'Compressor/Decompressor', it really does xor? Gleaned from scmix executable in firmware dump. Backup file is world readable without authentication and contains password information in plain text. box:arris-dev cosmo$ wget http://192.168.0.1/router.da...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.33 views

Fedora 19 : kernel-3.9.4-301.fc19 (2013-10050)

Bugfix update to 3.9.4. Fixes UEFI NVRAM space issues that prevented booting on some machines. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...

7.9CVSS7.7AI score0.07313EPSS
Exploits1References3
Veeam
Veeam
added 2011/10/15 12:0 a.m.20 views

“Nvram” File is Missing on Target Replica Location

When a replication job starts, it fails right away with the following error message: External FIB refers to non-existing file. FIB: VMname.nvram...

2.2AI score
Exploits0
CVE
CVE
added 2005/08/20 4:0 a.m.51 views

CVE-2004-2455

The CVE-2004-2455 entry concerns the Sweex LC000060 Wireless Broadband Router/Accesspoint (802.11g). The vulnerability allows remote attackers to obtain sensitive information and potentially gain privileges by using TFTP to download the nvram file, from which username, password, and other data ca...

7.5CVSS6.8AI score0.01705EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.12 views

CVE-2004-2455

Sweex Wireless Broadband Router/Accesspoint 802.11g LC000060 allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file...

7.5CVSS6.4AI score0.01705EPSS
Exploits0References6
NVD
NVD
added 2001/10/18 4:0 a.m.16 views

CVE-2001-0753

Cisco CBOS 2.3.8 and earlier stores the passwords for 1 exec and 2 enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges...

7.5CVSS6.6AI score0.01162EPSS
Exploits0References2
Rows per page
Query Builder