ASUSWRT-LAN-Backdoor

Exploit Title: ASUSWRT 3.0.0.4.3761071 LAN Backdoor Command Execution Date: 2014-10-11 Vendor Homepage: http://www.asus.com/ Software Link: http://dlcdnet.asus.com/pub/ASUS/wireless/RT-N66UB1/FWRTN66U30043762524.zip Source code:...

Defense4all Security Bypass Vulnerability

Defense4All is an open SDN security application released by Radware, Inc. A security bypass vulnerability exists in Defense4all, which can be exploited by an attacker to bypass certain security restrictions and perform unauthorized operations...

The Hang Seng JRES platform registration vulnerability, you can hack the registry-the vulnerability warning-the black bar safety net

! plugin.jpg The eclipse-jres\plugins\com. hundsun. ares. studio. jres. register1. 1. 0. 2 0 1 2 0 8 2 9 1 4 0 8. jar to decompile,according to the com\hundsun\ares\studio\jres\register\RegisterUtil. the java file can get the registration file of the encryption way and key. The eclipse-jres\keys...

Moderate: Red Hat Security Advisory: openstack-neutron security update

Updated openstack-neutron packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 4.0 Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

ASUSWRT 3.0.0.4.376_1071 LAN Backdoor Command Execution

!/usr/bin/env python3 Exploit Title: ASUSWRT 3.0.0.4.3761071 LAN Backdoor Command Execution Date: 2014-10-11 Vendor Homepage: http://www.asus.com/ Software Link: http://dlcdnet.asus.com/pub/ASUS/wireless/RT-N66UB1/FWRTN66U30043762524.zip Source code:...

Oxwall-1.7.0

Oxwall suffers from an authenticated arbitrary PHP code execution. The vulnerability is caused due to the improper verification of uploaded files in '/admin/settings/user' script thru the 'avatar' and 'bigAvatar' POST parameters. This can be exploited to execute arbitrary PHP code by uploading a...

ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution

ASUSWRT 3.0.0.4.3761071 - LAN Backdoor Command Execution !/usr/bin/env python3 Exploit Title: ASUSWRT 3.0.0.4.3761071 LAN Backdoor Command Execution Date: 2014-10-11 Vendor Homepage: http://www.asus.com/ Software Link: http://dlcdnet.asus.com/pub/ASUS/wireless/RT-N66UB1/FWRTN66U30043762524.zip...

ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution

!/usr/bin/env python3 Exploit Title: ASUSWRT 3.0.0.4.3761071 LAN Backdoor Command Execution Date: 2014-10-11 Vendor Homepage: http://www.asus.com/ Software Link: http://dlcdnet.asus.com/pub/ASUS/wireless/RT-N66UB1/FWRTN66U30043762524.zip Source code:...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20141216)

A flaw was found in the way the Linux kernel's SCTP implementation handled malformed or duplicate Address Configuration Change Chunks ASCONF. A remote attacker could use either of these flaws to crash the system. CVE-2014-3673, CVE-2014-3687, Important - A flaw was found in the way the Linux...

RHEL 6 : kernel (RHSA-2014:1997)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1997 advisory. A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a SS stack segment fault on an...

Kernel: net: guard tcp_set_keepalive against crash

It was found that the Linux kernel's networking implementation did not correctly handle the setting of the keepalive socket option on raw sockets. A local user able to create a raw socket could use this flaw to crash the system...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Humhub 0.10.0-rc.1 - XSS / SQL Injection vulnerabilities

Exploit for php platform in category web applications Exploit Author: Jos Wetzels, Emiel Florijn Vendor Homepage: https://www.humhub.org Software Link: https://github.com/humhub/humhub/releases Version: test Will insert the corresponding HTML elements into the post/comment body. 2...

CVE-2014-7256

The 1 PPP Access Concentrator PPPAC and 2 Dial-Up Networking Internet Initiative Japan Inc. SEIL series routers SEIL/x86 Fuji 1.00 through 3.22; SEIL/X1, SEIL/X2, and SEIL/B1 1.00 through 4.62; SEIL/Turbo 1.82 through 2.18; and SEIL/neu 2FE Plus 1.82 through 2.18 allow remote attackers to cause a...

CVE-2014-7256

The 1 PPP Access Concentrator PPPAC and 2 Dial-Up Networking Internet Initiative Japan Inc. SEIL series routers SEIL/x86 Fuji 1.00 through 3.22; SEIL/X1, SEIL/X2, and SEIL/B1 1.00 through 4.62; SEIL/Turbo 1.82 through 2.18; and SEIL/neu 2FE Plus 1.82 through 2.18 allow remote attackers to cause a...

CVE-2014-7256

The CVE-2014-7256 issue affects Internet Initiative Japan Inc. SEIL Series routers (SEIL/x86 Fuji 1.00–3.22; SEIL/X1/X2/B1 1.00–4.62; SEIL/Turbo 1.82–2.18; SEIL/neu 2FE Plus 1.82–2.18). The vulnerability arises from how the devices process certain packets, enabling remote attackers to cause a den...

Moderate: Red Hat Security Advisory: openstack-neutron security and bug fix update

Updated openstack-neutron packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring...

Moderate: Red Hat Security Advisory: openstack-neutron security and bug fix update

Updated openstack-neutron packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System...

JVN#04895240: SEIL Series routers vulnerable to denial-of-service (DoS)

The PPP Access Concentrator PPPAC and the Dial-Up Networking in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to an issue in processing certain packets CWE-119. Impact By receiving a specially crafted packet, the device may be...

US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns

US-CERT reminds users to remain vigilant when browsing online this holiday season. E-cards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments. Spoofed e-mail messages and fraudulent posts on social networking sites may...