VNC Brute Force Login

Try to log in with given passwords via VNC protocol. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Shopify: Cookie securing your "Opening soon" store is not secured against XSS

PoC: 1 Protect your e-shop with a password Storefront password 2 Go to your e-shop URL and enter the password to access the store 3 There is a cookie created - name: storefrontdigest - this cookie contains the password in a secure way which protects your store 4 This cookie is not marked as...

USN-2788-1: unzip vulnerabilities

Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code. CVE-2015-7696 Gustavo Grieco discovered that unzip incorrect...

Microsoft Office File Modification Password Use After Free (MS15-046; CVE-2015-1683)

A use-after-free vulnerability exists in Microsoft Office 2007. The vulnerability is due to problematic code that parses Office documents with modification password protection. A remote attacker could exploit this vulnerability by enticing a user to open a crafted Office document. Successful...

Linux x86_64 Bindshell with Password 92 bytes

Linux x8664 Bindshell with Password 92 bytes. Shellcode exploit for linx86-64 platform / ;Title: bindshell with password in 92 bytes ;Author: David Velรกzquez a.k.a d4sh&r ;Contact: https://mx.linkedin.com/in/d4v1dvc ;Description: x64 Linux bind TCP port shellcode on port 31173 with 4 bytes as...

Shopify: Unauthenticated access to details of hidden products in any shop via title emuneration

This issue allows external unauthenticated attacker to bypass password protection of currently unopened "Opening Soon" stage stores and obtain full description of products considering they know/enumerate the title of the product and the product has been published. It could be used to obtain...

[SYSS-2015-005] Kaspersky Total Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-005 Product: Kaspersky Total Security KTS Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.1.415 Tested Versions: 15.0.1.415 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level:...

unzip -- multiple vulnerabilities

Gustavo Grieco reports: Two issues were found in unzip 6.0: A heap overflow triggered by unzipping a file with password e.g unzip -p -P x sigsegv.zip. A denegation of service with a file that never finishes unzipping e.g. unzip sigxcpu.zip...

Dedicated Micros DVR products use plaintext protocols and require no password by default

Overview Dedicated Micros DVR products, including the DV-IP Express, SD Advanced, SD, EcoSense, and DS2, by default use plaintext protocols and require no password. Description CWE-311: Missing Encryption of Sensitive Data Dedicated Micros DVR products by default use HTTP, telnet, and FTP rather...

Schneider Electric Modicon M340 PLC Station P34 Module HMI Vulnerabilities

Update Vulnerabilities in Schneider Electric SCADA gear remain unpatched close to two weeks after they were disclosed during DEF CON. The Industrial Control System Cyber Emergency Response Team ICS-CERT released an alert late last week and patches are currently being validated according to ICS-CE...

OpenSSH exposed high-risk vulnerabilities, the Linux host is facing brute force attacks threat-vulnerability warning-the black bar safety net

The OpenSSH software is broke a simple but high-risk vulnerabilities, the attacker can in a short time thousands of times a login attempt. ! OpenSSH is the most popular Linux system for remote control of the software. In General, the software allows 3 to 6 times password login attempts, then it...

Symantec Endpoint Protection 12.1.4013 Service Disabling Vulnerability

Exploit for windows platform in category dos / poc Exploit Title: Antivirus Google Dork: intitle: Antivirus Date: 2015-07-07 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.symantec.com Software Link: www.symantec.com/endpoint-protection Version:12.1.401...

Symantec EP 12.1.4013 Denial Of Service

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-SYMANTEC0707.txt Vendor: ================================ Symantec www.symantec.com Product: ================================ Symantec EP 12.1.4013 Advisory Information:...

Janitza UMG Power Quality Measuring Products Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on September 22, 2015, and is being released to the NCCIC/ICS-CERT web site. Mattijs van Ommeren of Applied Risk has identified several vulnerabilities in the Janitza UMG power quality measuring products. Janitza ha...

Ersatz Scheme Deceives Hackers, Protects Stored Passwords

Researchers at Purdue University have developed a scheme that protects stolen passwords from offline cracking. The project is explained in a paper called “ErsatzPasswords – Ending Password Cracking” pdf written by Purdue University researchers Mohammed H. Almeshekah, Christopher N. Gutierrez,...

BullGuard Antivirus Authentication Bypass Vulnerability

BullGuard Antivirus is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

BullGuard Premium Protection Authentication Bypass Vulnerability

BullGuard Premium Protection is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

[SYSS-2015-017] BullGuard Internet Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-017 Product: BullGuard Internet Security Vendor: BullGuard Ltd. Affected Versions: 15.0.297 Tested Versions: 15.0.297 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium...

[SYSS-2015-018] BullGuard Premium Protection - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-018 Product: BullGuard Premium Protection Vendor: BullGuard Ltd. Affected Versions: 15.0.297 Tested Versions: 15.0.297 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium...

[SYSS-2015-014] Panda Global Protection 2015 - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-014 Product: Panda Global Protection 2015 Vendor: Panda Security Affected Versions: 15.1.0 Tested Versions: 15.1.0 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium Solutio...