1467 matches found
BitTorrent Fixes Reflective DDoS Attack Security Flaw
Two weeks ago, we reported how a serious flaw in the popular peer-to-peer BitTorrent file sharing protocols could be exploited to carry out a devastating distributed denial of service DDoS attack, allowing lone hackers with limited resources to take down large websites. Good news is that the...
Code injection
I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and NP-BBRS routers allow remote attackers to cause a denial of service SSDP reflection via UPnP requests...
CVE-2015-2984
CVE-2015-2984 applies to I-O DATA DEVICE NP-BBRS and WN-G54/R2 routers. The UPnP functionality allows remote attackers to cause a denial of service via SSDP requests (DDoS risk). Affected: NP-BBRS (all firmware versions) and WN-G54/R2 (pre‑1.03). Remediation: WN-G54/R2 firmware 1.03 fixes the iss...
Multiple I-O DATA LAN routers vulnerable in UPnP functionality
Overview A wired LAN router NP-BBRS and a wireless LAN router WN-G54/R2 provided by I-O DATA DEVICE, INC. contain a vulnerability in the UPnP functionality. Impact The device may be used in a DDoS attack, as a SSDP reflector. Solution For NP-BBRS: Do not use NP-BBRS The developer has stated that...
Microsoft Windows 8.1 - DCOM DCERPC Local NTLM Reflection Privilege Escalation (MS15-076)
Microsoft Windows 8.1 - DCOM DCERPC Local NTLM Reflection Privilege Escalation MS15-076 Source: https://github.com/monoxgas/Trebuchet Trebuchet MS15-076 CVE-2015-2370 Privilege Escalation Copies a file to any privileged location on disk Compiled with VS2015, precompiled exe in Binary directory...
Counter-Strike 1.6 - 'GameInfo' Query Reflection Denial of Service (PoC)
!/usr/bin/perl Counter-Strike 1.6 'GameInfo' Query Reflection DoS Proof Of Concept Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg http://pastebin.com/u/hackerscommunity Disclaimer: This or previous program is for...
Counter-Strike 1.6 - GameInfo Query Reflection Denial of Service (PoC)
Counter-Strike 1.6 - GameInfo Query Reflection Denial of Service PoC !/usr/bin/perl Counter-Strike 1.6 'GameInfo' Query Reflection DoS Proof Of Concept Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg...
Counter-Strike 1.6 GameInfo Query Reflection Denial Of Service Exploit
Exploit for multiple platform in category dos / poc !/usr/bin/perl Counter-Strike 1.6 'GameInfo' Query Reflection DoS Proof Of Concept Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg http://pastebin.com/u/hackerscommunity...
NetBIOS NBSTAT Name Query Reflection Denial Of Service Exploit
NetBIOS NBSTAT name query reflection denial of service proof of concept exploit. !/usr/bin/perl NetBios NBSTAT name query reflection dos Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Disclaimer: This or previous program is fo...
NetBIOS NBSTAT Name Query Reflection Denial Of Service
!/usr/bin/perl NetBios NBSTAT name query reflection dos Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Disclaimer: This or previous program is for Educational purpose ONLY. Do not use it without permission. The usual...
Microsoft Windows Server Elevation of Privilege Vulnerability (CNVD-2015-04666)
Microsoft Windows Server is a series of servers based on the windows operating system launched by the U.S. Microsoft Microsoft. A security vulnerability exists in the authentication implementation in the RPC subsystem of Microsoft Windows due to the program not restricting link reflection. A loca...
UPNPD M-SEARCH ssdp:discover Reflection Denial of Service Exploit
Exploit for multiple platform in category dos / poc !/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP Universal...
UPNPD M-SEARCH ssdp:discover Reflection Denial Of Service
!/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP Universal Plug and Play. SSDP is HTTP like protocol and...
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service !/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with...
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service
!/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP Universal Plug and Play. SSDP is HTTP like protocol and...
INFOMARK IMW-C920W MiniUPnPd 1.0 - Denial of Service
INFOMARK IMW-C920W MiniUPnPd 1.0 - Denial of Service !/usr/bin/perl miniupnpd/1.0 remote denial of service exploit Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with...
RIPv1 Reflection Amplification DDoS Attacks
A long-deprecated—and aptly named—routing protocol, RIPv1, still has some life to it. Hackers, since the middle of May, have been carrying out reflection- and amplification-style distributed denial of service attacks using home office and small business routers still running on the old protocol...
cve-2 0 1 4-7 9 1 1 Android mention the right vulnerability analysis-vulnerability warning-the black bar safety net
CVE-2 0 1 4-7 9 1 1 by Jann Horn discovered a about Android to mention the right vulnerability, the vulnerability allows malicious applications from the normal application permissions to provide the right to the system user executing the command, the vulnerability information with the POCsee 1 fo...
Attachmate Reflection FTP Client PWD Command Buffer Overflow (CVE-2014-5211)
A stack-based buffer overflow vulnerability exists in Attachmate Reflection FTP Client. The vulnerability is caused by insufficient boundary checking while processing PWD command responses. An attacker could exploit this vulnerability by enticing a user to access an FTP server that sends speciall...
X (Formerly Twitter): HTTP Response Splitting (CRLF injection) due to headers overflow
Hi, I would like to report another HTTP Response Splitting vulnerability caused by header fields "overflow" that allows attackers to inject arbitrary headers in the response. Note that this issue is similar to 52042 but the root cause is different. Also, the below PoC is not the only affected pag...