53 matches found
ATM Makers Release Fixes for 'Jackpotting' Flaw
Two ATM manufacturers have released software updates to address the remotely exploitable vulnerabilities in their machines’ firmware that IOActive researcher Barnaby Jack demonstrated line on stage at the Black Hat conference last month. In response to the demonstration, in which Jack was able to...
2wire Remote Denial of Service
======================================== 2WIRE REMOTE DENIAL OF SERVICE ======================================== Device: 2wire Gateway Router/Modem Vulnerable Software: = 5.29.52 Vulnerable Models: 1700HG 1701HG 1800HW 2071 2700HG 2701HG-T Release Date: 2009-10-29 Last Update: 2009-09 Critical:...
2WIRE Router <= 5.29.52 Remote DoS
Exploit for unknown platform in category dos / poc ================================== 2wire Router = 5.29.52 Remote DoS ================================== Title: 2wire Router = 5.29.52 Remote DoS CVE-ID: OSVDB-ID: Author: hkm Published: 2009-10-29 Verified: yes view source print? """...
CVE-2009-2680
Unspecified vulnerability in the Remote Management Interface RMI for MSL Tape Libraries and 1/8 G2 Tape Autoloaders in HP StorageWorks 1/8 G2 Tape Autoloader firmware 2.30 and earlier, MSL2024 Tape Library firmware 4.20 and earlier, MSL4048 Tape Library firmware 6.50 and earlier, and MSL8096 Tape...
Code injection
Unspecified vulnerability in the Remote Management Interface RMI for MSL Tape Libraries and 1/8 G2 Tape Autoloaders in HP StorageWorks 1/8 G2 Tape Autoloader firmware 2.30 and earlier, MSL2024 Tape Library firmware 4.20 and earlier, MSL4048 Tape Library firmware 6.50 and earlier, and MSL8096 Tape...
CVE-2009-2680
Unspecified vulnerability in the Remote Management Interface RMI for MSL Tape Libraries and 1/8 G2 Tape Autoloaders in HP StorageWorks 1/8 G2 Tape Autoloader firmware 2.30 and earlier, MSL2024 Tape Library firmware 4.20 and earlier, MSL4048 Tape Library firmware 6.50 and earlier, and MSL8096 Tape...
CVE-2009-2680
HP StorageWorks 1/8 G2 Tape Autoloader (Web Administration Interface) contains a vulnerability where a default unprivileged user can escalate to administrator, enabling privilege escalation and potential denial of service via the device web UI. Affected firmware is 2.30 and earlier for the 1/8 G2...
CVE-2008-3778
The remote management interface in SIP Enablement Services SES Server in Avaya SIP Enablement Services 5.0, and Communication Manager CM 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote attackers to cause a denial of service...
Cross site request forgery (csrf)
The remote management interface in SIP Enablement Services SES Server in Avaya SIP Enablement Services 5.0, and Communication Manager CM 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote attackers to cause a denial of service...
CVE-2008-3778
CVE-2008-3778 affects Avaya SIP Enablement Services (SES) Server 5.0 and Communication Manager 5.0 on the S8300C with SES enabled. The remote management interface can proceed with Core router updates even after an invalid login, enabling remote attackers to cause a messaging outage (DoS) or to ga...
Remote Management Interface Discovery
This module can be used to obtain information from the Remote Management Interface DCERPC service. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Remote Management Interface Discovery',...
openvpn207.txt
Hi, There is a flaw well more a stupid design than anything else in OpenVPN 2.0.7 and below in the the Remote Management Interface that allows an attacker to gain complete control because there is NO AUTHENTICATION YES NO AUTHENTICATION AT ALL!. This can be carried out from within the LAN that th...
iDEFENSE Security Advisory 11.19.02a: Denial of Service Vulnerability in Linksys Cable/DSL Routers
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 11.19.02a: http://www.idefense.com/advisory/11.19.02a.txt Denial of Service Vulnerability in Linksys Cable/DSL Routers November 19, 2002 I. BACKGROUND Linksys Group Inc. currently sells several broadband router products,...