Fortinet FortiAuthenticator Elevation of Privilege Vulnerability

Fortinet FortiAuthenticator is a series of secure authentication solutions that identify and interface with FortiToken™ two-factor authentication tokens for secure remote access. An elevation of privilege vulnerability exists in Fortinet FortiAuthenticator 3.0.0 that could allow a local user to...

CVE-2015-1458

Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcoreenableshellaccess and executing the "shell" command...

CVE-2014-8779: SSH Host keys on Pexip Infinity

Summary ======= The operating system used by Pexip Infinity does not create unique SSH host keys on deployment of new Management and Conferencing Nodes, using fixed host keys instead. Host keys are used to verify the identity of the remote host when connecting to it over SSH. These keys are...

Oracle Solaris Third-Party Patch Update : bash (cve_2012_3410_stack_based)

The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled...

Sysax-5.62-Admin-Interface-

Title: Sysax 5.62 Admin Interface Local Buffer Overflow Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit Date Discovered: June 15, 2012 Vendor Contacted: June 19, 2012 import socket,sys,time,re,base64,subprocess def main: global login print "\n" print "" print " Sysax " not in fullpage: page ...

CVE-2014-7995

Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077...

Design/Logic Flaw

Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077...

CVE-2014-7995

CVE-2014-7995 concerns Cisco Meraki MS, MR, and MX devices. The documented issue: firmware released before 2014-09-24 allows physically proximate attackers to obtain shell access by opening the device case and connecting a cable to a serial port (Cisco-Meraki defect ID 00302077). The effect is lo...

CVE-2014-7995

Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077...

CVE-2014-8003

Cisco Integrated Management Controller in Cisco Unified Computing System 2.22cA and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998...

Command injection

Cisco Integrated Management Controller in Cisco Unified Computing System 2.22cA and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998...

CVE-2014-8003

Cisco Integrated Management Controller in Cisco Unified Computing System 2.22cA and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998...

Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2014-10-01 Bosch Security Systems DVR 630/650/670 Series Multiple Vulnerabilities Device: "Th...

Dell EqualLogic Storage - Directory Traversal

Exploit Title: Remote Directory Traversal exploit for Dell EqualLogic 6.0 Storage Date: 09/2013 Exploit Author: Mauricio Pampim Corr�a Vendor Homepage: www.dell.com Version: 6.0 Tested on: Equipment Model Dell EqualLogic PS4000 CVE : CVE-2013-3304 The malicious user sends GET...

Aireplay-ng 1.2 beta3 - tcp_test Length Stack Overflow

Aireplay-ng 1.2 beta3 - tcptest Length Stack Overflow / Exploit Title: Aireplay "tcptest" Length Parameter Inconsistency Date: 10/3/2014 Exploit Author: Nick Sampanis Vendor Homepage: http://www.aircrack-ng.org/ Version: Aireplay-ng 1.2 beta3 Tested on: Kali Linux 1.0.9 x64 CVE : CVE-2014-8322...

Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities

Bosch Security Systems DVR 630/650/670 series systems suffer from remote command execution as root and administrative password disclosure vulnerabilities. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered ...

TWiki <= 6.0.0 Remote Command Execution Exploit

This version of exploit working without spaces , thats means you can inject a command in to a vulnerable server , and then you can do what you want because we have shell access . Use netcat to gain shell . Usage Info perl twiki and use readme . This is private exploit. You can buy it at...

Bosch Security Systems DVR 630/650/670 Root Shell / Password Disclosure

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2014-10-01 Bosch Security Systems DVR 630/650/670 Series Multiple Vulnerabilities Device: "The Bosch Video Recorder 630/650 Seri...

Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2014-10-01 Bosch Security Systems DVR 630/650/670 Series Multiple Vulnerabilities Device: "The Bosch Video Recorder 630/650 Seri...

Exploit for OS Command Injection in Gnu Bash

This is a PoC exploit for CVE-2014-6271, a remote interactive sh...