Level-One WBR-3460A无线路由器非授权访问漏洞

BUGTRAQ ID: 27183 Level-One WBR-3460A是一款4口的ADSL无线路由器。 Level-One WBR-3460A实现上存在访问认证漏洞，远程攻击者可能利用此漏洞非授权访问系统。 LevelOne WBR-3560A路由器没有限制对23/TCP端口上telnet服务的访问，用户可以未经认证便telnet访问设备，读取包含有敏感信息的系统文件，如/etc/htpasswd，或发布reboot命令导致设备拒绝服务。 Level-One WBR-3460A 1.00.12 Level-One WBR-3460A 1.00.11 Level-One -------...

How much more simple to stay your webshell Backdoor-vulnerability warning-the black bar safety net

Get website the webshell, if the administrator found, then your horse is useless, deleted! So we have to hide our SHELL,administrators are also not exists eat! 1. Here's a dish method, the ASP insertion method, not easy to be found In our to tricks of the ASP file added the following contents % ...

Authentication flaw

The telnet service in LevelOne WBR-3460 4-Port ADSL 2/2+ Wireless Modem Router with firmware 1.00.11 and 1.00.12 does not require authentication, which allows remote attackers on the local or wireless network to obtain administrative access...

CVE-2008-0229

The telnet service in LevelOne WBR-3460 4-Port ADSL 2/2+ Wireless Modem Router with firmware 1.00.11 and 1.00.12 does not require authentication, which allows remote attackers on the local or wireless network to obtain administrative access...

CVE-2008-0229

The telnet service in LevelOne WBR-3460 4-Port ADSL 2/2+ Wireless Modem Router with firmware 1.00.11 and 1.00.12 does not require authentication, which allows remote attackers on the local or wireless network to obtain administrative access...

Windows system under the remote stack overflow principle-vulnerability warning-the black bar safety net

We have to study the windows system remote overflow method. Our purpose is to study how to use windows program overflow to remote attacks. If for windows buffer overflows are not very familiar with, please review my previous article: the window system under a stack overflow forIsBaseMagzine 2 0 0...

Heap overflow

Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote attackers to cause a denial of service crash and execute arbitrary code via a Telnet request with long options...

CVE-2008-0152

SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier allows user-assisted remote attackers to cause a denial of service crash via unspecified telnet options, which triggers a NULL pointer dereference. NOTE: the crash is not user-assisted when the server is running in debug mode...

Null pointer dereference

SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier allows user-assisted remote attackers to cause a denial of service crash via unspecified telnet options, which triggers a NULL pointer dereference. NOTE: the crash is not user-assisted when the server is running in debug mode...

CVE-2008-0151

Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote attackers to cause a denial of service crash and execute arbitrary code via a Telnet request with long options...

CVE-2008-0151

Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote attackers to cause a denial of service crash and execute arbitrary code via a Telnet request with long options...

CVE-2008-0152

Summary (CVE-2008-0152): SLnet.exe in SeattleLab SLNet RF Telnet Server versions up to 4.1.1.3758 are affected. A user-assisted remote attacker can cause a denial of service (crash) by sending certain telnet options, triggering a NULL pointer dereference. The crash is not user-assisted when the s...

CVE-2008-0152

SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier allows user-assisted remote attackers to cause a denial of service crash via unspecified telnet options, which triggers a NULL pointer dereference. NOTE: the crash is not user-assisted when the server is running in debug mode...

levelone-root.txt

Advisory: Level-One WBR-3460A Grants Root Access Risk: High Vendor Status: Vendor has not released an updated version Release Date: 08/01/2008 Last Modified: 01/01/2008 Author: Anastasios Monachos anastasiosmatgmaildotcom I Affected Products: ==================== Level-One WBR-3460A latest firmwa...

Level-One WBR-3460A Grants Root Access

Advisory: Level-One WBR-3460A Grants Root Access Risk: High Vendor Status: Vendor has not released an updated version Release Date: 08/01/2008 Last Modified: 01/01/2008 Author: Anastasios Monachos anastasiosmatgmaildotcom I Affected Products: ==================== Level-One WBR-3460A latest firmwa...

Level One WBR-3460A wireless ADSL router unauthorized access

Username/password is not required for telnet configuration access...

SeattleLab SLNet RF Telnet服务器空指针引用拒绝服务漏洞

BUGTRAQ ID: 27134 SLNet RF是Windows平台下的Telnet服务器软件。 SLNet RF处理异常的流程存在问题，远程攻击者可能利用此漏洞导致服务器不可用。 如果出现了异常的话SLNet服务器会显示一个消息框，当管理员点击该消息框时服务器会终止（服务器以调试模式运行时会自动终止）。在这种情况下处理telnet选项期间所出现的异常就会导致空指针引用。 SeattleLab SLNet RF = 4.1.1.3758 SeattleLab ---------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Exception message in Seattle Lab Telnet Server 4.1.1.3758

Luigi Auriemma Application: Seattle Lab Telnet Server http://www.seattlelab.com/products/slnetrf/default.asp Versions: = 4.1.1.3758 Platforms: Windows Bug: exception error message Exploitation: remote Date: 02 Jan 2008 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...

Exception message in VanDyke VShell 3.0.3.569

Luigi Auriemma Application: Seattle Lab Telnet Server http://www.seattlelab.com/products/slnetrf/default.asp Versions: = 4.1.1.3758 Platforms: Windows Bug: exception error message Exploitation: remote Date: 02 Jan 2008 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...

Foxit WAC Server <= 2.1.0.910 crash

Luigi Auriemma Application: Foxit Remote Access Server WAC Server http://www.foxitsoft.com/wac/serverintro.php Versions: = 2.1.0.910 Platforms: Windows Bug: crash Exploitation: remote Date: 04 Jan 2008 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The...