SUSE CVE-2008-4690

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...

Arris Password of The Day Generator (list.txt)

Arris TM502G、TM602G 路由器进入高级模式时需要密码，这个密码会根据系统日期来自动生成，每天都有不同的密码。 具体算法已经在PoC中给出。 1.直接访问 Arris 路由器会显示路由器的一些信息，不需要任何认证。 2.但是当点击高级菜单的时候，会提示输入密码。 3.如果密码输入错误 4.如果密码输入的是在码表中的正确密码，但是时间不正确，会提示需要相应时间的密码： 5.当提交正确的密码后进入到高级设置： ---- PoC 默认使用调用者当前系统时间，如果时间与路由器时间不符合，会自动处理 如果调用者要手动指定时间，可以使用 --extra-params...

[Harden SSL/TLS] Hardening the SSL/TLS settings

“Harden SSL/TLS” allows hardening the SSL/TLS settings of Windows 2000,2003,2008,2008R2, XP,Vista,7. It allows locally and remotely set SSL policies allowing or denying certain ciphers/hashes or complete ciphersuites. This tool specific allows setting policies with regards to what ciphers and...

VanishCrypt – Virtual Encryption Tool by SecurityLabs [Video Demonstration]

VanishCrypt – Virtual Encryption Tool by SecurityLabs SecurityLabs Experts from India release a new Virtual Encryption Tool called "VanishCrypt". A Freeware Utility to Secure Your Data. It creates a virtual disk that contains your secret files. Data is protected with a Encrypted Password. The fil...

VanishCrypt – Virtual Encryption Tool by SecurityLabs [Video Demonstration]

VanishCrypt – Virtual Encryption Tool by SecurityLabs SecurityLabs Experts from India release a new Virtual Encryption Tool called "VanishCrypt". A Freeware Utility to Secure Your Data. It creates a virtual disk that contains your secret files. Data is protected with a Encrypted Password. The fil...

Honestech VHS to DVD <= 3.0.30 Deluxe Local Buffer Overflow (SEH)

Exploit for windows platform in category local exploits ================================================================= Honestech VHS to DVD \r\n\ \r\n\ MAINDLG\r\n\ PAGE=0\r\n\ \r\n\ AVICODEC\r\n\ VIDEOCODEC=DivX 6.8.5 Codec 2 Logical CPUs\r\n\ AUDIOCODEC=MPEG Layer-3\r\n\ \r\n\ WMVINFO\r\n...

Honestech VHS to DVD 3.0.30 Deluxe - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title: Honestech VHS to DVD \r\n\ \r\n\ MAINDLG\r\n\ PAGE=0\r\n\ \r\n\ AVICODEC\r\n\ VIDEOCODEC=DivX 6.8.5 Codec 2 Logical CPUs\r\n\ AUDIOCODEC=MPEG Layer-3\r\n\ \r\n\ WMVINFO\r\n\ TITLE= \r\n\ AUTHOR= \r\n\ COPYRIGHT= \r\n\ DESCRIPTION= \r\n\ \r\n\ CAPTUREINFO\r\n...

openSUSE 10 Security Update : lynx (lynx-5720)

This update of lynx fixes a security bug that can be exploited by remote attackers to execute arbitrary commands when advanced mode is enabled and lynx is used as URL handler CVE-2008-4690 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

lynx code execution

It's possible to execute code in Advanced Mode by redirecting to lynxcgi: URI...

lynx: remote arbitrary command execution via a crafted lynxcgi: URL

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...

CVE-2008-4690

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...