7973 matches found
Cisco StarOS CLI Command Injection Vulnerability
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected operating system. The vulnerability is due to insufficient validati...
Harpoon - CLI Tool For Open Source And Threat Intelligence
OSINT tool, CLI Tool For Open Source And Threat Intelligence Install You can simply pip install the tool: pip3 install git+http://[email protected]/Te-k/harpoon --process-dependency-links Optionally if you want to use the screenshot plugin, you need phantomjs and npm installed: npm install -...
How to use CLI Route Commands in NetScaler SD-WAN 10.0
NetScaler SD-WAN 10.0 is continuing to build on it's routing capabilities to enable the appliance to act as a router replacement. A number of commands are now available for viewing routing information through the CLI, mainly focused around the 'show' command...
Transmission - Integer Overflows Parsing Torrent Files
Transmission - Integer Overflows Parsing Torrent Files I took a look at torrent file parsing in libtransmission, there are a few integer overflows because the trnew/trnew0 allocation wrappers don't handle overflow. define trnewstructtype, nstructs \ structtype trmalloc sizeof structtype...
rubygem-hammer_cli: no verification of API server's SSL certificate
It was found that the hammercli command line client disables SSL/TLS certificate verification by default. A man-in-the-middle MITM attacker could use this flaw to spoof a valid certificate...
Heap overflow
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service heap-based buffer over-read or possibly overwrite the heap via a maliciously crafted DSDIFF file...
CVE-2018-7254
WavPack 5.1.0 is affected by multiple header parsing weaknesses in the CLI parsers. Specifically, ParseRiffHeaderConfig (riff.c), ParseDsdiffHeaderConfig (dsdiff.c), and ParseCaffHeaderConfig (caff.c) can mis-handle unknown or malformed chunk data, leading to remote-denial-of-service via buffer o...
Debian DSA-4115-1 : quagga - security update
Several vulnerabilities have been discovered in Quagga, a routing daemon. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2018-5378 It was discovered that the Quagga BGP daemon, bgpd, does not properly bounds check data sent with a NOTIFY to a peer, if an...
CVE-2017-6229
The CVE-2017-6229 issue affects Ruckus Networks devices: Unleashed AP firmware prior to 200.6.10.1.x and ZoneDirector firmware prior to 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, or 10.0.1.0.x. The root cause is an authenticated root command injection in the CLI that allows an authenticated ...
EvilOSX
EvilOSX An evil RAT Remote Administration Tool for macOS...
cliqueschaeflibach.ch XSS vulnerability
Open Bug Bounty ID: OBB-558784 Description| Value ---|--- Affected Website:| cliqueschaeflibach.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2018-0122
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient...
Input validation
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient...
CVE-2018-0122
CVE-2018-0122 is a Cisco StarOS CLI vulnerability on Cisco ASR 5000 Series where insufficient input validation in a vulnerable CLI command can allow an authenticated, local attacker with valid admin credentials to overwrite or modify arbitrary files stored in flash memory. The issue stems from im...
CVE-2018-0122
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient...
CVE-2018-0122
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient...
Ubiquiti Inc.: Code Execution in restricted CLI of EdgeSwitch
In EdgeSwitch 1.7.3 and prior, an user with admin credentials can make use of specially crafted commands to execute arbitrary shell instructions, bypassing the SSH/TELNET CLI interface. A command injection vulnerability existed in the restricted CLI of the EdgeSwitch. Exploiting this vulnerabilit...
Cisco IOS XE Software Diagnostic Shell Path Traversal Vulnerability
A vulnerability in the diagnostic shell for Cisco IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive and should not be able to be overwritten by a user of the diagnostic shell...
Cisco StarOS for Cisco ASR 5000 Series Aggregation Services Routers File Overwrite Vulnerability
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient...
CVE-2018-6767
An out-of-bounds stack buffer read flaw was found in WavPack. This flaw could potentially be used to crash WavPack CLI utilities by tricking them into processing specially crafted WAVE files...