CVE-2017-0803

CVE-2017-0803 is an elevation-of-privilege vulnerability in the MediaTek accessory detector driver used by Android. The issue affects the Android kernel via the Accessory detector driver component, enabling local privilege escalation in affected devices. The NVD entry lists a base CVSS v2 of 6.8 ...

CVE-2017-0795

A elevation of privilege vulnerability in the MediaTek accessory detector driver. Product: Android. Versions: Android kernel. Android ID: A-36198473. References: M-ALPS03361480...

CVE-2017-0797

CVE-2017-0797 is a MediaTek accessory detector driver elevation-of-privilege vulnerability in Android kernels. The issue affects the MediaTek accessory detector driver within the Android kernel, enabling local privilege escalation to a privileged context (high impact per CVSS). The vulnerability ...

Google Android MediaTek component elevation of privilege vulnerability (CNVD-2017-32470)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and the MediaTek accessory detector driver is a MediaTek accessory detector driver used in it. An elevation of privilege vulnerability exists in the MediaTek accessory detector...

Google Android MediaTek accessory detector driver elevation of privilege vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and the MediaTek accessory detector driver is a MediaTek accessory detector driver used in it. An elevation of privilege vulnerability exists in the MediaTek accessory detector...

Blizzard Entertainment Hit With Weekend DDoS Attack

Blizzard Entertainment reported a crippling DDoS attack over the weekend creating chronic latency and connection issues for players of games Overwatch, World of Warcraft and others. The DDoS attack has since subsided, according to Blizzard, but users are still grousing on Twitter over lingering...

RED HAWK - All In One Tool For Information Gathering, SQL Vulnerability Scannig and Crawling

RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scannig and Crawling. Coded In PHP. Features Of The Tool: Server detection Cloudflare detector robots scanner CMS Detector WordPress Joomla Drupal Magento Whois GEO-IP Scan NMAP Port Scan DNS Lookup SubNet Calculator...

An All In One Information Gathering Tool: RED HAWK

RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling.Coded In PHP Scans That You Can Perform Using RED HAWK : Basic Scan Site Title NEW IP Address Web Server Detection IMPROVED CMS Detection Cloudflare Detection robots.txt Scanner Whois Lookup IMPROVED...

Web Exploit Detector - Tool To Detect Possible Infections, Malicious Code And Suspicious Files In Web Hosting Environments

The Web Exploit Detector is a Node.js application and NPM module used to detect possible infections, malicious code and suspicious files in web hosting environments. This application is intended to be run on web servers hosting one or more websites. Running the application will generate a list of...

Referrer Detector <= 4.2.1.0 - Unauthenticated PHP Object Injection

The plugin referrer-detector insecurely trusts serialized data submitted over HTTP requests. This opens up the site to a PHP object injection vulnerability potential exploit vector. The original researcher notified the WordPress Plugins team. Attack is exploitable over HTTP requests to sites with...

Referrer Detector <= 4.2.1.0 - Unauthenticated PHP Object Injection

The plugin referrer-detector insecurely trusts serialized data submitted over HTTP requests. This opens up the site to a PHP object injection vulnerability potential exploit vector. The original researcher notified the WordPress Plugins team. PoC Attack is exploitable over HTTP requests to sites...

VPN Server Hostname Detection via PPTP

Binary data 7268.pasl...

SMS/MMS Spy Detector - External URLs, Possible privilege escalation, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application SMS/MMS Spy Detector published at the 'play' market has multiple vulnerabilities...

Raptor WAF v0.04 - Web Application Firewall using DFA

Raptor WAF is a simple web application firewall made in C, using KISS principle, to make poll use select function, is not better than epoll or kqueue from BSD but is portable, the core of match engine using DFA to detect XSS, SQLi and path traversal. No more words, look at the following : WAF...

ntpd remote pre-auth DoS (CVE-2016-7434)

poc echo "FgoAEAAAAAAAAAA2bm9uY2UsIGxhZGRyPVtdOkhyYWdzPTMyLCBsY"\ | "WRkcj1bXTpXT1AAMiwgbGFkZHI9W106V09QAAA=" | base64 -d | nc -u -v 127.0.0.1 123 Valgrind report $ sudo valgrind ./ntpd/ntpd -n -c /resources/ntp.conf | | ==5389== Memcheck, a memory error detector | | ==5389== Copyright C 2002-201...

GMER Stack Buffer Overflow Vulnerability

GMER is a program for detecting and removing rootkits. GMER suffers from a stack buffer overflow vulnerability due to the program failing to adequately validate user-supplied data. Allowing an attacker to exploit the vulnerability would allow execution of arbitrary code within the context of the...

Address Sanitizer in macOS-vulnerability warning-the black bar safety net

A few days ago, the Keen Team@marcograss on their blog released a using Address Sanitizeraka asan found a heap overflow vulnerability. Discuss here about asan implementation. This article relates to the environment macOS 10.11.6 Xcode 7.3.1 make sure to use the official Apple's clang, with the op...

Raptor WAF v0.2 - Web Application Firewall using DFA

Raptor WAF is a simple web application firewall made in C, using KISS principle, to make poll use select function, is not better than epoll or kqueue from BSD but is portable, the core of match engine using DFA to detect XSS, SQLi and path traversal. No more words, look at the following : WAF...

Metal Detector - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Metal Detector published at the 'play' market has multiple vulnerabilities...

WordPress WP Mobile Detector Plugin Arbitrary File Upload Vulnerability

WordPress is a set of blogging platforms developed in the PHP language by the WordPress Software Foundation, which supports personal blog sites on servers with PHP and MySQL.WordPress WP Mobile Detector is one of the user-created administrators to show or hide content based on the guest device or...