CVE-2022-38132

Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. By specifying username and password, an attacker connected to the router's web interface can execute arbitrary OS commands. The username and password fields are not sanitized correctly and are used as URL...

Android: DNS setup for developing and testing against local web services

Most "interesting" smartphone applications do not run only on the smartphone device; they rely on supporting web services that can be run both by the deploying organization and 3rd parties. One of the challenges we have run into when developing Android application is setting up a suitable...

Basecamp: DNS Setup allows sending mail on behalf of other customers

Sent on your behalf I knew basecamp themselves had used helpscout for support, so I was curious to see if hey was doing the same. A quick DNS lookup gave me the answer I was looking for: dig hey.com txt ; DiG 9.10.6 hey.com txt ;; global options: +cmd ;; Got answer: ;; -HEADER DiG 9.10.6...

DNSBin - Tool To Test Data Exfiltration Through DNS (RCE and XXE)

DNSBin is a simple tool to test data exfiltration through DNS and help test vulnerability like RCE or XXE when the environment has significant constraint. The project is in two parts, the first one is the web server and it's component. It offers a basic web UI, for most cases you won't need more...

domain.nu.DoS.txt

Date: Sat, 20 Feb 1999 21:20:13 -0800 From: Shane Wegner To: [email protected] Subject: Possible DOS attack in the .nu domain service Hello all, I am not sure if this is known or even relevant to the list and if not, please excuse this post. There appears to be a bug in the niu DNS setup proce...