6 matches found
EXOCET - AV-evading, Undetectable, Payload Delivery Tool
EXOCET is superior to Metasploit's "Evasive Payloads" modules as EXOCET uses AES-256 in GCM Mode Galois/Counter Mode. Metasploit's Evasion Payloads uses a easy to detect RC4 encryption. While RC4 can decrypt faster, AES-256 is much more difficult to ascertain the intent of the malware. However, i...
DSX Communication Devices Detection (HTTP)
HTTP based detection of DSX communication devices. Note: Providing login credentials allows to extract detailed device information. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
DSX Communication Devices Default Credentials (HTTP)
The DSX communication device is configured with default credentials. Copyright C 2020 Simmons Foods, Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2005-2136
The CVE-2005-2136 entry concerns Raritan Dominion SX (DSX) Console Servers (DSX16, DSX32, DSX4, DSX8, DSXA-48). The underlying issue is improper file permissions: world-readable /etc/shadow and world-writable /bin/busybox, enabling local users to obtain password hashes and possibly execute arbitr...
CVE-2005-2136
Raritan Dominion SX DSX Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set 1 world-readable permissions for /etc/shadow and 2 world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users...
DSX Raritan Console Servers weak permissions
Executable files are writable by unprivileged users...