271 matches found
JVN#61593104: ARROWS Me F-11D vulnerability where arbitrary areas may be accessed
ARROWS Me F-11D contains a vulnerability where arbitrary areas on the device may be accessed. Impact An attacker with local access may obtain or alter contents in the flash memory of the device. Solution Apply an Update Apply the update according to the information provided by the provider...
Rosewill RSVA11001 - Remote Command Injection
No description provided by source. I have been hacking on a Rosewill RSVA11001 for a while now, something to suck up my free time. I had pulled apart the firmware previously but did not succeed in finding a way to get a shell on the device. The box is Hi3515 based, I found an exploit for another...
Cisco ONS 15454 Controller Card Denial of Service Vulnerability
A vulnerability in the code of the Cisco ONS 15454 Controller Cards could allow an unauthenticated, remote attacker to prevent system access to the flash memory on the control card. The vulnerability is caused when the file descriptors are exhausted during a FIN attack. An attacker could exploit...
Firmware vulnerability allows man-in-the-middle attack using SD Memory cards
How is it possible to exploit SD Card, USB stick and other mobile devices for hacking? Another interesting hack was presented at the Chaos Computer Congress 30C3, in Hamburg, Germany. The researchers demonstrated how it is possible to hack the microcontroller inside every SD and MicroSD flash car...
MicroSD Cards Vulnerable to MITM, Hacking
Researchers demonstrated yesterday at the Chaos Communication Congress in Hamburg that they could write arbitrary code onto various SD memory cards, a hack that could give attackers the ability to perform man-in-the-middle attacks on devices housing the cards, as well as give users access to an...
Rosewill RSVA11001 - Remote Command Injection
I have been hacking on a Rosewill RSVA11001 for a while now, something to suck up my free time. I had pulled apart the firmware previously but did not succeed in finding a way to get a shell on the device. The box is Hi3515 based, I found an exploit for another similar box Ray Sharp but it did no...
Rosewill RSVA11001 Remote Code Execution
I have been hacking on a Rosewill RSVA11001 for a while now, something to suck up my free time. I had pulled apart the firmware previously but did not succeed in finding a way to get a shell on the device. The box is Hi3515 based, I found an exploit for another similar box Ray Sharp but it did no...
Navy Hires Contractor to Data-Mine Gaming Consoles
The U.S. Navy recently hired an outside contractor, Obscure Technologies, to develop computer forensics tools capable of analyzing network traffic and stored data on gaming consoles. The contract, valued at $177,237.50, calls on Obscure Technologies to create hardware and software tools that can ...
IS-2010-001 - Netgear WG602v4 Saved Pass Stack Overflow
Security Advisory IS-2010-001 - Netgear WG602v4 Saved Pass Stack Overflow Advisory Information -------------------- Published: 2010-05-30 Updated: 2009-05-30 Manufacturer: Netgear Model: WG602v4 Firmware version: V1.1.0 Europe Vulnerability Details --------------------- Class: Buffer Overflow Cod...
CVE-2009-3200
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create an undocumented recovery key and store it in the ENCK variable in flash memory, which allows local users to bypass the passphrase requirement and decrypt the hard drive by reading this variable,...
CVE-2009-3200
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create an undocumented recovery key and store it in the ENCK variable in flash memory, which allows local users to bypass the passphrase requirement and decrypt the hard drive by reading this variable,...