9 matches found
CVE-2024-40624
TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain Guzzle/FW1 to write PHP code to...
CVE-2024-40624 Deserialization of untrusted data in torrentpier/torrentpier
TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain Guzzle/FW1 to write PHP code to...
CVE-2024-40624 Deserialization of untrusted data in torrentpier/torrentpier
TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain Guzzle/FW1 to write PHP code to...
TorrentPier Deserialization of Untrusted Data vulnerability
Summary In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies: https://github.com/torrentpier/torrentpier/blob/84f6c9f4a081d9ffff4c233098758280304bf50f/library/includes/functions.phpL41-L60 PoC One can use...
GHSA-FG86-4C2R-7WXW TorrentPier Deserialization of Untrusted Data vulnerability
Summary In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies: https://github.com/torrentpier/torrentpier/blob/84f6c9f4a081d9ffff4c233098758280304bf50f/library/includes/functions.phpL41-L60 PoC One can use...
[360-FAAR v0.4.1] Firewall Analysis Audit And Repair
360-FAAR Firewall Analysis Audit and Repair is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Changes: This release...
[360-FAAR] Firewall Analysis Audit And Repair 0.3.6
360-FAAR Firewall Analysis Audit and Repair is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs...
Checkpoint FW1 SecuRemote/SecureClient "re-authentication" (client side hacks of users.C)
Affected products : All versions of Checkpoint FW1 when used with SecuRemote/SecureClient Namely 4.0, 4.1 at any SP level, and NG FP1 http://www.checkpoint.com/products/security/vpn-1clients.html Description : Checkpoint Firewall-1 SecuRemote/SecureClient "authentication timeout" defined in FW1's...
CheckPoint FW1 HTTP Security Hole
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings! A quite known proxy vulnerability was found for FW1 V4.1 SP5 plus hotfixes - thanks to Ryan Snyder for announcing the first bits on Firewall-1 mailing list. If you connect to a server you are allowed to connect to via HTTP proxy e.g. a comm...