Linux Distros Unpatched Vulnerability : CVE-2019-25355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal...

UBUNTU-CVE-2019-25355

gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal...

CVE-2019-25355

CVE-2019-25355 affects gSOAP 2.8, where an unauthenticated attacker can perform HTTP path traversal to access sensitive files (e.g., /etc/passwd) by sending crafted GET requests with multiple "../" sequences. Root cause is directory traversal in the HTTP path handling. Documented impact indicates...

gSOAP 2.8 - Directory Traversal

Title: gSOAP 2.8 - Directory Traversal Author: Numan Türle Date: 2019-11-13 Vendor Homepage: https://www.genivia.com/ Version : gSOAP 2.8 Software Link : https://www.genivia.com/products.htmlgsoap POC --------- GET /../../../../../../../../../etc/passwd HTTP/1.1 Host: 10.200.106.101 Accept:...

gSOAP 2.8 Directory Traversal

Title: gSOAP 2.8 - Directory Traversal Author: Numan Türle Date: 2019-11-13 Vendor Homepage: https://www.genivia.com/ Version : gSOAP 2.8 Software Link : https://www.genivia.com/products.htmlgsoap POC --------- GET /../../../../../../../../../etc/passwd HTTP/1.1 Host: 10.200.106.101 Accept:...

CVE-2019-6973

Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomplete HTTP requests because the web server based on gSOAP 2.8.x is configured for an iterative queueing approach aka non-threaded operation with a timeout of several seconds...

Denial of service

Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomplete HTTP requests because the web server based on gSOAP 2.8.x is configured for an iterative queueing approach aka non-threaded operation with a timeout of several seconds...

CVE-2019-6973

Summary (CVE-2019-6973) : Sricam IP CCTV cameras running gSOAP 2.8.x are affected by a denial-of-service condition. The vulnerability arises from the embedded web server invoking an iterative (non-threaded) request handling model with a multi-second timeout, making the device susceptible to handl...

Sricam gSOAP 2.8 Denial Of Service

!/bin/bash Exploit Title: Sricam gSOAP 2.8 - Denial of Service Date: 25/01/2019 Vendor Status: Informed 24/10/2018 CVE ID: CVE-2019-6973 Exploit Author: Andrew Watson Contact: https://keybase.io/bitfu Software Version: Sricam gSOAP 2.8 Vendor Homepage: http://www.sricam.com/ Tested on: Sricam IP...

Sricam gSOAP 2.8 - Denial of Service Exploit

!/bin/bash Exploit Title: Sricam gSOAP 2.8 - Denial of Service Date: 25/01/2019 Vendor Status: Informed 24/10/2018 CVE ID: CVE-2019-6973 Exploit Author: Andrew Watson Contact: https://keybase.io/bitfu Software Version: Sricam gSOAP 2.8 Vendor Homepage: http://www.sricam.com/ Tested on: Sricam IP...

Sricam gSOAP 2.8 - Denial of Service

!/bin/bash Exploit Title: Sricam gSOAP 2.8 - Denial of Service Date: 25/01/2019 Vendor Status: Informed 24/10/2018 CVE ID: CVE-2019-6973 Exploit Author: Andrew Watson Contact: https://keybase.io/bitfu Software Version: Sricam gSOAP 2.8 Vendor Homepage: http://www.sricam.com/ Tested on: Sricam IP...

Sricam gSOAP 2.8 - Denial of Service

Sricam gSOAP 2.8 - Denial of Service !/bin/bash Exploit Title: Sricam gSOAP 2.8 - Denial of Service Date: 25/01/2019 Vendor Status: Informed 24/10/2018 CVE ID: CVE-2019-6973 Exploit Author: Andrew Watson Contact: https://keybase.io/bitfu Software Version: Sricam gSOAP 2.8 Vendor Homepage:...