Netgear DGN2200B pppoe.cgi Remote Command Execution

Some Netgear Routers are vulnerable to an authenticated OS command injection on their web interface. Default credentials for the web interface are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd...

Netgear DGN1000B setup.cgi Remote Command Execution

Some Netgear Routers are vulnerable to authenticated OS Command injection. The vulnerability exists in the web interface, specifically in the setup.cgi component, when handling the TimeToLive parameter. Default credentials are always a good starting point, admin/admin or admin/password could be a...

Linksys E1500/E2500 apply.cgi Remote Command Injection

Some Linksys Routers are vulnerable to an authenticated OS command injection. Default credentials for the web interface are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. A ping...

Linksys E1500/E2500 apply.cgi Remote Command Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Linksys E1500/E2500 apply.cgi Remote...

Linksys E1500/E2500 apply.cgi Remote Command Injection Vulnerability

Some Linksys Routers are vulnerable to an authenticated OS command injection. Default credentials for the web interface are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. A ping...

Linksys E1500/E2500 Remote Command Execution

Some Linksys Routers are vulnerable to an authenticated OS command injection. Default credentials for the web interface are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command. A ping command against a controlled syste...

[SECURITY] [DSA 2645-1] inetutils security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2645-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez March 14, 2013 http://www.debian.org/security/faq -...

Polycom HDX - Telnet Authentication Bypass (Metasploit)

Polycom HDX - Telnet Authentication Bypass Metasploit ======================================================================== = Polycom HDX Telnet Authorization Bypass = = Vendor Website: = www.polycom.com = = Affected Version: = Polycom HDX devices: = All releases prior to and including...

Polycom HDX Telnet Authorization Bypass Vulnerability

The Polycom HDX is a series of telecommunication and video devices. The telnet component of Polycom HDX video endpoint devices is vulnerable to an authorization bypass when multiple simultaneous connections are repeatedly made to the service, allowing remote network attackers to gain full access ...

Linksys WRT54GL Remote Command Execution

Some Linksys Routers are vulnerable to OS Command injection. You will need credentials to the web interface to access the vulnerable part of the application. Default credentials are always a good starting point. admin/admin or admin and blank password could be a first try. Note: This is a blind O...

Polycom Command Shell Authorization Bypass

The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prom...

Successful Shell Attack Detected - Windows 'ping' Command

Binary data 6197.prm...

Successful Shell Attack Detected - Linux 'ping' Command

Binary data 6148.prm...

BSA-011 Security Update for znc

Patrick Matthäi pmatthaei uploaded new packages for znc which fixed the following security problems: CVE-2010-2934 Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to cause a denial of service exception and daemon crash via unknown vectors related to "unsafe substr calls."...

CVE-2010-2812

Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service exception and daemon crash via a PING command that lacks an argument...

DEBIAN-CVE-2010-2812

Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service exception and daemon crash via a PING command that lacks an argument...

CVE-2010-2812

Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service exception and daemon crash via a PING command that lacks an argument...

CVE-2010-2812

Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service exception and daemon crash via a PING command that lacks an argument...

Command injection

Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service exception and daemon crash via a PING command that lacks an argument...

CVE-2010-2812

Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service exception and daemon crash via a PING command that lacks an argument...