2578 matches found
DSA-2645-1 inetutils - denial of service
Bulletin has no description...
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
CVE-2009-2695 kernel: SELinux and mmapminaddr CVE-2009-3228 kernel: tc: uninitialised kernel memory leak CVE-2009-3286 kernel: OEXCL creates on NFSv4 are broken CVE-2009-2908 kernel ecryptfs NULL pointer dereference CVE-2009-3613 kernel: flood ping cause out-of-iommu error and panic when mtu larg...
Nmap NSE 6.01: smb-psexec
Implements remote process execution similar to the Sysinternals' psexec tool, allowing a user to run a series of programs on a remote machine and read the output. This is great for gathering information about servers, running the same tool on a range of system, or even installing a backdoor on a...
Polycom HDX - Telnet Authentication Bypass (Metasploit)
Polycom HDX - Telnet Authentication Bypass Metasploit ======================================================================== = Polycom HDX Telnet Authorization Bypass = = Vendor Website: = www.polycom.com = = Affected Version: = Polycom HDX devices: = All releases prior to and including...
Polycom HDX Telnet Authorization Bypass Vulnerability
The Polycom HDX is a series of telecommunication and video devices. The telnet component of Polycom HDX video endpoint devices is vulnerable to an authorization bypass when multiple simultaneous connections are repeatedly made to the service, allowing remote network attackers to gain full access ...
Linksys WRT160N XSS / CSRF / Command Injection
Device Name: Linksys WRT160Nv2 Vendor: Linksys/Cisco ============ Device Description: ============ Best For: Delivers plenty of speed and coverage, so large groups of users can go online, transfer large files, print, and stream stored media Features: Fast Wireless-N connectivity frees you to do...
Linksys WRT54GL Remote Command Execution
Some Linksys Routers are vulnerable to OS Command injection. You will need credentials to the web interface to access the vulnerable part of the application. Default credentials are always a good starting point. admin/admin or admin and blank password could be a first try. Note: This is a blind O...
Polycom Command Shell Authorization Bypass
The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prom...
Nessus XMLRPC Interface Ping Utility
This module simply attempts to find and check for Nessus XMLRPC interface.' nessusxmlrpcping.rb This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nessus XMLRPC Interface Ping Utility',...
Hardening Linux Security in few seconds using "Server Shield"
Are you running Linux just because you think it's safer than Windows? Think again. Sure, security is a built-in feature and extends right from the Linux kernel to the desktop, but it still leaves enough room to let someone muck about with your /home folder. Linux might be impervious to viruses an...
CVE-2011-4639
The 1 Traceroute and 2 Ping implementations in tools.php in SpamTitan WebTitan before 3.60 allow remote authenticated users to execute arbitrary commands via shell metacharacters in an argument, as demonstrated by an && ampersand ampersand sequence...
CVE-2011-4639
The 1 Traceroute and 2 Ping implementations in tools.php in SpamTitan WebTitan before 3.60 allow remote authenticated users to execute arbitrary commands via shell metacharacters in an argument, as demonstrated by an && ampersand ampersand sequence...
CVE-2011-4639
CVE-2011-4639 concerns SpamTitan WebTitan prior to version 3.60, where the (1) Traceroute and (2) Ping implementations in tools.php are vulnerable. The underlying issue allows remote authenticated users to execute arbitrary commands through shell metacharacters in an argument, demonstrated by an ...
CVE-2012-4361
lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter...
Scientific Linux Security Update : ypbind on SL3.x i386/x86_64
This updated package fixes the following bugs : - after a NIS server change, for example, after a server failure, ypbind corrupted files in the '/var/yp/binding/' directory. As well, these files were not updated, possibly causing old information to be retained. In these situations, glibc attempte...
kernel: rds-ping cause kernel panic
The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service BUGON and kernel panic by establishing an RDS connection with the source IP address equal to the IPoIB...
HP StorageWorks P4000 Virtual SAN Appliance Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "HP StorageWorks...
ip-forwarding NSE Script
Detects whether the remote device has ip forwarding or "Internet connection sharing" enabled, by sending an ICMP echo request to a given target using the scanned host as default gateway. The given target can be a routed or a LAN host and needs to be able to respond to ICMP requests ping in order...
IPUtils Denial Of Service
==== Description ==== An integer overflow was found in iputils/pingcommon.c mainloop function which could lead to excessive CPU usage when triggered could lead to DoS. This means that both ping and ping6 are vulnerable. ==== Proof-Of-Concept ==== Specify "big" interval -i option for ping/ping6...
TP-Link Cross Site Scripting
Exploit Title: Tp-Link Cross Site Scripting Date: 11.03.2012 Author: l20ot Web Browser : Mozilla Firefox Blog : http://www.twitter.com/l20ot ------------------------------------------------------ Vulnerability is on Ping tool. 1- Go to http://192.168.1.1/maintenance/toolstest.htm 2- make ping lik...