CVE-2018-19860

Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command...

EUVD-2018-11534

Malware in sbrugna...

BKS EBK Ethernet-Buskoppler Pro Shell Upload

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2019-017 Product: BKS EBK Ethernet-Buskoppler Pro Manufacturer: BKS GmbH Affected Versions: 3.01 Vulnerability Type: Unrestricted Upload of File with Dangerous Type CWE-434 Risk Level: High Solution Status: Fixed Manufacturer...

BKS EBK Ethernet-Buskoppler Pro Shell Upload Vulnerability

BKS EBK Ethernet-Buskoppler Pro versions prior to 3.01 suffer from a remote shell upload vulnerability. Product: BKS EBK Ethernet-Buskoppler Pro Manufacturer: BKS GmbH Affected Versions: 3.01 Vulnerability Type: Unrestricted Upload of File with Dangerous Type CWE-434 Risk Level: High Solution...

Command injection

Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command...

CVE-2018-19860

Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command...

CVE-2018-19860

CVE-2018-19860 affects Broadcom Bluetooth firmware (Nexus 5 BCM4335C0; Raspberry Pi 3 BCM43438A1; other Broadcom-based devices) prior to summer 2014. The issue is an improper restriction of LMP commands, allowing an LMP command to cause execution of memory contents, effectively enabling memory co...

CVE-2018-18068

The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 the highest privilege level in ARMv8 memory/register via inter-processor debugging. With a debug host processor A running in non-secure EL1 and a debug...

CVE-2018-18068

CVE-2018-18068 affects the ARM-based hardware debugging feature used on the Raspberry Pi 3 Model B+ (and possibly other devices). The flaw lets a non-secure EL1 debug host read/write any EL3 memory/register via inter-processor debugging, enabling the host to halt the target and elevate its privil...

Kali Linux 2018.4 Release - Penetration Testing and Ethical Hacking Linux Distribution

Welcome to our fourth and final release of 2018, Kali Linux 2018.4, which is available for immediate download. This release brings kernel up to version 4.18.10, fixes numerous bugs, includes many updated packages, and a very experimental 64-bit Raspberry Pi 3 image. New Tools and Tool Upgrades...

Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 Bytes)

/ Title: Linux/ARM - Bind 0.0.0.0:4444/TCP Shell /bin/sh + Null-Free Shellcode 92 Bytes Date: 2018-09-26 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode 20 Bytes

/ Title: Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 20 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...

Linux/ARM - execve("/bin/sh", ["/bin/sh"], NULL) Shellcode (32 Bytes)

/ Title: Linux/ARM - execve"/bin/sh", "/bin/sh", NULL Shellcode 32 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux pi@raspberrypi: $ lsbrelease -a No LSB modules are...

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)

Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes Date: 2018-08-30 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara...

Linux/ARM - Bind (4444/TCP) Shell +IPv6 Shellcode (128 Bytes)

Linux/ARM - Bind 4444/TCP Shell +IPv6 Shellcode 128 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - IPv6 4444/TCP Bind Shellcode 128 Bytes Date: 2018-07-25 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP...

Linux/ARM - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (116 Bytes)

/ Title: Linux/ARM - IPv6 ::1 4444/TCP Reverse Shellcode 116 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.34-v7+ 1110 SMP Mon Apr 16 15:18:51 BST 2018 armv7l GNU/Linux pi@raspberrypi: $ lsbrelease -a No LSB modules are...

Raspberry Pi 3 to get official Android OS support

It's fair to say the success of the ARM-powered Raspberry Pi computers have surpassed expectations and have been a godsend to hobbyists, hackers, and students. If you're one of those people looking for unofficial hacks to install Android OS on a Raspberry Pi device, then stop and wait for the...

Raspberry Pi 3 — New $35 MicroComputer with Built-in Wi-Fi and Bluetooth

While celebrating its computer's fourth birthday, the Raspberry Pi Foundation has launched a brand new Raspberry Pi today. Great news for all Micro-computing fans – A new, powerful Raspberry Pi 3 Model B in town. Months after introducing just $5 Raspberry Pi Zero, Raspberry Pi Foundation has...