Commend WS203VICM

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION : Exploitable remotely/low attack complexity Vendor : Commend Equipment : WS203VICM Vulnerabilities : Argument Injection, Improper Access Control, Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Landis+Gyr E850

1. EXECUTIVE SUMMARY CVSS v3 3.9 ATTENTION: Low attack complexity Vendor: Landis+Gyr Equipment: E850 ZMQ200 Vulnerability: Reliance on Cookies without Validation and Integrity 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition for the end...

Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service Exploit

No description provided by source. !/usr/bin/env python Ekiga GetHostAddress Remote Denial of Service Vulnerability CVE-2007-4897 ekiga207dos.py by Jose Miguel Esparza 2007-09-11 S21sec labs import sys,socket if lensys.argv != 3: sys.exitUsage: + sys.argv0 + targethost targetport\n target =...

WzdFTPD <= 8.0 - Remote Denial of Service Exploit

No description provided by source. !/usr/bin/env python WzdFTPD Denial of Service = 8.0 wzdftpddos.py by Jose Miguel Esparza 2007-01-19 S21sec labs import sys,socket user = guest passw = guest if lensys.argv != 3: sys.exitUsage: + sys.argv0 + targethost targetport\n target = sys.argv1 targetPort ...

NextGEN Gallery 1.9.12 Shell Upload

S21Sec Advisory - Title: NextGEN Gallery 1.9.12 Arbitrary File Upload ID: S21SEC-046-en CVE ID: CVE-2013-3684 Severity: High Status: Fixed History: 27.May.2013 Vulnerability discovered 28.May.2013 Vendor informed 12.Jun.2013 Fix released Authors: Marcos Agüero [email protected] URL:...

As Many as 3,000 Vodafone Memory Cards Infected by Malware

The malware that was found on a pair of Vodafone memory cards installed in HTC Magic handsets recently has in fact affected an entire batch of 3,000 memory cards, the company said. Vodafone Spain said that the company’s investigation into the incident found that a much larger number of cards was...

WzdFTPD &lt;= 8.0 Remote Denial of Service Exploit

No description provided by source. !/usr/bin/env python WzdFTPD Denial of Service = 8.0 wzdftpddos.py by Jose Miguel Esparza 2007-01-19 S21sec labs import sys,socket user = "guest" passw = "guest" if lensys.argv != 3: sys.exit"Usage: " + sys.argv0 + " targethost targetport\n" target = sys.argv1...

OpenH323 Opal SIP Protocol Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc =========================================================== OpenH323 Opal SIP Protocol Remote Denial of Service Exploit =========================================================== !/usr/bin/env python OpenH323 Opal SIP Protocol Remote Denial of...

Ekiga 2.0.5 - &#039;GetHostAddress&#039; Remote Denial of Service

!/usr/bin/env python Ekiga GetHostAddress Remote Denial of Service Vulnerability CVE-2007-4897 ekiga207dos.py by Jose Miguel Esparza 2007-09-11 S21sec labs import sys,socket if lensys.argv != 3: sys.exit"Usage: " + sys.argv0 + " targethost targetport\n" target = sys.argv1 targetPort = intsys.argv...

OpenH323 Opal SIP Protocol - Remote Denial of Service

!/usr/bin/env python OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability CVE-2007-4924 opal228dos.py by Jose Miguel Esparza 2007-10-08 S21sec labs import sys,socket if lensys.argv != 3: sys.exit"Usage: " + sys.argv0 + " targethost targetport\n" target = sys.argv1 targetPort =...

Ekiga 2.0.5 (GetHostAddress) Remote Denial of Service Exploit

No description provided by source. !/usr/bin/env python Ekiga GetHostAddress Remote Denial of Service Vulnerability CVE-2007-4897 ekiga207dos.py by Jose Miguel Esparza 2007-09-11 S21sec labs import sys,socket if lensys.argv != 3: sys.exit"Usage: " + sys.argv0 + " targethost targetport\n" target =...

WzdFTPD Denial Of Service

!/usr/bin/env python WzdFTPD Denial of Service = 8.0 wzdftpddos.py by Jose Miguel Esparza 2007-01-19 S21sec labs import sys,socket user = "guest" passw = "guest" if lensys.argv != 3: sys.exit"Usage: " + sys.argv0 + " targethost targetport\n" target = sys.argv1 targetPort = intsys.argv2 s =...

WzdFTPD 8.0 - Remote Denial of Service

WzdFTPD 8.0 - Remote Denial of Service !/usr/bin/env python WzdFTPD Denial of Service = 8.0 wzdftpddos.py by Jose Miguel Esparza 2007-01-19 S21sec labs import sys,socket user = "guest" passw = "guest" if lensys.argv != 3: sys.exit"Usage: " + sys.argv0 + " targethost targetport\n" target = sys.arg...

MS Windows IIS SSL Remote Denial of Service Exploit (MS04-011)

No description provided by source. / Microsoft SSL Remote Denial of Service MS04-011 Tested succesfully against IIS 5.0 with SSL. David Barroso Berrueta dbarroso s21sec com Alfredo Andres Omella aandres s21sec com S21sec - www s21sec com / include stdio.h include stdlib.h include unistd.h include...

s21sec-044-en.txt

S21Sec Advisory - Title: OpenDocMan Cross Site Scripting XSS ID: S21sec-044-en Severity: Low History: 15.Apr.2008 Vulnerability discovered 16.Apr.2008 Vendor contacted 27.May.2008 Patch available Scope: Cross Site Scripting XSS Platforms: Any Author: Sergi Roselló [email protected] URL:...

[Full-disclosure] S21SEC-044-en:OpenDocMan Cross Site Scripting &#40;XSS&#41;

S21Sec Advisory - Title: OpenDocMan Cross Site Scripting XSS ID: S21sec-044-en Severity: Low History: 15.Apr.2008 Vulnerability discovered 16.Apr.2008 Vendor contacted 27.May.2008 Patch available Scope: Cross Site Scripting XSS Platforms: Any Author: Sergi Rosell [email protected] URL:...

S21SEC-043-en:Cezanne SW Blind SQL Injection

S21Sec Advisory - Title: Cezanne SW login required Blind SQL Injection ID: S21SEC-043-en Severity: High History: 02.Jan.2008 Vulnerability discovered Authors: Juan de la Fuente Costa [email protected] Fco Javier Puerta Rubio [email protected] URL: http://www.s21sec.com/avisos/s21sec-43-en.txt...

S21SEC-042-en:Cezanne SW Cross-Site Scripting &#40;login required&#41;

S21Sec Advisory - Title: Cezanne SW Cross-Site Scripting login required ID: S21SEC-042-en Severity: Medium History: 02.Jan.2008 Vulnerability discovered Authors: Juan de la Fuente Costa [email protected] Fco Javier Puerta Rubio [email protected] URL:...

s21sec-42-en.txt

S21Sec Advisory - Title: Cezanne SW Cross-Site Scripting login required ID: S21SEC-042-en Severity: Medium History: 02.Jan.2008 Vulnerability discovered Authors: Juan de la Fuente Costa [email protected] Fco Javier Puerta Rubio [email protected] URL:...

S21SEC-038-en.txt

S21Sec Advisory - Title: Alcatel Omnivista 4760 Cross-Site Scripting ID: S21SEC-038-en Severity: Medium - History: 10.Jun.2007 Vulnerability discovered 20.Jun.2007 Vendor contacted 19.Oct.2007 Advisory released Authors: Juan de la Fuente Costa [email protected] Pablo Seijo Cajaraville...