7921 matches found
Equation organization leaked windows framework vulnerability tool Esteemaudit RDP vulnerability
1. Reproduction environment: • Windows 2003 sp2 x86 •Windows 2003 configuration the domain server Domain server set up please refer to: https://wenku.baidu.com/view/430e9e96964bcf84b9d57bd4.html) 2. Environment to build: From https://yadi.sk/d/NJqzpqo3GxZA4 download the leaked file Under linux by...
CVE-2017-3881: Cisco Catalyst switches remote code execution vulnerability analysis-vulnerability warning-the black bar safety net
Your Catalyst switches whether to enable the telnet in? If Yes, it would have to be careful. This article will be to introduce the reader for the equipped with the latest firmware the Catalyst 2960 switch the remote code execution vulnerability proof-of-concept attack technique. Specific exploit...
Trend Micro Threat Discovery Appliance arbitrary files deletion (CVE-2016-7552)
A file delete in the logoff.cgi interface that allows for an authentication bypass CVE-2016-7552. A command injection in the adminsystime.cgi interface that allows for an attacker to gain remote code execution CVE-2016-7547. Trend Micro are not patching this vulnerability since this product is no...
Silicon Graphics LibTIFF 'JPEGSetupEncode' Function Denial of Service Vulnerability
Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains a number of command-line tools for processing TIFF files. A security vulnerability exists in the 'JPEGSetupEncode' function of the tiffjpeg.c file in...
Broadcom: Heap overflow in "wlc_tdls_cal_mic_chk" due to large RSN IE in TDLS Setup Confirm frame (CVE-2017-0561)
Broadcom produces the Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. One of the events handled by the BCM...
Broadcom Wi-Fi SoC - Heap Overflow in wlc_tdls_cal_mic_chk Due to Large RSN IE in TDLS Setup Confirm
Exploit for hardware platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1047 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are...
Broadcom Wi-Fi SoC - Heap Overflow wlc_tdls_cal_mic_chk Due to Large RSN IE in TDLS Setup Confirm Frame
Broadcom Wi-Fi SoC - Heap Overflow wlctdlscalmicchk Due to Large RSN IE in TDLS Setup Confirm Frame Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1047 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in bot...
Broadcom Wi-Fi SoC - Heap Overflow 'wlc_tdls_cal_mic_chk' Due to Large RSN IE in TDLS Setup Confirm Frame
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1047 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without...
MODX Revolution 'setup/templates/findcore.php' file remote code execution vulnerability
MODX Revolution is a PHP-based open source content management system CMS from the U.S. company MODX. The system supports online collaboration, search engine optimization SEO, add-ons and more. A security vulnerability exists in the setup/templates/findcore.php file in MODX Revolution 2.5.4-pl and...
MODX Revolution 'setup/controllers/welcome.php' file remote code execution vulnerability
MODX Revolution is a PHP-based open source content management system CMS from the U.S. company MODX. The system supports online collaboration, search engine optimization SEO, add-ons and more. A security vulnerability exists in the setup/controllers/welcome.php file in MODX Revolution 2.5.4-pl an...
OSINT Gathering Tool: Inquisitor
OSINT Gathering Tool Inquisitor is a simple for gathering information on companies and organizations through the use of Open Source Intelligence OSINT sources. The key features of Inquisitor include: 1. The ability to cascade the ownership label of an asset e.g. if a Registrant Name is known to...
mapr Information Disclosure
Hello, The mapr web frontend component creates an information disclosure vulnerability. During the setup of mapr the configure.sh script calls a function ConfigureWSRole: function ConfigureWSRole if $clientOnly -eq 0 -a $dontChangeSecurityPermissionsOn -eq 0 ; then ConfigureRunUserForWS fi This...
Setting up a default landing page on Storefront 3.0
The article describes how to set the default landing page in x1 / 3.x on StoreFront 3.x...
PVS targets experience BSOD: IRQL Not Less or Equal on targets created using XDSW when booting for the first time
PVS Target devices created using Xendesktop Setup Wizard are running in toa blue screen of death issue. The error message displayed on the BSOD screen shows the following message: Your PC ran into a problem and needs to restart. We're just collecting some error info, and then we'll restart for yo...
NetScaler Double Hop Communication Flow with StoreFront
This article explains how the communication flow works when we configure NetScaler in double hop with StoreFront...
pfsense 2.3.2 Code Execution
Security Advisory - Curesec Research Team 1. Introduction Affected Product: pfsense 2.3.2 Fixed in: 2.3.3 Fixed Version Link: https://pfsense.org/download/ Vendor Website: https://www.pfsense.org/ Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 02/06/2017 Disclosed ...
MaxPatrol 8 installation process
Today I have a great opportunity to write about MaxPatrol 8. For me it is a very nostalgic experience. I worked for many year in Positive Technologies developing this product. And now I can write about it from the customer side. MaxPatrol is still not very well known outside Russia and CIS,...
How to configure ADFS Claim Rules and StoreFront with Multiple Domains
How to configure ADFS Claim Rules and StoreFront with multiple domains?...
The vulnerability of the Android operating system, which allows a hacker to trigger a service failure
The vulnerability of the Setup Wizard component in the Android operating system is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to require user input for Google accounts after a reboot. This could lead to service interruptions and even cause...
The vulnerability of the Android operating system, which allows a hacker to trigger a service failure
The vulnerability of the Setup Wizard component in the Android operating system is related to access control deficiencies. Exploiting this vulnerability can allow a malicious actor to cause service failures, as well as lead to the device becoming completely unusable and requiring recompiling...