Cisco IOS XE Software Startup Script Local Command Execution Vulnerability

A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. SPDX-FileCopyrightText: 2017 Greenbone AG Some te...

Cisco IOS XE Software Local Command Execution Vulnerability

Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. The Cisco IOS XE Software startup script does not validate the value of the ROMMON variable effectively, allowing remote attackers to exploit the vulnerability by submitting a specia...

Cisco IOS XE Software Startup Script Local Command Execution Vulnerability

A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerability is due to insufficient validati...

Nagios 4.2.2 - Local Privilege Escalation

Nagios 4.2.2 - Local Privilege Escalation Affected Product: Nagios 4 Vulnerability Type: root privilege escalation Fixed in Version: N/A Vendor Website: https://www.nagios.com/ Software Link: : https://sourceforge.net/projects/nagios/files/latest/download?source=directory-featured Affected Versio...

openSUSE Security Update : ntp (openSUSE-2016-599)

This update for ntp to 4.2.8p7 fixes the following issues : - CVE-2016-1547, bsc977459: Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. - CVE-2016-1548, bsc977461: Interleave-pivot - CVE-2016-1549, bsc977451: Sybil vulnerability: ephemeral association attack. - CVE-2016-1550, bsc977464: Improve NTP...

SUSE-SU-2016:1278-1 Security update for ntp

This update for ntp to 4.2.8p7 fixes the following issues: CVE-2016-1547, bsc977459: Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. CVE-2016-1548, bsc977461: Interleave-pivot CVE-2016-1549, bsc977451: Sybil vulnerability: ephemeral association attack. CVE-2016-1550, bsc977464: Improve NTP security...

Reverse router firmware of sensitive information leaked Part2-vulnerability warning-the black bar safety net

Previous articledescribes in detail the various unpacking the router firmware tools. Unpacking after you get the firmware file. The next step is to analyze the files looking for vulnerabilities. This time the goal of the analysis is a Trendnet Router, the analysis of the vulnerability is a remote...

Phabricator: SSRF vulnerability (access to metadata server on EC2 and OpenStack)

In bug 50537, haquaman reported a SSRF vulnerability in the meme creation section of Phabricator. Ticket T6755 was created and the HackerOne issue was closed as "Won't fix". T6755 states that "attackers can use the machine's ability to access the network, which may allow them to find services and...

openSUSE Security Update : chromium (openSUSE-SU-2013:1556-1)

Update to Chromium 30.0.1599.66 : - Easier searching by image - A number of new apps/extension APIs - Lots of under the hood changes for stability and performance - Security fixes : + CVE-2013-2906: Races in Web Audio + CVE-2013-2907: Out of bounds read in Window.prototype object + CVE-2013-2908:...

Script to automatically create the account password script to automatically create an account password-loophole warning-the black bar safety net

@echo off net user lanye lanye /add net user localgroup administrators lanye /add It is actually very simple! Here's the@echo off you can write you can not write． Action is prompt. The above code is saved as the ＢＡＴ file after that put in C:\windows\system32\GroupPolicy\Machine\Scripts\Startup th...

Mysteriously replaced Windows XP user password-vulnerability warning-the black bar safety net

Windows XP startup scriptstartup scriptsis a computer in the login screen to appear before running the batch file, which functions similar to the Windows 9X and DOS automatically executed batch file, the autoexec. bat. Using this feature, you can write a batch file to re-set the user password, an...

Mysteriously replaced Windows XP user password-vulnerability warning-the black bar safety net

Windows XP startup scriptstartup scriptsis a computer in the login screen to appear before running the batch file, which functions similar to the Windows 9×and DOS automatically executed batch file, the autoexec. bat. Using this feature, you can write a batch file to re-set the user password, and...

Start the back door of one idea-the vulnerability of early warning-the black bar safety net

A Group Policy startup script; Use process:start the Group Policyrun-gpedit. msc-Computer Configuration-Windows Settings-scriptsstartup/shutdown Start with the shutdown related settings; Select Start-properties-add will pop up select the script name Selection procedure C:\windows\system32\net.exe...

Elevated administrator permissions:startup script method-vulnerability warning-the black bar safety net

We watched“my non-IF. S. T”summary elevated administrator privileges 8 of the law, and now we use the startup script and batch in to get the shell of the case under the elevated No. 9: startup script method! of! The first batch of leakage Ah, we can get optimistic, and I try to cut the crap,...

CVE-2005-3387

The startup script in packages/RedHat/ntop.init in ntop before 3.2, when ntop.conf is writable by users besides root, creates temporary files insecurely, which allows remote attackers to execute arbitrary code...

CVE-2005-3387

The startup script in packages/RedHat/ntop.init in ntop before 3.2, when ntop.conf is writable by users besides root, creates temporary files insecurely, which allows remote attackers to execute arbitrary code...

CVE-2005-3387

The CVE-2005-3387 issue affects ntop prior to version 3.2. The startup script in packages/RedHat/ntop.init creates temporary files insecurely when ntop.conf is writable by non-root users, enabling arbitrary code execution by a remote attacker. The provided documents do not specify exploitation ve...

Mysteriously replaced XP user password-vulnerability warning-the black bar safety net

Windows XP startup scriptstartup scriptsis a computer in the login screen to appear before running the batch file, which functions similar to the Windows 9×and DOS automatically executed batch file, the autoexec. bat. Using this feature, you can write a batch file to re-set the user password, and...

Giptables firewall symbolic links problem

Symbolic links problem in startup script...

CVE-2002-0795

CVE-2002-0795 affects the FreeBSD rc startup script (FreeBSD 4–4.5). The root cause is a symlink attack on X Window system lock files that allows local users to delete arbitrary files. Exploitation details are not provided in the available documents, so the exact steps and vulnerable files are no...