EUVD-2013-6750

Malware in sbrugna...

New NAT/Firewall Bypass Attack Lets Hackers Access Any TCP/UDP Service

A new research has demonstrated a technique that allows an attacker to bypass firewall protection and remotely access any TCP/UDP service on a victim machine. Called NAT Slipstreaming, the method involves sending the target a link to a malicious site or a legitimate site loaded with malicious ads...

Chrome OS exploit: one byte overflow and symlinks

The following article is an guest blog post from an external researcher i.e. the author is not a Project Zero or Google researcher. This post is about a Chrome OS exploit I reported to Chrome VRP in September. The Project Zero folks were nice to let me do a guest post about it, so here goes. The...

Belkin Wemo Home Automation Devices远程安全限制绕过漏洞

BUGTRAQ ID: 65632 CVECAN ID: CVE-2013-6949 Belkin Wemo Home Automation devices 是家电远程控制系列产品。 Belkin Wemo Home Automation设备使用 STUN & TURN 协议，该漏洞让控制了一个Wemo设备的攻击者可用 STUN & TURN 协议中继连接到其他的Wemo设备。 0 Belkin Wemo Home Automation 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...