CVE-2016-5054

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay...

CVE-2016-5058

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay...

CVE-2016-5054

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay...

CVE-2016-5058

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay...

Design/Logic Flaw

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay...

Design/Logic Flaw

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay...

CVE-2016-5054

CVE-2016-5054 affects OSRAM SYLVANIA Osram Lightify Home (through 2016-07-26) with a Zigbee replay vulnerability. Connected CNVD-2017-12298 provides a concrete root cause: users’ Lightify Home lacked SSL pinning, enabling a man-in-the-middle attack to obtain SSL-encrypted traffic. The CVE entry i...

CVE-2016-5058

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay...

CVE-2016-5054

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay...

CVE-2016-5058

CVE-2016-5058 references OSRAM SYLVANIA Osram Lightify Pro/Lightify Home. Connected CNVD data reveals a MITM vulnerability in Lightify Home due to the program’s failure to use SSL pinning, affecting versions 2016-07-26 and earlier. An attacker could intercept SSL/TLS traffic and capture encrypted...

Sends Beacons to Scan for Active ZigBee Networks

Post Module to send beacon signals to the broadcast address while channel hopping This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sends Beacons to Scan for Active ZigBee Networks', 'Description...

Unpatched Smart Lighting Flaws Pose IoT Risk to Businesses

A host of web-based vulnerabilities in Osram Lightify smart lighting products remain unpatched, despite private notification to the vendor in late May and CVEs assigned to the issues in June by CERT/CC. Researchers at Rapid7 today publicly disclosed some of the details on each of the nine...

Debian DSA-3505-1 : wireshark - security update

Multiple vulnerabilities were discovered in the dissectors/parsers for Pcapng, NBAP, UMTS FP, DCOM, AllJoyn, T.38, SDP, NLM, DNS, BED, SCTP, 802.11, DIAMETER, VeriWave, RVSP, ANSi A, GSM A, Ascend, NBAP, ZigBee ZCL and Sniffer which could result in denial of service. %NASLMINLEVEL 70300 C Tenable...

DSA-3505-1 wireshark - security update

Bulletin has no description...

Debian Security Advisory DSA 3505-1 (wireshark - security update)

Multiple vulnerabilities were discovered in the dissectors/parsers for Pcapng, NBAP, UMTS FP, DCOM, AllJoyn, T.38, SDP, NLM, DNS, BED, SCTP, 802.11, DIAMETER, VeriWave, RVSP, ANSi A, GSM A, Ascend, NBAP, ZigBee ZCL and Sniffer which could result in denial of service. OpenVAS Vulnerability Test $I...

FreeBSD : wireshark -- multiple vulnerabilities (42c2c422-df55-11e5-b2bd-002590263bf5)

Wireshark development team reports : The following vulnerabilities have been fixed : - wnpa-sec-2015-31 NBAP dissector crashes. Bug 11602, Bug 11835, Bug 11841 - wnpa-sec-2015-37 NLM dissector crash. - wnpa-sec-2015-39 BER dissector crash. - wnpa-sec-2015-40 Zlib decompression crash. Bug 11548 -...

Comcast XFINITY Home Security System Security Bypass Vulnerability

The Comcast XFINITY Home Security System is a complete home security system. The Comcast XFINITY Home Security System failed to properly maintain base station communications, allowing an attacker to disrupt sensor functionality by jamming ZigBee 2.4 GHz communications...

CVE-2016-2398

Comcast XFINITY Home Security System does not properly maintain base-station communication, which allows physically proximate attackers to defeat sensor functionality by interfering with ZigBee 2.4 GHz transmissions...

Design/Logic Flaw

Comcast XFINITY Home Security System does not properly maintain base-station communication, which allows physically proximate attackers to defeat sensor functionality by interfering with ZigBee 2.4 GHz transmissions...

CVE-2016-2398

CVE-2016-2398 affects the Comcast XFINITY Home Security System. The vulnerability arises from improper maintenance of base-station communication, allowing physically proximate attackers to defeat sensor functionality by interfering with ZigBee 2.4 GHz transmissions. The linked records confirm the...