ADB BroadBand Pirelli ADSL2/2+ wireless router version P.DGA4001N suffers from multiple unauthenticated remote information disclosure vulnerabilities.
c27420c6214c07d113f42f92de3a862da4bb8a1e2801fa4986abbf6126b86985This Metasploit module will exploit an authenticated XXE vulnerability to read the keystore.properties off of the filesystem. This properties file contains an encrypted password that is set during installation. What is interesting about this password is that it is set as the same password as the database 'sa' user and of the admin user created during installation. This password is encrypted with a static key, and is encrypted using a weak cipher at that (ECB).
01a438afa7dd5e3323cf3bdca6d5720f8815799cc27eaf5498b39b69ad28f5a5Kajona CMS version 4.6 suffers from a cross site scripting vulnerability.
0a9afff33b043d1dce49be4bee3d8a88e722ad843059aa024c313f2a461663cfSefrengo CMS version 1.6.0 suffers from a cross site scripting vulnerability.
82b880a1d59e56fc12889e13abf84b6cfa6e85f85e486bf1b0a2fcc3729532ebSefrengo CMS version 1.6.0 suffers from a remote SQL injection in the administrative backend.
307542e83bb0371fc65a2729e107d796f2c0ad96654f0edbe4970f8ab2b22bbdThis Metasploit module exploits a stack-based buffer overflow vulnerability in BulletProof FTP Client 2010, caused by an overly long hostname. By persuading the victim to open a specially-crafted .BPS file, a remote attacker could execute arbitrary code on the system or cause the application to crash. This Metasploit module has been tested successfully on Windows XP SP3.
e5d33406aeb9e2aa88598b1dd18462a9ef67a59bb67577584d10ed7cf7894210Documentum Web Development Kit (WDK) and WDK-based clients contain cross site scripting, cross site request forgery, URL redirection, insufficient randomness, and frame injection vulnerabilities.
5723d492c782836a6ea35341d64a0bc9cd8f7b71e77c2cdeae6a36557bb3eb80Mandriva Linux Security Advisory 2015-005 - A NULL pointer dereference flaw was found in the way mod_dav_svn handled REPORT requests. A remote, unauthenticated attacker could use a crafted REPORT request to crash mod_dav_svn. A NULL pointer dereference flaw was found in the way mod_dav_svn handled URIs for virtual transaction names. A remote, unauthenticated attacker could send a request for a virtual transaction name that does not exist, causing mod_dav_svn to crash.
d13ea010371425cf8a9fd6eb8987085bef55351cbb1da6f338800d6a56ee2ebdDebian Linux Security Advisory 3119-1 - Andrew Bartlett of Catalyst reported a defect affecting certain applications using the Libevent evbuffer API. This defect leaves applications which pass insanely large inputs to evbuffers open to a possible heap overflow or infinite loop. In order to exploit this flaw, an attacker needs to be able to find a way to provoke the program into trying to make a buffer chunk larger than what will fit into a single size_t or off_t.
ba981464d57b711de3d7ce967eb091055c67eccec9d191c924fbdf642b319abeUbuntu Security Notice 2451-1 - Serge Hallyn discovered that cgmanager did not consistently enforce proper nesting when modifying cgroup properties. A local attacker in a privileged container could use this to set cgroup values for all cgroups.
21b3dfa60d85c13fffa18b591a2a6ebfd566166d299f3f83dff8cadced9419eaThis paper describes some of the common problems faced in biometrics and possible solutions to these problems.
1e2342519676a56045378295699ec80a758236ce205376eff99f6166e1ce8163This is proof of concept code that demonstrates reverse-engineering of the default WPA key generation algorithm used in ADB broadband Pirelli routers in Argentina. Model P.DG-A4001N is affected.
9527c73ee36d4ee8f486e3120f240ad2de3454591ef889ad7519aa54f4242c5a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed