Clik here to view.
Barracuda WAF V360 Firmware 8.0.1.014 Early Boot Root Shell
Firmware reversing of the Barracuda Web Application Firewall uncovered debug features that should have been removed on the production images. Appending a debugging statement onto a grub configuration...
View ArticleClik here to view.
Barracuda WAF V360 Firmware 8.0.1.014 Credential Disclosure
Firmware reversing of the Barracuda Web Application Firewall uncovered development artifacts that should have been removed on the production images. Once the encryption scheme was broken, many QA and...
View ArticleClik here to view.
Barracuda WAF V360 Firmware 8.0.1.014 Grub Password Complexity
The grub password for all Barracuda WAF V360 virtual appliances is four characters in length and, as a result, may be trivially easy to crack. Firmware version 8.0.1.014 is affected.MD5 |...
View ArticleClik here to view.
Barracuda WAF V360 Firmware 8.0.1.014 Username / Session ID Leak
The Barracuda WAF management application transmits the current user and session identifier over HTTP GET. Firmware version 8.0.1.014 is affected.MD5 |...
View ArticleClik here to view.
Barracuda WAF V360 Firmware 8.0.1.014 Support Tunnel Hijack
Barracuda WAF V360 with firmware 8.0.1.014 suffers from a support tunnel hijacking vulnerability.MD5 | 25834f424ff04c0e96e8ca47d4c3bc69DownloadKL-001-2017-014 : Barracuda WAF Support Tunnel...
View ArticleClik here to view.
Solarwinds LEM 6.3.1 Hardcoded Credentials
Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 has hard-coded credentials.MD5 | ea71b65684154ffd99e1bd069f695c0aDownloadKL-001-2017-015 : Solarwinds LEM Hardcoded CredentialsTitle:...
View ArticleClik here to view.
WordPress Responsive Lightbox Plugin CVE-2017-2243 Cross Site Scripting...
The Responsive Lightbox WordPress Plugin is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user...
View ArticleClik here to view.
Firefox 54.0.1 - Denial of Service
EDB-ID: 42302Author: hyp3rlinxPublished: 2017-07-07CVE: N/A Type: DosPlatform: WindowsVulnerable App: N/A [+] Website: hyp3rlinx.altervista.org [+] Source:...
View ArticleClik here to view.
Yaws 1.91 - Remote File Disclosure
EDB-ID: 42303Author: hyp3rlinxPublished: 2017-07-07CVE: CVE-2017-10974 Type: RemotePlatform: MultipleVulnerable App: [+] Website: hyp3rlinx.altervista.org [+] Source:...
View ArticleClik here to view.
Microsoft .NET Privilege Escalation
Microsoft .NET suffers from a privilege escalation vulnerability.MD5 | 2a8f5d7ca04a21fe887ffeadfb6a91efDownloadHi @ll,all versions of .NET Framework support to load a COM object ascode profiler,...
View ArticleClik here to view.
EMC Data Protection Advisor SQL Injection / Path Traversal
EMC Data Protection Advisor versions prior to 6.4 suffer from remote SQL injection and path traversal vulnerabilities.MD5 | bb15dd92d582999bd00052456097ccf3Download-----BEGIN PGP SIGNED...
View ArticleClik here to view.
Microsoft Office 365 Enterprise E3 Insufficient Session Expiration
Microsoft Office 365 Enterprise E3 suffers from an insufficient session expiration vulnerability.MD5 | b66194af3c4ecfb1756126159b020eb3Download-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256Advisory ID:...
View ArticleClik here to view.
Firefox 54.0.1 Denial Of Service
Firefox version 54.0.1 suffers from a denial of service vulnerability.MD5 | 9e6dbc8b2122d425a1c5d8b9e352ef36Download[+] Credits: John Page aka hyp3rlinx [+] Website: hyp3rlinx.altervista.org[+] Source:...
View ArticleClik here to view.
Yaws 1.91 Unauthenticated Remote File Disclosure
Yaws version 1.91 suffers from an unauthenticated remote file disclosure vulnerability.MD5 | d44a9473734ef6a0a26b8cb7543fa88eDownload[+] Credits: John Page aka hyp3rlinx [+] Website:...
View ArticleClik here to view.
Easy File Sharing Web Server 7.2 - GET HTTP Request 'PassWD' Buffer Overflow...
EDB-ID: 42304Author: Sungchul ParkPublished: 2017-07-08CVE: N/A Type: RemotePlatform: WindowsVulnerable App: # Exploit Title: Easy File Sharing Web Server 7.2 - GET Buffer Overflow (DEP Bypass with...
View ArticleClik here to view.
Ubuntu Vivid CVE-2015-1336 Local Privilege Escalation Vulnerability
Ubuntu Vivid is prone to a local privilege-escalation vulnerability. A local attacker can exploit this vulnerability to gain elevated privileges. InformationBugtraq ID: 79723 Class: Design Error CVE:...
View ArticleClik here to view.
NfSen
EDB-ID: 42306Author: Paul TaylorPublished: 2017-07-10CVE: CVE-2017-6971 Type: RemotePlatform: LinuxVulnerable App: # Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1~bpo80+1_all. Previous versions are also...
View ArticleClik here to view.
NfSen < 1.3.7 / AlienVault OSSIM < 5.3.6 - Privilege Escalation
EDB-ID: 42305Author: Paul TaylorPublished: 2017-07-10CVE: CVE-2017-6970 Type: LocalPlatform: LinuxVulnerable App: # Version: NfSen 1.3.7 # Version: AlienVault 5.3.6 # Date: 2017-07-10 # Vendor...
View ArticleClik here to view.
DNS/DNSSEC RR Stub Resolver Denial Of Service
DNS/DNSSEC RR stub resolvers amplification distributed denial of service exploit.MD5 | 0dcc402c9b94f66a14d0a3fd9f69f56bDownload#!/usr/bin/perl### DNS/DNSSEC RR stub resolvers amplification ddos##...
View ArticleClik here to view.
NfSec 1.3.7 / AlienVault USM/OSSIM 5.3.6 Local Root
NfSec versions 1.3.7 and below and AlienVault USM/OSSIM versions 5.3.6 and below suffer from a local privilege escalation vulnerability.MD5 | 787b269cad22ea86e1c32d8ac3022b2fDownload# Exploit Title:...
View Article