Subscribe via feed.
Archive for February, 2016

GTA Firewall GB-OS 6.2.02 Script Insertion

Posted by deepcore under exploit (No Respond)

GTA Firewall GB-OS version 6.2.02 suffers from a local malicious script insertion vulnerability.

ManageEngine Firewall Analyzer 8.5 SP-5.0 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

ManageEngine Firewall Analyzer version 8.5 SP-5.0 suffers from multiple cross site scripting vulnerabilities.

Ubiquiti Networks UniFi 3.2.10 Cross Site Request Forgery

Posted by deepcore under exploit (No Respond)

Ubiquiti Networks UniFi version 3.2.10 suffers from a cross site request forgery vulnerability.

Wireshark Vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow

Posted by deepcore under exploit (No Respond)

A crash can occurs due to a heap-based buffer overflow in the ASAN build of Wireshark (current git master), by feeding a malformed file to tshark.

Linux io_submit L2TP Sendmsg Integer Overflow

Posted by deepcore under exploit (No Respond)

In certain kernel versions it is possible to use the AIO subsystem (io_submit syscall) to pass size values larger than MAX_RW_COUNT to the networking subsystem’s sendmsg implementation. In the L2TP PPP sendmsg implementation, a large size parameter can lead to an integer overflow and kernel heap corruption during socket buffer allocation. This could be exploited […]

Magento 1.9.2.2 RSS Feed Information Disclosure

Posted by deepcore under exploit (No Respond)

Magento versions 1.9.2.2 and below suffer from an information disclosure vulnerability in their RSS feed.

[webapps] – Dell OpenManage Server Administrator 8.2 – Authenticated Directory Traversal

Posted by deepcore under Security (No Respond)

Dell OpenManage Server Administrator 8.2 – Authenticated Directory Traversal

Tags: ,

[webapps] – IBM Lotus Domino <= R8 Password Hash Extraction Exploit

Posted by deepcore under Security (No Respond)

IBM Lotus Domino <= R8 Password Hash Extraction Exploit

Tags: ,

Prezi Bug Bounty #7 – (Charts) Persistent Vulnerability

Posted by deepcore under exploit (No Respond)

GTA WAF GBOS 6.2.02 – Bypass & Persistent Vulnerability

Posted by deepcore under exploit (No Respond)

The Vulnerability Laboratory Research Team discovered an application-side input validation web vulnerability in the official GTA Web Firewall appliance – GB OS v6.2.02.