SCALANCE S602, SCALANCE S612, SCALANCE S623, SCALANCE S627-2M Security Vulnerabilities

Design/Logic Flaw

The web interface in the Manager component in Cisco Unified Computing System (UCS) 1.x and 2.x before 2.0(2m) allows remote attackers to obtain sensitive information by reading a (1) technical-support bundle file or (2) on-device configuration backup, aka Bug ID...

Authentication flaw

Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID...

Siemens SCALANCE W788 Access Point Detection

The Siemens SCALANCE W788 is an Industrial Wireless LAN (IWLAN) access point. IWLAN is an extension of the IEEE 802.11 standard for devices that will be deployed in demanding industrial applications with real-time and redundancy requirements. Siemens provides IWLAN capabilities with its SCALANCE...

Google Announces Pwnium 3, Ups Ante and Offers $3M+ in Rewards

Search giant Google is planning a third iteration of its vulnerability-finding contest, Pwnium. This year’s competition is set to be held alongside next month’s CanSecWest security conference on March 7 in Vancouver, BC. Unlike last year’s inaugural Pwnium, which was parallel to CanSecWest’s older....

Google to Hold Pwnium 2 Contest, Offers $2M in Rewards

Google has been handing out rewards to researchers who discover vulnerabilities in the company’s products and Web properties for several years now, both through its Chrome bug bounty program and its Pwnium contest at this year’s CanSecWest conference. Company officials say that the programs have...

CVE-2012-1802

Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 before 3.7.2 allows remote attackers to cause a denial of service (device reboot) or possibly execute...

CVE-2012-1802

Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 before 3.7.2 allows remote attackers to cause a denial of service (device reboot) or possibly execute...

CVE-2012-1799

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative...

CVE-2012-1800

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a...

CVE-2012-1800

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a...

CVE-2012-1799

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative...

Stack overflow

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a...

Buffer overflow

Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 before 3.7.2 allows remote attackers to cause a denial of service (device reboot) or possibly execute...

Default credentials

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative...

CVE-2012-1799

The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative...

CVE-2012-1800

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a...

CVE-2012-1802

Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 before 3.7.2 allows remote attackers to cause a denial of service (device reboot) or possibly execute...

Manila AT&T hackers linked to 26/11 Mumbai terror attack

Manila AT&T hackers linked to 26/11 Mumbai terror attack Police in the Philippines working with the US Federal Bureau of Investigation have arrested four people over a premium-line phone scam that targeted customers of the American telecommunications giant AT&T to funnel money to a Saudi-based...

ideacms article manage system vulnerability and fix-vulnerability warning-the black bar safety net

'\admin\admin_upfile. asp <% 'Slightly dim folderList,folderNum,i,folderAttr,fileList,fileNum,j,the fileattr -, folder,filedir,filename,lastLevelPath dim dirTemplate : dirTemplate="../Upload" dim path : path=getForm("path","get") : if isNul(path) then path= dirTemplate if left(path,9)<>".....

Cisco Security Advisory: Default Credentials for root Account on the Cisco Media Experience Engine 5600

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Default Credentials for root Account on the Cisco Media Experience Engine 5600 Advisory ID: cisco-sa-20110601-mxe Revision 1.0 For Public Release 2011 June 01 1600 UTC (GMT)...

What the Sony PlayStation Network Attack Can Teach Us About Database Security

Sony’s PlayStation Network was breached between April 17 and April 19 and was taken offline by Sony on April 20. At the time of this writing, the service is still not available and it might not be available until the end of May. Much speculation has ensued on what has actually happened and the...

Google Funds Web Anti Malware Startup Dasient

Google Ventures, the venture capital arm of Google Inc., has invested in anti malware firm Dasient, according to a statement from the company on Monday. Based in Sunnyvale, California, Dasient sells a Web anti malware technology and has deep ties to Google. Co-founders Neil Daswani and Shariq...

Persistent BIOS Infection (Устойчивый BIOS inj)

------[ 0.- Предисловие Уважаемые пользователи, если вы читаете эту статью, мы можем предположить, что вы уже знаете, что такое BIOS и как он работает. Или, по крайней мере, вы имеете общtе представление о том, что делает BIOS, и его значение для нормальной работы компьютера. Основываясь на...

How to extract the broiler residual value-vulnerability warning-the black bar safety net

Often have friends ask me what to give the chickens what's the use? The broiler can do things or a lot of, here I only illustrate some of the things that want to be able to play a topic role. First of all, hands on course to have a preliminary broiler chickens. Broilers obtained in many ways, you.....

How to hack SSS scanning tools-vulnerability warning-the black bar safety net

Recently is really too busy, while the countersunk finishing school to the exchange of network security research topics, while in the online to clean up the malicious website. I love machine follow me were non-stop, no how much rest of time okay my machine is a dual Xeon Server, ha in. One day...

Adobe Flash (Embedded in PDF) LIVE VIRUS/MALWARE Exploit

No description provided by...

Adobe Flash (Embedded in PDF) LIVE VIRUS/MALWARE Exploit

Exploit for unknown platform in category local...

adobealbum-overflow.txt

...

Adobe Album Starter 3.2 Unchecked Local Buffer Overflow Exploit

No description provided by...

Adobe Album Starter 3.2 - Unchecked Local Buffer Overflow

...

Adobe Album Starter 3.2 - Unchecked Local Buffer Overflow

Adobe Album Starter 3.2 - Unchecked Local Buffer...

Adobe Album Starter 3.2 Unchecked Local Buffer Overflow Exploit

Exploit for unknown platform in category local...

Attack BI chat the 1 4 method-vulnerability warning-the black bar safety net

Summary of attack blue chat 1 4 ways １. How in the blue sea Silver sand site(chat room)with the hair background of the word? (^O^believe it is everyone's interest!!!) First look at the example:we are the super invincible curse of the Legion we have the strongest technical The method is as...

Mining access to VNC secure tunneling-vulnerability warning-the black bar safety net

I believe many readers like to use Telnet on the server for remote access, use the Telnet server and the client may also vary, may be Microsoft's Terminal Services or PCAnywhere, etc., I believe most of the users still prefer to VNC this free lunch. But you use VNC at the same time there is no...

DDoS attacks using common tools-vulnerability warning-the black bar safety net

DDoSattack using common tools DDoSattack to implement a certain degree of difficulty, it requires that the attacker must have the invasion of another's computer capabilities. But unfortunately some fool hacker app appears, these programs can be completed within a few seconds of the invasion and...

Break SSS technology blockade-vulnerability warning-the black bar safety net

Recently is really too busy, while the countersunk finishing school to be turned over tothe networkthe security research topic, while in the online to clean up the malicious website. I love machine follow me were non-stop, no how much rest of time okay my machine is a dual Xeon in theservice, ha...

Telnet Banner Reporting

This scripts reports the received banner of a Telnet...

CVE-2003-0190

OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing...

SNMP Query System Information Disclosure

It is possible to obtain the system information about the remote host by sending SNMP requests with the OID 1.3.6.1.2.1.1.1. An attacker may use this information to gain more knowledge about the target...

sc.txt

...

slmail3.txt

...

elf-pv.txt

...

runtime-kernel-kmem-patching.txt

...