Ubuntu Security Notice USN-6818-3
Ubuntu Security Notice 6818-3 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A...
View ArticleUbuntu Security Notice USN-6818-4
Ubuntu Security Notice 6818-4 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A...
View ArticleUbuntu Security Notice USN-6819-4
Ubuntu Security Notice 6819-4 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A...
View ArticleRed Hat Security Advisory 2024-4126-03
Red Hat Security Advisory 2024-4126-03 - This is release 1.4 of the container images for Red Hat Service Interconnect. Red Hat Service Interconnect 1.4 introduces a service network, linking TCP and...
View ArticleGNUnet P2P Framework 0.21.2
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer...
View ArticleUbuntu Security Notice USN-6909-1
Ubuntu Security Notice 6909-1 - It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue to cause Bind to become unstable,...
View ArticleCalibre 7.15.0 Python Code Injection
This Metasploit module exploits a Python code injection vulnerability in the Content Server component of Calibre version 6.9.0 through 7.15.0. Once enabled (disabled by default), it will listen in its...
View ArticleDiCal-RED 4009 Missing Authentication
DiCal-RED version 4009 provides a Telnet service on TCP port 23. This service grants access to an interactive shell as the system's root user and does not require authentication.
View ArticleDiCal-RED 4009 Missing Authentication
DiCal-RED version 4009 provides an FTP service on TCP port 21. This service allows anonymous access, i.e. logging in as the user "anonymous" with an arbitrary password. Anonymous users get read access...
View ArticleDiCal-RED 4009 Information Disclosure
DiCal-RED version 4009 provides a network server on TCP port 2101. This service does not seem to process any input, but it regularly sends data to connected clients. This includes operation messages...
View ArticleGNUnet P2P Framework 0.22.0
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer...
View Article7-Technologies IGSS 9 IGSSdataServer.exe Denial Of Service
The 7-Technologies SCADA IGSS Data Server (IGSSdataServer.exe) versions 9.0.0.10306 and below can be brought down by sending a crafted TCP packet to port 12401.
View ArticleApache mod_isapi Dangling Pointer
This Metasploit module triggers a use-after-free vulnerability in the Apache Software Foundation mod_isapi extension for versions 2.2.14 and earlier. In order to reach the vulnerable code, the target...
View ArticleJuniper JunOS Malformed TCP Option
This Metasploit module exploits a denial of service vulnerability in Juniper Networks JunOS router operating system. By sending a TCP packet with TCP option 101 set, an attacker can cause an affected...
View ArticleApache ZooKeeper Information Disclosure
Apache ZooKeeper server service runs on TCP 2181 and by default, it is accessible without any authentication. This Metasploit module targets Apache ZooKeeper service instances to extract information...
View ArticleCheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure
This Metasploit module sends a query to the port 264/TCP on CheckPoint Firewall-1 firewalls to obtain the firewall name and management station (such as SmartCenter) name via a pre-authentication...
View ArticleWPAD.dat File Server
This Metasploit module generates a valid wpad.dat file for WPAD mitm attacks. Usually this module is used in combination with DNS attacks or the NetBIOS Name Service Spoofer module. Please remember as...
View ArticlePhoenixContact PLC Remote START/STOP Command
PhoenixContact Programmable Logic Controllers are built upon a variant of ProConOS. Communicating using a proprietary protocol over ports TCP/1962 and TCP/41100 or TCP/20547. It allows a remote user to...
View ArticleNetgear R6700v3 Unauthenticated LAN Admin Password Reset
This Metasploit module targets ZDI-20-704 (aka CVE-2020-10924), a buffer overflow vulnerability in the UPNP daemon (/usr/sbin/upnpd), on Netgear R6700v3 routers running firmware versions from V1.0.2.62...
View Article