ProCaster LE-32F430 SmartTV RCE via libsoup/2.51.3 stack overflow (CVE-2017-2885)

Posted by def on Dec 04#!/bin/sh # ProCaster LE-32F430 (NotSo)SmartTV remote code execution exploit through # GStreamer souphttpsrc libsoup/2.51.3 HTTP stack overflow (CVE-2017-2885) # ~ def <def () huumeet info> 2020-02-15 ................. 850day exploit lol # Exploit payload: ret2libc system() nc reverse shell with a clean exit()...

16h

New BlackArch Linux ISOs + OVA Image released!

Posted by Black Arch on Dec 04Dear list, We've released new BlackArch Linux ISOs and OVA image (version 2020.12.01). Many improvements and QA went through all packages and tools Blackarch Linux offers! For details see the ChangeLog below. The BlackArch repository, Full-ISO and OVA image include more than 2600 tools now. The aarch64 repository...

16h

Bundeswehr VDPBw 50+ reported vulnerabilities

Posted by Vulnerability Lab on Dec 03Department: Bundeswehr - CIR Title: Over 50 reported weaknesses - a first conclusion on the VDPBwVulnerability Disclosure Policy of the Bundeswehr --- Date: 2020-12-03 Location: Bonn (Germany) Reading Time: 5 min --- Over 50 reported weaknesses - a first conclusion on the VDPBwVulnerability...

1d

Re: Etherify 4 - jumping air gaps with real ethernet hardware

Posted by Dave Horsfall on Dec 01I'm impressed, but for all the wrong reasons :-) -- Dave VK2KFU

3d

scikit-learn 0.23.2 Local Denial of Service

Posted by pabloec20 on Nov 30[Description] svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service (segmentation fault) via a crafted model SVM (introduced via pickle, json, or any other model permanence technique) with a large value in the _n_support...

4d

Etherify 4 - jumping air gaps with real ethernet hardware

Posted by Jacek Lipkowski on Nov 30Hello, Another amusing etherify hack, this time not with raspberry pis, but with normal laptops. The implementation is deliberately very primitive (shell scripts, uses native system tools). The data is transmitted via very slow morse code (QRSS CW), which can be decoded visually on a spectrogam....

4d

SEC Consult SA-20201123-0 :: Multiple Vulnerabilities in ZTE WLAN router MF253V

Posted by SEC Consult Vulnerability Lab on Nov 23SEC Consult Vulnerability Lab Security Advisory < 20201123-0 > ======================================================================= title: Multiple Vulnerabilities product: ZTE WLAN router MF253V vulnerable version: V1.0.0B04 fixed version: V1.0.0B05...

2w

CA20201116-01: Security Notice for CA Unified Infrastructure Management

Posted by Ken Williams via Fulldisclosure on Nov 23CA20201116-01: Security Notice for CA Unified Infrastructure Management Issued: November 16th, 2020 Last Updated: November 16th, 2020 CA Technologies, A Broadcom Company, is alerting customers to a vulnerability in CA Unified Infrastructure Management. A vulnerability exists that can...

2w

KL-001-2020-009 : Barco wePresent Insecure Firmware Image

Posted by KoreLogic Disclosures via Fulldisclosure on Nov 20KL-001-2020-009 : Barco wePresent Insecure Firmware Image Title: Barco wePresent Insecure Firmware Image Advisory ID: KL-001-2020-009 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-009.txt 1. Vulnerability Details     ...

2w

KL-001-2020-008 : Barco wePresent Global Hardcoded Root SSH Password

Posted by KoreLogic Disclosures via Fulldisclosure on Nov 20KL-001-2020-008 : Barco wePresent Global Hardcoded Root SSH Password Title: Barco wePresent Global Hardcoded Root SSH Password Advisory ID: KL-001-2020-008 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-008.txt 1. Vulnerability...

2w