Axessh will crash after receiving a overly long payload of junk.
SweetRice 1.5.1 is vulnerable to Local File Inclusion (LFI) vulnerability. An attacker can exploit this vulnerability to gain access to sensitive files on the server. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'file' parameter in the '_get_file' action of the 'plugin' parameter in the 'as' module. An attacker can send a specially crafted HTTP request containing directory traversal sequences (e.g. '../') to download arbitrary files from the server.
This exploit is related to the CVE-2018-1000115 vulnerability in Memcached. This vulnerability allows an attacker to bypass the authentication process of Memcached and gain access to the server. The exploit is written in Python and uses a socket connection to send a specially crafted packet to the server. The packet contains a MEMCACHED_REQUEST_MAGIC, OPCODE_SET, key_len, body_len, and a payload of 1000 bytes. Upon receiving the packet, the server will respond with a confirmation message.
This exploit is a buffer overflow vulnerability in the Memcached add request. It allows an attacker to send a maliciously crafted add request to the server, which can cause a denial of service or potentially allow arbitrary code execution.
This exploit is a proof-of-concept code for a buffer overflow vulnerability in Memcached. The vulnerability is triggered when a maliciously crafted packet is sent to the server, which causes the server to crash. The packet contains a key length of 0xfa, an extra length of 0x00, a data type of 0x00, a vbucket of 0x0000, a body length of 0, an opaque of 0, a CAS of 0, and a body of 1024 bytes of 'A's. The exploit is written in Python and uses the socket library to send the malicious packet to the server.
There is a Remote Command Execution ailment in this IDE, if a user of this IDE is running the internal debug server listening on localhost port 89 and they open a link or visit a malicious webpage then remote attackers can execute arbitrary commands on the victims system.
WinaXe v7.7 FTP client is subject to MULTIPLE remote buffer overflow vectors when connecting to a malicious FTP Server and receiving overly long payloads in the command response from the remote server. An attacker can exploit this vulnerability by sending a specially crafted payload to the vulnerable application when connecting to a malicious FTP server.
SweetRice 1.5.1 is vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulnerability to execute arbitrary SQL commands and transfer files to the web server. The first exploit sends a POST request with a malicious SQL command to the vulnerable application. The second exploit sends a GET request with a malicious file name to the vulnerable application.
An attacker would need to get a target user to open a specially crafted webpage. As far as can be determined, disabling JavaScript should prevent an attacker from triggering the vulnerable code path.
This exploit uses the LsSystemRestore.sh script to disclose the current configuration, that is then leveraged to gain access to exploitable APIs in the admin portal which allow arbitrary command injection, then uses a local privilege escalation bug to execute the payload as root. This will work as long as port 443 is open on the phone, Lifesize support should recommend that the power and ethernet cables are disconnected from the device to ensure it remains secure.
Services By CQR