Posts by: Maurizio Agazzini (aka inode)
CVE-2016-8919 – IBM WebSphere deserialization of untrusted data
IBM WebSphere deserialization of untrusted data: http://lab.mediaservice.net/advisory/2016-03-websphere.txt [crayon-5da7d890773dd286777076/]
CVE-2016-7065 – Red Hat JBoss EAP deserialization of untrusted data
Red Hat JBoss EAP deserialization of untrusted data Advisory URL: http://lab.mediaservice.net/advisory/2016-05-jboss.txt [crayon-5da7d89077a4d342632289/]
CVE-2016-5983 – IBM WebSphere deserialization of untrusted data
IBM WebSphere deserialization of untrusted data Advisory url: http://lab.mediaservice.net/advisory/2016-02-websphere.txt [crayon-5da7d89077d1f607500792/]
McAfee VirusScan Enterprise security restrictions bypass
McAfee VirusScan Enterprise security restrictions bypass Advisory URL: http://lab.mediaservice.net/advisory/2016-01-mcafee.txt [crayon-5da7d89077f8a202215537/]
VPN Brute forcer
vpnc-brute is a modified version of the VPNC client (https://www.unix-ag.uni-kl.de/~massar/vpnc/) that add capabilities to automatically check a combination of user and password . The source code has been patched to…
Windows To Go on USB 3.0 controllers
Some days ago we decided to test Windows To Go. After installing Windows 8.1 on a Sandisk Extreme USB 3.0 64 GB key we incurred into a problem. The system…
HP System Management Homepage JustGetSNMPQueue Command Injection without Metasploit
Some days ago we tried to use the "exploit/multi/http/hp_sys_mgmt_exec" Metasploit module on one of our targets. The host was vulnerable but a Meterpreter session was not opened: [crayon-5da7d890781fb963577297/] After some…
McAfee Virus Scan Enterprise password hashing demystified
McAfee Virus Scan Enterprise has a feature to protect settings modification from server admins by setting a password. This password is stored into registry, before version 8.8 the hash of…