!
>> Multiple critical vulnerabilities in Cisco UCS Director, Cisco
Integrated Management Controller Supervisor and Cisco UCS Director
Express for Big Data
>> Discovered by Pedro Ribeiro (ped...@gmail.com) from Agile Informat
://raw.githubusercontent.com/pedrib/PoC/master/advisories/cisco-dcnm-rce.txt
>> Authentication Bypass and Arbitrary File Upload (leading to remote
code execution) on Cisco Data Center Network Manager
>> Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information
Se
ltiple vulnerabilities in Cisco Identity Services Engine
(unauthenticated stored XSS to RCE as root)
>> Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information
Security and Dominik Czarnota (dominik.b.czarn.
://raw.githubusercontent.com/pedrib/PoC/master/advisories/nuuo-cms-ownage.txt
>> Multiple vulnerabilities in NUUO Central Management Server
>> Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information
Security (http://www.agilei
/dlink-hnap-login.txt
Have fun.
Regards,
Pedro
>> Multiple vulnerabilities in Dlink DIR routers HNAP Login function
(multiple routers affected)
>> Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Informat
lities in WebNMS Framework Server 5.2 and 5.2 SP1
>> Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information
Security
==
Disclosure: 04/07/2016 / Last updated: 08/08/2016
>> Background on the affecte
On 04/08/16 17:46, Pedro Ribeiro wrote:
> tl;dr
>
> Lots of RCE, hardcoded credentials, stack buffer overflow and
> information disclosure in the Nuuo NVRmini and other network video
> recorders of the same vendor.
> These vulnerabilities also affect the NETGEAR Surveillanc
Rmini2 / NVRsolo / Crystal devices
and NETGEAR ReadyNAS Surveillance application
>> Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information
Security (http://www.agileinfosec.co.uk/)
==
Disclosure: 04/08/2016 / Last
[A]:
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/novell-service-desk-7.1.0.txt
[B]: https://github.com/rapid7/metasploit-framework/pull/6769
--
>> Multiple vulnerabilities in Novell Service Desk 7.1.0, 7.0.3 and 6.5
>> Discovered by Pedro
/ arbitrary file download in NETGEAR ProSafe
Network Management System NMS300
>> Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information
Security (http://www.agileinfosec.co.uk/)
==
Disclosure: 04/02/2016 / La
in [E3].
Regards,
Pedro Ribeiro
Founder & Director of Research
Agile Information Security
[E1] http://zerodayinitiative.com/advisories/ZDI-15-396/
[E2]
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/ManageEngine/me_sd_file_upload_2.txt
[E3] https://github.com/rapid7/metasp
trator
>> Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information
Security (http://www.agileinfosec.co.uk/)
==
Disclosure: 23/09/2015 / Last updated: 28/09/2015
>> Background on the affected product:
"Kase
On 12 August 2015 at 18:33, Stefan Kanthak stefan.kant...@nexgo.de wrote:
Kevin Beaumont kevin.beaum...@gmail.com wrote:
[...]
Microsoft documented a feature in Windows 8 and above called Windows
Platform Binary Table.
Cf. http://www.acpi.info/links.htm where WPBT is linked to
Administrator
Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
(http://www.agileinfosec.co.uk/)
==
Disclosure: 13/07/2015 / Last updated: 13/07/2015
Background on the affected product:
Kaseya VSA
/pull/5472
https://github.com/rapid7/metasploit-framework/pull/5473
https://github.com/rapid7/metasploit-framework/pull/5474
Multiple vulnerabilities in SysAid Help Desk 14.4
Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
-security, distro-security and
Solar Designer, and will not do it again.
A full copy of the advisory below can be found in my repo at
https://raw.githubusercontent.com/pedrib/PoC/master/generic/i-c-u-fail.txt.
Regards,
Pedro
Heap overflow and integer overflow in ICU library
Discovered by Pedro
hopefully be
accepted soon [2].
Regards,
Pedro
Remote code execution in Novell ZENworks Configuration Management 11.3.1
Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
=
Disclosure: 07/04/2015
,
Applications Manager and IT360
Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
==
Disclosure: 28/01/2014 / Last updated: 28/01/2014
Background on the affected products:
ManageEngine OpManager is a network
On 31 December 2014 at 02:17, Pedro Ribeiro ped...@gmail.com wrote:
Hi,
This is part 10 of the ManageOwnage series. For previous parts, see [1].
This time we have a vulnerability that allows an unauthenticated user
to create an administrator account, which can then be used to execute
code
==
Remote code execution / file upload in ManageEngine ServiceDesk Plus,
AssetExplorer, SupportCenter Plus and IT360
Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
==
Disclosure: 04/01
, and a copy can be obtained from my repo [3].
Regards,
Pedro
Administrator account creation in ManageEngine Desktop Central / Desktop
Central MSP
Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
On 30/11/2014, Pedro Ribeiro ped...@gmail.com wrote:
Hi,
This is part 9 of the ManageOwnage series. For previous parts see [1].
Technical details:
Vulnerability: Arbitrary file download
Constraints: unauthenticated in NetFlow; authenticated in IT360
Affected versions: NetFlow v8.6 to v9.9
Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
==
Disclosure: 30/11/2014 / Last updated: 30/11/2014
Background on the affected product:
NetFlow Analyzer, a complete traffic analytics tool, leverages
,
Pedro
Authenticated blind SQL injection in Password Manager Pro / Pro MSP
Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
==
Disclosure: 08/11/2014 / Last updated: 08/11/2014
Background
, and I have updated the full text advisory in [3].
Regards,
Pedro
Multiple vulnerabilities in ManageEngine OpManager, Social IT Plus and IT360
Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
, and a copy of this
advisory can be found at my repo [4].
Regards,
Pedro
Multiple vulnerabilities in ManageEngine EventLog Analyzer
Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
==
Disclosure: 05/11
by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
=
The application exposes several .NET remoting services on port 9010.
.NET remoting is a RMI technology similar to Java RMI or CORBA which
allows you
module has been submitted
and should be available soon (see pull request
https://github.com/rapid7/metasploit-framework/pull/3903).
Multiple vulnerabilities in ManageEngine OpManager, Social IT Plus and IT360
Discovered by Pedro Ribeiro (ped...@gmail.com), Agile Information Security
to sales saying that technical support never
contacted me back. No response.
08.01.2013 - MITRE assigns CVE-2014-1201 to this issue.
09.01.2013 - Public disclosure.
All references and proof of concept can be under the lorexActivex
folder in the repo at
https://github.com/pedrib/PoC
Regards,
Pedro
29 matches
Mail list logo