CVE-2011-5325

Related Files

WAGO 852 Industrial Managed Switch Series Code Execution / Hardcoded Credentials

Posted Jun 13, 2019

Authored by T. Weber | Site sec-consult.com

The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector.

tags | exploit, vulnerability

advisories | CVE-2010-0296, CVE-2010-3856, CVE-2011-2716, CVE-2011-5325, CVE-2012-4412, CVE-2013-1813, CVE-2014-4043, CVE-2014-9402, CVE-2014-9761, CVE-2014-9984, CVE-2015-0235, CVE-2015-1472, CVE-2015-9261, CVE-2016-2147, CVE-2016-2148, CVE-2016-6301, CVE-2019-12550

SHA-256 | 5c8f473ce950d3d7fc4a502cd31cbb68d69766f0ee3d50da6ac20921262a4c65

Download | Favorite | View

Ubuntu Security Notice USN-3935-1

Posted Apr 3, 2019

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3935-1 - Tyler Hicks discovered that BusyBox incorrectly handled symlinks inside tar archives. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could overwrite arbitrary files outside of the current directory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Mathias Krause discovered that BusyBox incorrectly handled kernel module loading restrictions. A local attacker could possibly use this issue to bypass intended restrictions. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote, arbitrary, kernel, local

systems | linux, ubuntu

advisories | CVE-2011-5325, CVE-2014-9645, CVE-2015-9261, CVE-2016-2147, CVE-2016-2148, CVE-2017-15873, CVE-2017-16544, CVE-2018-1000517, CVE-2018-20679

SHA-256 | d04293581994ba012e305b667f533a43f91c013c6da677eff4fa9c29ace725ff

Download | Favorite | View