Riorey RIOS Hardocded Password
Riorey DDoS mitigation appliances suffer from a very poor design vulnerability where they have a hardcoded root login and password for automation. Fail!
View ArticlePHP Socket connect() Stack Buffer Overflow
PHP socket connect() stack buffer overflow proof of concept code.
View ArticleApache 2.4.x mod_proxy Denial Of Service
Apache versions 2.4.x prior to 2.4.10 suffer from a denial of service condition when mod_proxy is in use.
View ArticleFreeBSD Security Advisory - IGMP Integer Overflow
FreeBSD Security Advisory - An integer overflow in computing the size of IGMPv3 data buffer can result in a buffer which is too small for the requested operation. An attacker who can send specifically...
View ArticleVarnish Cache 4.03 Buffer Overflow
Varnish Cache version 4.0.3 suffers from a buffer overflow vulnerability.
View ArticleFreeBSD Security Advisory - IGMP Integer Overflow
FreeBSD Security Advisory - An integer overflow in computing the size of IGMPv3 data buffer can result in a buffer which is too small for the requested operation. An attacker who can send specifically...
View ArticleA Tale of openssl_seal(), PHP, and Apache2handle
openssl_seal() is prone to use uninitialized memory that can be turned into a code execution. This document describes technical details of the journey to hijack apache2 requests. It is a very well...
View Article
