VARIoT IoT exploits database

VAR-E-201109-0007	CVE-2011-3280 CVE-2011-3278 CVE-2011-0946 CVE-2011-3279 CVE-2011-3276 CVE-2011-3277	Cisco IOS Network Address Translation Multiple Denial of Service Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-201110-0056, VAR-201110-0258, VAR-201110-0256, VAR-201110-0259, VAR-201110-0257, VAR-201110-0248	No EDB ID

Cisco IOS is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to cause an affected device to reload, denying service to legitimate users. These issues are being tracked by Cisco Bug IDs: CSCtd10712 CSCso02147 CSCti98219 CSCti48483 CSCtj04672 CSCth11006

VAR-E-201109-0262	CVE-2011-0945	Cisco IOS Data-Link Switching Memory Leak Remote Denial of Service Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-201110-0058	No EDB ID

Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCth69364.

VAR-E-201109-0355	CVE-2011-3274 CVE-2011-3282	Cisco IOS IPv6 over MPLS Multiple Denial of Service Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-201110-0250, VAR-201110-0261	No EDB ID

Cisco IOS is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to cause an affected device to reload, denying service to legitimate users. These issues are being tracked by Cisco Bug IDs: CSCto07919 CSCtj30155

VAR-E-201109-0828	CVE-2011-0944	Cisco IOS IPv6 Remote Denial of Service Vulnerablity Related entries in the VARIoT vulnerabilities database: VAR-201110-0059	No EDB ID

Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected devices to reload, denying service to legitimate users. Repeat attacks will result in sustained denial-of-service condition. This issue is tracked by Cisco Bug ID CSCtj41194.

VAR-E-201109-0756	CVE-2011-2072	Cisco IOS and Unified Communications Manager (CVE-2011-2072) Denial of Service Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-201110-0168	No EDB ID

Cisco IOS and Unified Communications Manager are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause an interruption in voice services or cause the affected device to reload, denying service to legitimate users. This issue is tracked by Cisco Bug IDs CSCtl86047 and CSCto8868.

VAR-E-201109-0679	CVE-2011-3275 CVE-2011-0939	Cisco IOS SIP Multiple Denial of Service Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-201110-0262, VAR-201110-0057	No EDB ID

Cisco IOS is prone to multiple remote denial-of-service vulnerabilities that affect the SIP implementation. An attacker can exploit these issues to cause an affected device to reload, denying service to legitimate users. These issues are being tracked by Cisco Bug IDs CSCth03022 and CSCti48504.

VAR-E-201109-0607	CVE-2011-3271	Cisco IOS Smart Install Remote Code Execution Vulnerability Related entries in the VARIoT vulnerabilities database: VAR-201110-0246	No EDB ID

Cisco IOS is prone to a remote code-execution service vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges on affected devices. Successful exploits will completely compromise an affected device. This issue is tracked by Cisco Bug ID CSCto10165.

VAR-E-201109-0444	CVE-2011-3281 CVE-2011-3273	Cisco IOS IPS and Zone-Based Firewall Multiple Denial of Service Vulnerabilities Related entries in the VARIoT vulnerabilities database: VAR-201110-0260, VAR-201110-0249	No EDB ID

Cisco IOS is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to cause an affected device to reload, denying service to legitimate users. These issues are being tracked by Cisco Bug IDs CSCti79848 and CSCto68554.

VAR-E-201109-0008	CVE-2011-4042 CVE-2011-4043 CVE-2011-4044 CVE-2011-4045	PcVue 10.0 - Multiple Vulnerabilities - Windows dos Exploit Related entries in the VARIoT vulnerabilities database: VAR-201204-0093, VAR-201204-0096, VAR-201204-0094, VAR-201204-0095	EDB ID: 17896

PcVue 10.0 - Multiple Vulnerabilities. CVE-2011-4045CVE-2011-4044CVE-2011-4043CVE-2011-4042CVE-77561CVE-75794CVE-75793 . dos exploit for Windows platform

VAR-E-201109-0009	CVE-2011-4044 CVE-2011-4043 CVE-2011-4042 CVE-2011-4045	PcVue 10.0 SV.UIGrdCtrl.1 - 'LoadObject()'/'SaveObject()' Trusted DWORD (Metasploit) - Windows remote Exploit Related entries in the VARIoT vulnerabilities database: VAR-201204-0093, VAR-201204-0096, VAR-201204-0094, VAR-201204-0095	EDB ID: 17975

PcVue 10.0 SV.UIGrdCtrl.1 - 'LoadObject()'/'SaveObject()' Trusted DWORD (Metasploit). CVE-2011-4044CVE-77561 . remote exploit for Windows platform

VAR-E-201109-0609	No CVE	Pantech Link Phones Browser Certificate Verification Security Weakness	No EDB ID

The browser of Pantech Link Phones is prone to a security weakness because it fails to verify SSL certificates presented by a remote server. An attacker can exploit this weakness to masquerade as a legitimate server using a man-in-the-middle attack or to launch other attacks, such as phishing.

VAR-E-201109-0848	No CVE	Cogent Datahub 7.1.1.63 Buffer Overflow	No EDB ID

Cogent Datahub versions 7.1.1.63 and below remote unicode buffer overflow exploit.

VAR-E-201109-0408	No CVE	Rockwell RSLogix 19 Denial Of Service	No EDB ID

Rockwell RSLogix versions 19 and below suffer from a denial of service vulnerability. Proof of concept included.

VAR-E-201109-0646	No CVE	Cogent Datahub 7.1.1.63 Directory Traversal	No EDB ID

Cogent Datahub versions 7.1.1.63 and below suffer from a directory traversal. Proof of concept code included.

VAR-E-201109-0021	CVE-2011-3502 CVE-2011-3500 CVE-2011-3493 CVE-2011-3501	Cogent DataHub 7.1.1.63 - Source Disclosure - Windows webapps Exploit Related entries in the VARIoT vulnerabilities database: VAR-201109-0173, VAR-201109-0172, VAR-201109-0174, VAR-201109-0186	EDB ID: 17840

Cogent DataHub 7.1.1.63 - Source Disclosure. CVE-2011-3502CVE-75574 . webapps exploit for Windows platform

VAR-E-201109-0022	CVE-2011-3493 CVE-2011-3502 CVE-2011-3500 CVE-2011-3501	Cogent DataHub 7.1.1.63 - Stack Overflow - Windows dos Exploit Related entries in the VARIoT vulnerabilities database: VAR-201109-0173, VAR-201109-0172, VAR-201109-0174, VAR-201109-0186	EDB ID: 17838

Cogent DataHub 7.1.1.63 - Stack Overflow. CVE-2011-3493CVE-75570 . dos exploit for Windows platform

VAR-E-201109-0019	CVE-2011-3493 CVE-2011-3502 CVE-2011-3500 CVE-2011-3501	Cogent Datahub 7.1.1.63 - Remote Unicode Buffer Overflow - Windows remote Exploit Related entries in the VARIoT vulnerabilities database: VAR-201109-0173, VAR-201109-0172, VAR-201109-0174, VAR-201109-0186	EDB ID: 17884

Cogent Datahub 7.1.1.63 - Remote Unicode Buffer Overflow. CVE-2011-3493CVE-75570 . remote exploit for Windows platform

VAR-E-201109-0020	CVE-2011-3501 CVE-2011-3502 CVE-2011-3500 CVE-2011-3493	Cogent DataHub 7.1.1.63 - Integer Overflow - Windows dos Exploit Related entries in the VARIoT vulnerabilities database: VAR-201109-0173, VAR-201109-0172, VAR-201109-0174, VAR-201109-0186	EDB ID: 17839

Cogent DataHub 7.1.1.63 - Integer Overflow. CVE-2011-3501CVE-75573 . dos exploit for Windows platform

VAR-E-201109-0023	CVE-2011-3486	Beckhoff TwinCAT 2.11.0.2004 - Denial of Service - Windows dos Exploit Related entries in the VARIoT vulnerabilities database: VAR-201109-0179	EDB ID: 17835

Beckhoff TwinCAT 2.11.0.2004 - Denial of Service. CVE-2011-3486CVE-75495 . dos exploit for Windows platform

VAR-E-201109-0336	CVE-2011-3491 CVE-2011-3499 CVE-2011-3498	progea movicon / powerhmi 11.2.1085 - Multiple Vulnerabilities - Windows dos Exploit Related entries in the VARIoT vulnerabilities database: VAR-201109-0170, VAR-201109-0171, VAR-201109-0184	EDB ID: 17842

progea movicon / powerhmi 11.2.1085 - Multiple Vulnerabilities. CVE-2011-3499CVE-2011-3498CVE-2011-3491CVE-75494CVE-75493CVE-75492CVE-75491 . dos exploit for Windows platform