VARIoT IoT exploits database

Affected products: vendor, model and version
Type can be e.g: Remote Code Execution or Denial of Service
Look up free text in title and description

VAR-E-200308-0176 No CVE Cisco IOS 10/11/12 - UDP Echo Service Memory Disclosure - Hardware dos Exploit EDB ID: 22978
Cisco IOS 10/11/12 - UDP Echo Service Memory Disclosure. CVE-2352 . dos exploit for Hardware platform
VAR-E-200307-0238 No CVE Cisco IOS 2GB HTTP GET Buffer Overflow Vulnerability No EDB ID
The HTTP server on Cisco IOS devices is prone to a buffer overrun that can be triggered by sending 2GB of data. This may be exploited to execute arbitrary code on a vulnerable device.
VAR-E-200307-0193 CVE-2003-0567
Cisco IOS - using hping Remote Denial of Service - Hardware dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-200308-0206
EDB ID: 62
Cisco IOS - using hping Remote Denial of Service. CVE-2325CVE-2003-0567 . dos exploit for Hardware platform
VAR-E-200307-0192 CVE-2003-0567
Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service - Hardware dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-200308-0206
EDB ID: 60
Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service. CVE-2325CVE-2003-0567 . dos exploit for Hardware platform
VAR-E-200307-0191 CVE-2003-0567
Cisco IOS - IPv4 Packets Denial of Service - Hardware dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-200308-0206
EDB ID: 59
Cisco IOS - IPv4 Packets Denial of Service. CVE-2325CVE-2003-0567 . dos exploit for Hardware platform
VAR-E-200307-0134 No CVE Cisco Catalyst Non-Standard TCP Flags Remote Denial Of Service Vulnerability No EDB ID
A problem with Cisco Catalyst switches has been reported in the handling of non-standard TCP packets. Because of this, an attacker may be able to deny legitimate user access to the switch.
VAR-E-200305-0078 No CVE D-Link DI-704P - Syslog.HTM Denial of Service - Hardware dos Exploit EDB ID: 22647
D-Link DI-704P - Syslog.HTM Denial of Service.. dos exploit for Hardware platform
VAR-E-200305-0058 No CVE Cisco IOS Service Assurance Agent Malformed Packet Denial Of Service Vulnerability No EDB ID
It has been reported that Cisco IOS is vulnerable to an issue in handling Service Assurance Agent (previously called Response Time Reporter, or RTR) packets. Because of this, a remote user may be able to cause the router to become unstable and crash.
VAR-E-200303-0114 No CVE Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service - Hardware dos Exploit EDB ID: 22407
Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service. CVE-55304 . dos exploit for Hardware platform
VAR-E-200303-0183 CVE-2003-0131
OpenSSL Bad Version Oracle Side Channel Attack Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-200303-0118
No EDB ID
A problem with OpenSSL may leak sensitive information. A user could abuse the response of vulnerable servers to act as an oracle. By sending a large number of adaptive attacks, the possibility exists for a remote user to create a choice of ciphertext encrypted with the private key of the server.
VAR-E-200303-0184 CVE-2003-0147
OpenSSL Timing Attack RSA Private Key Information Disclosure Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-200303-0010
No EDB ID
A side-channel attack in the OpenSSL implementation has been published in a recent paper that may ultimately result in an active adversary gaining the RSA private key of a target server. The attack involves analysis of the timing of certain operations during client-server session key negotiation. Through this attack, it may be possible for a malicious client to discover the RSA private key of a server using the vulnerable software.
VAR-E-200303-0025 CVE-2003-0150
CVE-2016-5195
CVE-2016-6662
MySQL 3.23.x - 'mysqld' Local Privilege Escalation - Linux local Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201611-0386
EDB ID: 22340
MySQL 3.23.x - 'mysqld' Local Privilege Escalation. CVE-2003-0150CVE-9909 . local exploit for Linux platform
VAR-E-200303-0035 CVE-2002-1337
Sendmail 8.12.x - Header Processing Buffer Overflow (2) - Unix remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-200303-0122
EDB ID: 22314
Sendmail 8.12.x - Header Processing Buffer Overflow (2). CVE-2002-1337CVE-4502 . remote exploit for Unix platform
VAR-E-200303-0036 CVE-2002-1337
Sendmail 8.12.x - Header Processing Buffer Overflow (1) - Unix remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-200303-0122
EDB ID: 22313
Sendmail 8.12.x - Header Processing Buffer Overflow (1). CVE-2002-1337CVE-4502 . remote exploit for Unix platform
VAR-E-200302-0118 No CVE Axis Communications Video Server 2.x - 'Command.cgi' File Creation - CGI remote Exploit EDB ID: 22311
Axis Communications Video Server 2.x - 'Command.cgi' File Creation.. remote exploit for CGI platform
VAR-E-200302-0154 No CVE Multiple Vendor Session Initiation Protocol Vulnerabilities No EDB ID
The Oulu University Secure Programming Group has reported numerous vulnerabilities in Session Initiation Protocol (SIP) implementations. These issues may be exploited to cause a denial of services in devices which implement the protocol. It has also been reported that unauthorized access to devices may occur under some circumstances. These issues are related to handling of SIP INVITE messages. Exploitation and the specific nature of each vulnerability may depend on the particular implementation.
VAR-E-200302-0065 CVE-2003-0100
Cisco IOS 11/12 - OSPF Neighbor Buffer Overflow - Hardware remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-200303-0056
EDB ID: 22271
Cisco IOS 11/12 - OSPF Neighbor Buffer Overflow. CVE-2003-0100CVE-6455 . remote exploit for Hardware platform
VAR-E-200212-0151 No CVE Axis Embedded Device Authentication Buffer Overflow Vulnerability No EDB ID
Axis Network Cameras, Video Servers, and Network Digital Video Recorders contain an unchecked buffer in the authentication code of their embedded web server. Exploitation may result in a denial of service or potential execution of arbitrary code.
VAR-E-200212-0108 No CVE Cisco OSM Line Cards Denial Of Service Vulnerability No EDB ID
A vulnerability has been discovered in OSM Line Cards when installed in various Cisco devices. Cisco has reported that a denial of service may occur when processing an irregularly constructed network packet. Exploitation of this issue will cause the Cisco device to no longer forward legitimate packets. Precise technical details regarding this vulnerability are not yet known. This BID will be updated as further information becomes available.
VAR-E-200209-0086 No CVE Cisco IP Phone 7960 Unsigned Content Weakness No EDB ID
The Cisco IP Phone 7960 uses TFTP (Trivial File Transfer Protocol) to download firmware images and configuration files. TFTP does not provide authentication. Firmware images are not signed, so there is no way for a client to determine that firmware is authentic. Firmware images with a higher version number are trusted by the vulnerable devices and will be retrieved and installed automatically when the devices are booted. This process is done transparently, without any user interaction. If the attacker can compromise the TFTP server, then it is possible to cause malicious firmware to be installed in vulnerable devices. It is also possible to exploit this weakness if the attacker has control over a server which appears to the device to be the authentic TFTP server. It is also theoretically possible for an attacker to substitute a malicious configuration file by exploiting this weakness.