«
Expand/Collapse
249 items tagged "control"
Related tags:
s system [+],
realtek [+],
proof of concept [+],
hackaday [+],
control panel 1 [+],
control panel [+],
access control list [+],
vulnerabilities [+],
remote control [+],
multiple [+],
memory corruption [+],
forgery [+],
device [+],
application [+],
zero day [+],
security [+],
panel version [+],
panel [+],
ntr [+],
digital [+],
control replication [+],
application control [+],
access control system [+],
hacks [+],
version [+],
system [+],
sophos [+],
service [+],
robots [+],
netop [+],
misc [+],
links [+],
home [+],
code [+],
based buffer overflow [+],
barracuda [+],
arbitrary code [+],
android [+],
access control [+],
sr6 [+],
sap [+],
micro control [+],
micro [+],
manager [+],
lumension [+],
linux [+],
endpoint [+],
denial of service [+],
command execution [+],
cisco security [+],
buffer overflow vulnerability [+],
attackers [+],
attacker [+],
Wireless [+],
vulnerability [+],
zdi [+],
x stack [+],
whmcs [+],
webhmi [+],
web control [+],
web [+],
vpn client [+],
vpn [+],
voxsmart [+],
voxrecord [+],
voice control [+],
virtual [+],
version 6 [+],
trend [+],
traffic [+],
third party [+],
sunway [+],
stack overflow [+],
stack buffer [+],
sql [+],
sophos endpoint security [+],
session hijacking [+],
seh [+],
sap gui [+],
role based access control [+],
robotic arm [+],
robot [+],
realtek hd audio control panel [+],
radio [+],
privilege escalation vulnerability [+],
potential security vulnerability [+],
plesk [+],
phplist [+],
performance [+],
novell iprint [+],
novell [+],
microsoft [+],
memory address [+],
machine management [+],
lsp [+],
kinect [+],
iprint [+],
input validation [+],
information leakage [+],
ileys [+],
iconics [+],
hand [+],
genesis32 [+],
force [+],
exe component [+],
early november [+],
dvrobot [+],
control versions [+],
control scada [+],
control performance [+],
client [+],
cisco security advisory [+],
cisco anyconnect [+],
center [+],
cellphones [+],
bugtraq [+],
buffer overflows [+],
buffer [+],
bluetooth [+],
authentication methods [+],
arbitrary value [+],
arbitrary files [+],
air traffic control [+],
air [+],
aiocp [+],
advance notification [+],
advance [+],
ARM [+],
xosoft [+],
wii [+],
whitepaper [+],
webapps [+],
viscom [+],
user access control [+],
usb [+],
uac [+],
txt [+],
trident [+],
transportation [+],
transmitter [+],
tool [+],
tabular [+],
string copy [+],
sql injection [+],
speech control [+],
sound [+],
siemens [+],
service vulnerability [+],
sandbox [+],
power [+],
phone [+],
peripherals [+],
nokia n900 [+],
mind [+],
microcontrollers [+],
metasploit [+],
manager. user [+],
manager caslogdirectinserthandler [+],
malware [+],
malformed requests [+],
local privilege escalation [+],
linux kernel [+],
led [+],
kunkel [+],
joris [+],
insecurity [+],
information disclosure [+],
hosting [+],
flow data [+],
exploits [+],
entertainment [+],
engine [+],
easy [+],
drupal [+],
dovecot [+],
day [+],
cross application [+],
cross [+],
control microsoft [+],
cnc [+],
cisco network [+],
cameras [+],
camera [+],
ca xosoft [+],
babylon online dictionary [+],
aslr [+],
apple sandbox [+],
analog control [+],
advisory [+],
adobe download manager [+],
administrative authentication [+],
ace application [+],
accelerometer [+],
absolute path name [+],
Software [+],
activex [+],
zac franken [+],
xylophones [+],
xbox game [+],
xbox controller [+],
xbox 360 [+],
xbox [+],
xbee [+],
wireless headset [+],
wiper [+],
winphone [+],
windows pcs [+],
wii remote [+],
wii nunchuck [+],
whmcompletesolution [+],
white balance [+],
wei chen [+],
web access [+],
warszawa [+],
want [+],
volume [+],
voltage [+],
vladimir [+],
visual diff [+],
virtual machine [+],
video stream [+],
video playlist [+],
video [+],
vegetable gardener [+],
vegetable [+],
usa [+],
uri uninitialized [+],
unit [+],
uninitialized pointer [+],
ultra [+],
uc applications [+],
twitter [+],
tv remotes [+],
tv b gone [+],
tutorial [+],
trial and error [+],
trevor [+],
trendmicro [+],
trend micro [+],
translator james [+],
transistor control [+],
transistor [+],
trackball [+],
touchosc [+],
toaster oven [+],
tiny circuit board [+],
tidigino [+],
thermistors [+],
theater [+],
temperature [+],
telemetry data [+],
telemetry [+],
technologie [+],
system flaws [+],
surrender control [+],
strengths [+],
stock controller [+],
stereo receiver [+],
stereo amplifier [+],
stereo [+],
steerable [+],
station [+],
spindel [+],
sphero [+],
spent three [+],
speed [+],
speaker [+],
space station [+],
source [+],
sound speakers [+],
smartphone [+],
slew [+],
skincrafter [+],
simulator [+],
simulations [+],
simple [+],
silvio cesare [+],
silvio [+],
shutter speed [+],
show [+],
shelf solution [+],
shawn [+],
setup [+],
session initiation protocol [+],
servo motors [+],
servo motor [+],
servo control [+],
servo [+],
server migration [+],
server [+],
sequencer [+],
sensor [+],
security vulnerabilities [+],
security holes [+],
sebastian [+],
scrap yard [+],
scott [+],
sccp [+],
sanctuary [+],
rocket [+],
robotic hand [+],
robot arm [+],
robertson [+],
rikard lindstrm [+],
rich [+],
rhapsody [+],
rgb leds [+],
rgb [+],
reverse engineering [+],
repository manager [+],
repository [+],
remote control car [+],
reflow [+],
rechargeable nimh [+],
receivers [+],
receiver module [+],
receiver board [+],
receiver [+],
rear axel [+],
realplayer [+],
rc plane [+],
rational [+],
radius authentication [+],
radio dial [+],
quot [+],
quite some time [+],
quartzo [+],
quadcopter [+],
qr code [+],
pua [+],
prototyping [+],
protocol [+],
promotic [+],
project [+],
privilege elevation [+],
print [+],
power plants [+],
power management [+],
power conversion [+],
playstation controller [+],
playstation [+],
playlist [+],
play station 3 [+],
play station [+],
place [+],
pizza crust [+],
pizza [+],
pickit [+],
pic 18f452 [+],
physical security [+],
phone button [+],
performance automobile [+],
penetration [+],
pc. it [+],
patrick [+],
patches [+],
party apps [+],
parallel inputs [+],
own pizza [+],
own computer [+],
owen [+],
overflow [+],
oven [+],
osrc [+],
oscarcelma [+],
osc [+],
oracle enterprise manager [+],
oracle [+],
optical drives [+],
open source hardware [+],
open [+],
one of those guys [+],
office [+],
nunchuck [+],
number crunching [+],
notification [+],
nokia [+],
ngs [+],
news [+],
new delhi [+],
network communication systems [+],
network address translation [+],
network access control [+],
netgear [+],
nat skinny [+],
nat [+],
nasa [+],
musical [+],
music player [+],
mountainboard [+],
motorized blinds [+],
motorized [+],
motor [+],
motion control [+],
motion [+],
modular platform [+],
model rocket [+],
mobile control [+],
mobile [+],
miro [+],
mindwave [+],
mind control [+],
mill [+],
mileage [+],
mike spindel [+],
mike rankin [+],
microsoft works 7 [+],
microcontroller programming [+],
microcontroller [+],
message control [+],
message [+],
mathieu [+],
martin [+],
marcus [+],
manager casprocessor [+],
malaysia [+],
mains power [+],
lord [+],
local science [+],
livingroom [+],
little bug [+],
lithium ion batteries [+],
linux box [+],
liam [+],
lens [+],
leds [+],
led driver circuit [+],
led driver [+],
lcd screen [+],
launchpad [+],
laser light show [+],
laser cutter [+],
laser cut [+],
laser [+],
laptop [+],
landi [+],
lamp [+],
krasnow [+],
junk pile [+],
joshua [+],
jammer [+],
james [+],
jad [+],
iron phosphate [+],
ir sensor [+],
ir repeaters [+],
ir module [+],
ir commands [+],
ios [+],
intro [+],
internet [+],
interface [+],
interapp [+],
integrated circuits [+],
integer overflow [+],
infrared remote control [+],
infrared light [+],
infrared leds [+],
incoming signal [+],
illinois campus [+],
ikea [+],
iguard [+],
hz hum [+],
hybrid control [+],
htc phone [+],
hpediag [+],
hp version [+],
hone [+],
homebrew [+],
home theater setups [+],
hitachi [+],
heat sink [+],
heap [+],
hardware work [+],
hardware version [+],
hand assembly [+],
hackers [+],
hack in the box [+],
h. smeitink [+],
guru tegh bahadur [+],
guimaraes [+],
guido landi [+],
guido [+],
guide [+],
gsm [+],
grinberg [+],
grid control [+],
green [+],
great [+],
graphical interface [+],
graphic lcd [+],
gnu linux [+],
glcd [+],
glare [+],
gijs [+],
gfs [+],
gesture [+],
gardening [+],
gap [+],
gaming device [+],
gaming [+],
game control [+],
game [+],
galvanometers [+],
fm radio receiver [+],
fly [+],
flow [+],
first [+],
fingertips [+],
finally [+],
feedback panel [+],
february [+],
fbi [+],
fan [+],
expanding [+],
exercise [+],
everything [+],
evalbot [+],
ethernet [+],
eric schmiedl [+],
eric gregori [+],
eric [+],
enterprise [+],
engineering [+],
engineer [+],
endpoint security [+],
electronic speed control [+],
electronic hobby [+],
electronic [+],
electric [+],
eberhard [+],
ebay [+],
dvbsexecall [+],
dslr [+],
drudgery [+],
door [+],
doodads [+],
don bailey [+],
domino web [+],
doj [+],
dmitry [+],
dll [+],
dldrv [+],
diy [+],
digital volume control [+],
digital to analog converter [+],
digital analog converter [+],
desktop antivirus [+],
denial of service dos [+],
degree panoramas [+],
decode [+],
dc motors [+],
dc motor control [+],
datev base [+],
database control [+],
darrell taylor [+],
danny bertner [+],
cypherbot [+],
csrf [+],
cs code [+],
crystal reports [+],
critical systems [+],
cooling fan [+],
controller [+],
control voltage [+],
control transmitter [+],
control signals [+],
control server [+],
control scheme [+],
control purposes [+],
control pad [+],
control interface [+],
control input [+],
control flow graphs [+],
control feature [+],
control circuits [+],
control circuitry [+],
control 1 [+],
computerized numerical control [+],
computer control [+],
computer [+],
complete control [+],
communications protocol [+],
collision prevention [+],
collision avoidance [+],
collective brainpower [+],
code encryption [+],
cnc control [+],
clever folks [+],
classic [+],
cisco secure [+],
cisco ios software [+],
cisco ios device [+],
cisco ios [+],
cisco bugs [+],
cisco [+],
circuitry [+],
christopher [+],
chopper [+],
chen [+],
chemviewx [+],
chair [+],
celma [+],
canon eos lenses [+],
canon eos [+],
camera lenses [+],
building [+],
bug [+],
brushless dc motors [+],
bristlebot [+],
bremster [+],
boris landoni [+],
boris [+],
bobbie [+],
board [+],
black hat [+],
bit [+],
biometric access control [+],
bill porter [+],
bill [+],
bezels [+],
ben krasnow [+],
beginner [+],
beefs [+],
bdl [+],
basic stamp 2 [+],
barcode [+],
backup batteries [+],
authentication software [+],
authentication [+],
attitude control system [+],
attitude [+],
attacking [+],
apple ios [+],
animatronic head [+],
animatronic [+],
andrzej [+],
andres guzman [+],
analog voltage [+],
analog sticks [+],
amplifier [+],
allen [+],
ah battery [+],
admission control [+],
admission [+],
ace [+],
access road [+],
access control systems [+],
Release [+],
Hardware [+],
9v battery [+],
buffer overflow [+],
access [+],
code execution [+],
activex control [+],
audio [+],
safer use [+],
insight [+],
remote [+],
arduino [+]
-
-
10:06
»
Hack a Day
Most of the quadcopter projects that we’ve seen use a joystick-based control system. This lets you fly the thing around like any RC vehicle. But [Saulius] is augmenting his control system by pulling and displaying telemetry data. It doesn’t really change the way the vehicle is controller, but it lets the craft roam much further [...]
-
-
12:01
»
Hack a Day
This wiring nightmare lets [H. Smeitink] map all the buttons from an Xbox 360 controller to his PC. It gives him the ability to push control input from his PC to the console. But it goes a step further than that because it actually acts as a pass-through device. He connected a wired controller to [...]
-
-
6:01
»
Hack a Day
A Remote Sphero-Control Trackball Sphero is a cool little ball that can roll around under the control of a smartphone. Although super-cool by itself, in this application it’s been hacked into a sort of trackball to drive a remote control car! Arduino Voice Control [Sebastian] Wrote in to tell us about this article about using [...]
-
-
17:25
»
Packet Storm Security Exploits
This Metasploit module exploits a stack-based buffer overflow in NetOp Remote Control 9.5. When opening a .dws file containing a specially crafted string longer then 520 characters will allow an attacker to execute arbitrary code.
-
-
10:01
»
Hack a Day
[Demetris] sent in a project he’s been working on over the last year. It’s called the Open Source Radio Control, and promises to be a modular platform for every imaginable remote control transmitter need. If you’d like to control a bipedal android or a 3D aerobatic model plane, the OSRC can do it while transmitting [...]
-
-
11:15
»
Hack a Day
This game of Space Invaders is played by tilting your iPhone to the left or right. It’s a demonstration of HTML5 used to link devices in-browser. The only setup that’s required is for the base device to load up a webpage, then the control device scans a QR code (or just types in a link) to [...]
-
-
12:01
»
Hack a Day
[Joris Laurenssen] has been hanging onto this robotic arm for about twenty years. His most recent project uses some familiar tools to add voice control for each of the arm’s joints. The arm has its own controller which connects via a DB-25 port. [Joris'] first task was to figure out what type of commands are [...]
-
12:01
»
Hack a Day
[Joris Laurenssen] has been hanging onto this robotic arm for about twenty years. His most recent project uses some familiar tools to add voice control for each of the arm’s joints. The arm has its own controller which connects via a DB-25 port. [Joris'] first task was to figure out what type of commands are [...]
-
-
2:02
»
Sophos product advisories
In the Sophos Control Center you see that a number of endpoint computers are reporting their 'up to date status' as Unknown.
-
-
13:21
»
Hack a Day
Controlling LEDs is really quite simple. As you know, they need to be current limited which is as easy as applying Ohm’s law to your given set of values. To make things even more even there’s a slew of constant current LED driver chips out there that can be had for a song. But do [...]
-
-
3:11
»
Packet Storm Security Tools
Access Road is an access control simulator written in Java. Out of the box simulations currently support GNU/Linux and MySQL server.
-
-
8:01
»
Hack a Day
Because his computer is gradually turning into an all-inclusive media display device, [Shawn] figured a remote to control the volume and a video playlist would be a reasonable addition. TV remotes for computers have been around for years, but [Shawn] decided to go the DIY route and build his own computer remote. For the build, [...]
-
-
11:01
»
Hack a Day
Here’s one way to get more control of your camera lenses. [Vladimir] built an Arduino-based pass-through ring (translated) which intercepts automatic lens controls. It’s meant for use with the Canon EOS lenses which have their own electronics allowing control of things like focus and zoom. It seems like part of the motivation here was to uses the [...]
-
-
22:12
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in the CmdProcessor.exe component of Trend Micro Control Manager up to version 5.5. The specific flaw exists within CmdProcessor.exe service running on TCP port 20101. The vulnerable function is the CGenericScheduler::AddTask function of cmdHandlerRedAlertController.dll. When processing a specially crafted IPC packet, controlled data is copied into a 256-byte stack buffer. This can be exploited to execute remote code under the context of the user.
-
22:12
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in the CmdProcessor.exe component of Trend Micro Control Manager up to version 5.5. The specific flaw exists within CmdProcessor.exe service running on TCP port 20101. The vulnerable function is the CGenericScheduler::AddTask function of cmdHandlerRedAlertController.dll. When processing a specially crafted IPC packet, controlled data is copied into a 256-byte stack buffer. This can be exploited to execute remote code under the context of the user.
-
22:12
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in the CmdProcessor.exe component of Trend Micro Control Manager up to version 5.5. The specific flaw exists within CmdProcessor.exe service running on TCP port 20101. The vulnerable function is the CGenericScheduler::AddTask function of cmdHandlerRedAlertController.dll. When processing a specially crafted IPC packet, controlled data is copied into a 256-byte stack buffer. This can be exploited to execute remote code under the context of the user.
-
-
8:01
»
Hack a Day
Industrial control robot band Remember Animusic, a series of videos featuring computer-generated, highly implausible instruments? Intel made their own to demo their industrial control tech. From the looks of things, we’re putting money on a bunch of MIDI triggers bolted onto plastic panels; now it’s slightly less impressive and the reason we’re looking at xylophones on eBay right now. [...]
-
-
9:01
»
Hack a Day
Because switching apps to change a song is such a taxing ordeal, [Oscar Celma] and [Ching-Wei Chen] decided to use their collective brainpower to change Last.FM playlists with their minds. They call their project Buddhafy, and it works by taking off-the-shelf EEG hardware and tying it into music streaming APIs. For the build, the guys used [...]
-
-
8:14
»
Packet Storm Security Recent Files
DACS is a light-weight single sign-on and role-based access control system providing flexible, modular authentication methods and powerful, transparent rule-based authorization checking for Web services, CGI programs, or virtually any program.
-
8:14
»
Packet Storm Security Tools
DACS is a light-weight single sign-on and role-based access control system providing flexible, modular authentication methods and powerful, transparent rule-based authorization checking for Web services, CGI programs, or virtually any program.
-
8:14
»
Packet Storm Security Misc. Files
DACS is a light-weight single sign-on and role-based access control system providing flexible, modular authentication methods and powerful, transparent rule-based authorization checking for Web services, CGI programs, or virtually any program.
-
-
19:46
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by missing input validation in the handling of the "StopModule()" method and can be exploited via a specially crafted "lModule" parameter to reference an expected module structure at an arbitrary memory address. This can be exploited to dereference an arbitrary value in memory as a function pointer. Successful exploitation allows execution of arbitrary code. NTR ActiveX Control version 1.1.8 is affected.
-
19:46
»
Packet Storm Security Recent Files
Secunia Research has discovered a vulnerability in NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by missing input validation in the handling of the "StopModule()" method and can be exploited via a specially crafted "lModule" parameter to reference an expected module structure at an arbitrary memory address. This can be exploited to dereference an arbitrary value in memory as a function pointer. Successful exploitation allows execution of arbitrary code. NTR ActiveX Control version 1.1.8 is affected.
-
19:46
»
Packet Storm Security Misc. Files
Secunia Research has discovered a vulnerability in NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by missing input validation in the handling of the "StopModule()" method and can be exploited via a specially crafted "lModule" parameter to reference an expected module structure at an arbitrary memory address. This can be exploited to dereference an arbitrary value in memory as a function pointer. Successful exploitation allows execution of arbitrary code. NTR ActiveX Control version 1.1.8 is affected.
-
19:33
»
Packet Storm Security Advisories
Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.
-
19:33
»
Packet Storm Security Recent Files
Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.
-
19:33
»
Packet Storm Security Misc. Files
Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.
-
9:01
»
Hack a Day
If you’re looking to remotely control things around the house, but can’t do it over the Internet or via WiFi, the TiDiGino just might have what you’re looking for. [Boris Landoni] from Open Electronics sent some information on the TiDiGino our way, and it certainly looks like a useful device if you’re in need of [...]
-
-
6:28
»
Hack a Day
Servo control is good, but wireless control is even better. This hack by [PyroElectro Tutorials] shows you how to do this wirelessly using two Xbee modules. There’s also a great example in the video after the break of this “hacking platform” used to control an animatronic head’s eyes. (we’ve featured the eyes here before). In [...]
-
-
11:34
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
11:34
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
10:01
»
Hack a Day
[Owen] has a fairly big project in the works, where he’ll need to use infrared light to send data wirelessly between two nodes. The only problem with his grand plan is that he has never built anything of the sort. As a learning exercise, he decided to try his hand at building a wireless control [...]
-
-
8:01
»
Hack a Day
[Andrzej] loves his Nokia N900, noting that it makes a great portable gaming device. Since it supports a wide array of emulators, it’s perfect for indulging his gaming nostalgia on the go. He says that the one downside to the N900 is that its keyboard doesn’t make gaming easy, nor comfortable. To make gaming a [...]
-
-
11:59
»
Hack a Day
[Dmitry Grinberg] has to walk all the way across his bedroom to switch the lamp on and off. The drudgery of this finally became too much, so he built a remote control and added dimming for good measure. Above you can see the circuitry for the remote and the receiver, as well as the finished [...]
-
-
11:07
»
Hack a Day
[Eberhard] wanted his own reflow oven but didn’t really want to mess around with the internals that control the heating element. He put his microcontroller programming experience to work and came up with an add-on module that controls the oven by switching the mains power. The image above shows a board in the midst of the [...]
-
-
5:01
»
Hack a Day
[Eric Gregori] had an OWI535 toy robotic arm. Although cheap (coming it at around $30) the arm is only set up to be used via a wired control box. [Eric] knew he could do better by adding computer control via a TI Launchpad and motor driver peripheral. The arm has shoulder, elbow, and wrist joints, [...]
-
-
7:48
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in DVR Remote ActiveX Control version 2.1.0.39, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by the ActiveX control during instantiation automatically downloading and loading DVRobot.dll from the "manifest" folder of the web server invoking the ActiveX control. Successful exploitation allows execution of arbitrary code via a specially crafted web page and hosted DVRobot.dll file.
-
7:48
»
Packet Storm Security Recent Files
Secunia Research has discovered a vulnerability in DVR Remote ActiveX Control version 2.1.0.39, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by the ActiveX control during instantiation automatically downloading and loading DVRobot.dll from the "manifest" folder of the web server invoking the ActiveX control. Successful exploitation allows execution of arbitrary code via a specially crafted web page and hosted DVRobot.dll file.
-
7:48
»
Packet Storm Security Misc. Files
Secunia Research has discovered a vulnerability in DVR Remote ActiveX Control version 2.1.0.39, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by the ActiveX control during instantiation automatically downloading and loading DVRobot.dll from the "manifest" folder of the web server invoking the ActiveX control. Successful exploitation allows execution of arbitrary code via a specially crafted web page and hosted DVRobot.dll file.
-
7:41
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack based buffer overflow in the Active control file ImageViewer2.OCX by passing a overly long argument to an insecure TifMergeMultiFiles() method. Exploitation results in code execution with the privileges of the user who browsed to the exploit page. The victim will first be required to trust the publisher Viscom Software. This Metasploit module has been designed to bypass DEP and ASLR under XP IE8, Vista and Win7 with Java support.
-
7:41
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack based buffer overflow in the Active control file ImageViewer2.OCX by passing a overly long argument to an insecure TifMergeMultiFiles() method. Exploitation results in code execution with the privileges of the user who browsed to the exploit page. The victim will first be required to trust the publisher Viscom Software. This Metasploit module has been designed to bypass DEP and ASLR under XP IE8, Vista and Win7 with Java support.
-
-
11:01
»
Hack a Day
[Christopher] found a way to get a bit more mileage out of his TV-B-Gone kit. The little device is intended to turn off every television in range with the push of a button. But at its core it’s really just a microcontroller connected to some infrared LEDs. Instead of sending codes to shut of televisions, [...]
-
-
11:01
»
Hack a Day
As the Open Source Hardware movement gathers steam, it has become clear that the tools to work collaboratively on hardware are in the dark ages when compared with slick frameworks like Git used to work on software projects. We’ve read a fair amount about this lately, but the idea of visual difference generation for PCB [...]
-
-
23:25
»
Sophos product advisories
You are not able to install Sophos Mobile Control (SMC) 1.1 on devices where the operating system was updated to iOS 5. The device displays the error 'Download failed. Safari cannot download this file.'
-
-
13:14
»
Packet Storm Security Exploits
Easy Hosting Control Panel suffers from an administrative authentication bypass vulnerability. Versions 0.29.10 through 0.29.13 are affected.
-
13:14
»
Packet Storm Security Misc. Files
Easy Hosting Control Panel suffers from an administrative authentication bypass vulnerability. Versions 0.29.10 through 0.29.13 are affected.
-
-
13:25
»
Hack a Day
If you ask us, there’s no substitute for learning by doing. But often the hardest part of acquiring new skills is coming up with the idea for a project that utilizes them. [Mike Rankin] wanted to develop a project using laser cut acrylic, and settled on building a control box for an RGB LED strip. [...]
-
-
12:04
»
Hack a Day
[James] is one of those guys on a quest to control everything with one device. His tool of choice is an Android phone, which can do quite a lot right out of the box. But he was never satisfied with its lack of IR remote control abilities. He fixed that feature-gap by building a Bluetooth [...]
-
-
15:01
»
Hack a Day
[gijs] sent in the control voltage sequencer he’s been working on that uses the TVout Arduino library to provide a graphical interface. The sequencer doesn’t produce any sound on its own. Instead, it outputs a Control Voltage so other synths can be sequenced with [gijs]‘ TVSCV. Before MIDI came around, CV was the standard to [...]
-
-
7:01
»
Hack a Day
[Old bit collector] is giving up control of his radio dial to the Internet. He combined a couple of Parallax products which now allow him to tune, adjust volume, and toggle the power for an FM radio receiver. The setup is pretty simple. An FM receiver module is mounted in the breadboard seen above which [...]
-
5:01
»
Hack a Day
[SpiralBrain] needed to figure out the coding scheme used by an IR remote control so that he could use it with his own project. He built an IR receiver board for the PICkit 2 and figured out how to use some of the Microchip software to measure the timing of the incoming signal. The hardware’s [...]
-
-
13:01
»
Hack a Day
While [Bremster] likes the view from his office window, he often needs to get up and adjust the blinds several times throughout the day in order to keep the glare from killing his eyes. Like any other enterprising hacker, he decided that constantly adjusting them was too repetitive, and that he could automate the process [...]
-
-
15:34
»
SecuriTeam
Potential security vulnerabilities have been identified in HP Insight Control performance management for Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
15:01
»
Hack a Day
Looking at the size of this bristlebot the first thing we wondered is where’s the battery? All we know is that it’s a rechargeable NiMH and it must be hiding under that tiny circuit board. But [Naghi Sotoudeh] didn’t just build a mindless device that jiggles its way across a table. This vibrating robot is controllable [...]
-
-
4:05
»
Hack a Day
The Kinect is an interesting beast. On one hand, it’s fantastic for hacking – a purpose for which it was not designed. On the other hand, it’s “just OK” when it comes to gaming – its entire reason for being. One of the big complaints regarding the Kinect’s control scheme is that it’s no good [...]
-
-
8:01
»
Hack a Day
[Manishi] wrote in to share his latest project, a Bluetooth DSLR controller that works with Android. More than a mere Bluetooth shutter trigger, his device lets you control a wide array of other settings such as aperture, shutter speed, ISO, white balance, focus position and live view. His “YaNis” control system was built using an [...]
-
-
23:54
»
SecuriTeam
Remote unauthorized elevation of privilege, execution of arbitrary code, encryption downgrade, information disclosure and Denial of Service (DoS) vulnerabilities were identified in Insight Control for Linux.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
11:01
»
Hack a Day
Here’s an altered PCB that gives USB control to an Ikea Dioder. This is a $50 product that comes with four strips each containing nine RGB LEDs. The stock controller has a color selection wheel and a couple of buttons. [Rikard Lindström] wanted to use it to match ambient light to the colors of his [...]
-
-
13:01
»
Hack a Day
Here’s an Android headphone add-on so clean that most people won’t know you built it yourself. [Will Robertson] was unsatisfied with the stock headphones that came with his HTC phone, but didn’t want to lose the control interface when upgrading. He built this add-on that lets him control the Android music player. He was inspired [...]
-
-
14:01
»
Hack a Day
[Marklar] needed an IR receiver for a project he was working on, and his local electronics store was fresh out. He dug through his junk pile and found an old stereo receiver, so he decided to pull the IR module from it before tossing it out. Once he had it taken apart, he figured that [...]
-
-
16:36
»
Hack a Day
[PJ Allen] has been working on a little robot which he calls Cypherbot. The control circuitry is quite familiar; a Board of Education which features the Basic Stamp 2 microcontroller. This is an older and slower microprocessor, but it works quite well for this application since there’s no need for speed or heavy number crunching. [...]
-
-
13:01
»
Hack a Day
So your electronic hobby skills are coming along quite nicely but you’re not very comfortable doing more than blinking a few LEDs. Now’s a good time to try something new by driving a couple of DC motors. You probably know that you can’t just hook these up to the pins of your favorite uC and [...]
-
-
6:01
»
Hack a Day
[Patrick] wanted a remote control to control some of the robots he’s built. He also wanted to get some data back from his robots, so an inexpensive off-the-shelf solution wouldn’t be up to the task. Like all good geeks, [Patrick] decided to build what he needed. For analog control, [Patrick] decided to use a Wiimote nunchuck. [...]
-
-
10:09
»
Hack a Day
On many new cars, automatic wiper speed control can be had as an upgrade, though most cars do not offer front-end collision prevention at all. [Rishi Hora] and [Diwakar Labh], students at the Guru Tegh Bahadur Institute of Technology in New Delhi, developed their own version of these features, (PDF warning, skip to page 20) which [...]
-
-
9:03
»
Hack a Day
A regular Hack A Day reader sent in a tip about an LM386 stero amplifier with digital volume control. The resulting build is very professional and could easily be adapted into a slick iPod dock build. We’ve seen a few LM386-based amplifiers over the years including one that fits inside a 9V battery, but this [...]
-
-
4:19
»
Sophos product advisories
To make it easier to define an application control policy, Sophos is planning to split the existing category into six new categories.
-
-
8:38
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in the Cisco AnyConnect VPN client vpnweb.ocx ActiveX control. This control is typically used to install the VPN client. An attacker can set the 'url' property which is where the control tries to locate the files needed to install the client. The control tries to download two files from the site specified within the 'url' property. One of these files it will be stored in a temporary directory and executed.
-
8:38
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in the Cisco AnyConnect VPN client vpnweb.ocx ActiveX control. This control is typically used to install the VPN client. An attacker can set the 'url' property which is where the control tries to locate the files needed to install the client. The control tries to download two files from the site specified within the 'url' property. One of these files it will be stored in a temporary directory and executed.
-
8:38
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in the Cisco AnyConnect VPN client vpnweb.ocx ActiveX control. This control is typically used to install the VPN client. An attacker can set the 'url' property which is where the control tries to locate the files needed to install the client. The control tries to download two files from the site specified within the 'url' property. One of these files it will be stored in a temporary directory and executed.
-
-
5:01
»
Hack a Day
Need to switch something on or off using a microcontroller? Using a transistor is one of the best ways to do this, but how exactly do you design properly for transistor switching? [Ben Krasnow] put together a tutorial in which he does an excellent job of explaining the ins and outs of designing transistor control [...]
-
-
14:01
»
Hack a Day
This setup will let you monitor Play Station 3 temperatures and throttle the cooling fan accordingly. [Killerbug666] based the project around an Arduino board, and the majority of the details about his setup are shared as comments in the sketch that he embedded in his post. He installed four thermistors in his PS3 on the CPU [...]
-
-
6:00
»
Hack a Day
[Darrell Taylor] wanted to add a CNC control pendant to his mill but didn’t want to foot the bill which can often run several hundred dollars. These pendants are basically a physical remote control that operates the CNC software that controls the machine. Since he was already using a Linux box running EMC2, it wasn’t [...]
-
-
23:09
»
SecuriTeam
Cisco Network Admission Control (NAC) Guest Server system software contains a vulnerability in the RADIUS authentication software.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
14:08
»
Hack a Day
Having the “can you believe somebody threw this away?” mentality has gotten us into some trouble through the years, but look what [Joshua] found at the scrap yard! It’s a door from a power conversion station and it contains fourteen indicator lights and a lot of other doodads. But since this is just the door, [...]
-
-
13:32
»
Hack a Day
[HuB's] set of 5.1 surround sound speakers was gobbling up a bunch of electricity when in standby as evidenced by the 50 Hz hum coming from the sub-woofer and the burning hot heat sink on the power supply. He wanted to add a way to automatically control the systems and offer the new feature of disconnecting the [...]
-
-
8:53
»
Packet Storm Security Exploits
ICONICS Genesis32 is a suite of OPC, SNMP, BACnet and Web-enabled HMI and SCADA applications. A stack overflow was found in an ActiveX control required by the WebHMI interface. This condition can be used to gain command execution. The affected control is 'GenVersion.dll' and has the ClassID of {CEFF5F48-BD2E-4D10-BAE5-AF729975E223}. This control is marked safe for scripting.
-
8:53
»
Packet Storm Security Recent Files
ICONICS Genesis32 is a suite of OPC, SNMP, BACnet and Web-enabled HMI and SCADA applications. A stack overflow was found in an ActiveX control required by the WebHMI interface. This condition can be used to gain command execution. The affected control is 'GenVersion.dll' and has the ClassID of {CEFF5F48-BD2E-4D10-BAE5-AF729975E223}. This control is marked safe for scripting.
-
8:53
»
Packet Storm Security Misc. Files
ICONICS Genesis32 is a suite of OPC, SNMP, BACnet and Web-enabled HMI and SCADA applications. A stack overflow was found in an ActiveX control required by the WebHMI interface. This condition can be used to gain command execution. The affected control is 'GenVersion.dll' and has the ClassID of {CEFF5F48-BD2E-4D10-BAE5-AF729975E223}. This control is marked safe for scripting.
-
-
4:05
»
Hack a Day
Here’s a setup to control a servo motor with your mind. [Danny Bertner] made this project happen by interfacing a MindWave headset with an Arduino. You might wonder what’s the big deal about that since we’ve covered quite a few mind control hacks that work this way? So far, the majority of those hacks used the [...]
-
-
4:01
»
Hack a Day
Looks like the FBI is starting to get pretty serious about fighting malware. Traditionally they have attacked the servers that activate and control botnets made up of infected computers. This time they’re going much further by taking control of and issuing commands to the botnets. In this instance it’s a nasty little bug called Coreflood, [...]
-
-
7:12
»
Hack a Day
Bring communications jamming technology into your TV viewing experience by building this infrared LED driver circuit. You’re probably familiar with the TV-B-Gone, which let’s you turn off any television at the touch of a button. But what if you actually want to watch the program that’s currently on the screen when the person with remote-in-hand [...]
-
-
5:03
»
Hack a Day
[Marcus] wrote a guide to using TouchOSC to control your projects. He sent a link to us after reading our feature about using Open Sound Control for Arduino without an Ethernet shield. He’s been using that method for quite some time now, but takes it one step further by using a smartphone as a control [...]
-
-
5:01
»
Hack a Day
[Easton] was looking to enter his local science fair and needed a project that would wow the judges. After considering it for a bit, he decided that an animatronic hand would be a sure winner. Many animatronic projects we have seen are connected to a computer for control purposes, but his is a bit different. [...]
-
-
8:00
»
Hack a Day
Open Sound Control (OSC) is a communications protocol that can be seen as a modern alternative to MIDI. It’s specifically designed to play nicely with network communication systems. The problem with using it along with Arduino-based gadgets is that you then need to use something like an Ethernet shield to provide the network connection. [Liam [...]
-
-
15:15
»
Hack a Day
[Rich] over at NothingLabs has put together a really cool laser light show that you really must see in an effort to win a laser cutter from Instructables. His walkthrough discusses the mechanics of laser light shows – specifically how galvanometers are typically used to precisely aim mirrors in order to draw images and write [...]
-
-
5:03
»
Hack a Day
Using IR repeaters for larger home theater setups is not uncommon, but they usually are quite simple. A series of IR receivers are placed throughout a home, all wired to repeat the signals in a central closet where all of the AV equipment is located. [Bill] constructed a solution that works much like a standard [...]
-
-
12:32
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in Novell iPrint Client 5.52. When sending an overly long string to the GetDriverSettings() property of ienipp.ocx an attacker may be able to execute arbitrary code.
-
12:32
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in Novell iPrint Client 5.52. When sending an overly long string to the GetDriverSettings() property of ienipp.ocx an attacker may be able to execute arbitrary code.
-
12:32
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in Novell iPrint Client 5.52. When sending an overly long string to the GetDriverSettings() property of ienipp.ocx an attacker may be able to execute arbitrary code.
-
-
17:40
»
SecuriTeam
SAP Crystal Reports Contains a vulnerability caused due to a boundary error in the "CrystalReports12.CrystalPrintControl.1" ActiveX control.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
4:56
»
Sophos product advisories
To make it easier to define an application control policy, Sophos is planning to split the existing category into six new categories.
-
-
11:19
»
Hack a Day
Hack-a-Day reader [Bobbie] sent us a hack that is an adaptation of the automatic cell phone button pushing machine we featured earlier this week. Inspired by that project, he challenged himself to construct a more efficient way to tackle the problem. He started out in much the same fashion, pointing a camera at the phone [...]
-
-
10:00
»
Hack a Day
[Mirko] is working on a library that will allow you to add RF control to just about any device. The only requirement is that the device be capable of running a Linux kernel, and that it have a few GPIO pins available. One example is fairly straight forward, a Netgear router. Many, if not most [...]
-
-
6:35
»
Sophos product advisories
A bug has been identified in a component of the application control data delivered in the 4.62 release, during week commencing 31 January 2011. This has now been fixed.
-
-
6:00
»
Hack a Day
[Martin] got his evalbot recently and wanted to try controlling it with his Wii nunchuck. After some trial and error, he finally got it working. He’s shown that controlling the bot with the nunchuck was actually pretty simple, but there are some other tips that could be pretty helpful in the process. One was the [...]
-
-
7:10
»
Hack a Day
Is there a place in the dashboard of your high performance automobile for this Engine Control Unit feedback panel? There’s several methods of showing information at work here. The row of LEDs at the top of the bezel provide RPM feedback. The two red LEDs with chrome bezels are alarm indicators. But that big OLED [...]
-
-
8:00
»
Hack a Day
[Chr] picked up a pack of remote control outlets in order to reverse engineer them and build control into his own projects. These can be plugged into outlets around your house and a relay inside each module will switch whatever device is plugged into it after receiving a command from the remote. Once he cracked [...]
-
-
10:59
»
Hack a Day
If this is meant for a model rocket it must be the biggest we’ve ever seen. [Scott] and [Trevor] took on the task of building a rocket attitude control system after reading about some research on the topic. But that researcher only tested the theories using simulations so they set out to build their own. [...]
-
-
21:25
»
SecDocs
Authors:
Silvio Cesare Tags:
malware malware analysis obfuscation Event:
Ruxcon 2010 Abstract: Silvio developed a signature based Malware detection system using control flow graphs as features for his Masters work. Two academic papers were published during this time. He continues the work on malware classification in his PhD. The work is distinguished from previous research by being able to approach the speed and efficiency of traditional Antivirus, yet with the significantly increased effectiveness of using control flow based signatures. Control flow is seen a more accurate identifier of malware variants and relies on fingerprinting program structure instead of the byte-level content. The system is designed to scale for potential applications including desktop Antivirus, E-Mail and Internet gateways.
-
-
7:30
»
Sophos product advisories
Sophos is planning to make changes to the existing Application Control categories. This change will take place with the Endpoint Security and Control v 9.5x update due for release in late March/early April 2011.
-
-
22:07
»
SecuriTeam
A potential security vulnerability has been identified in HP Insight Control for Linux.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
18:24
»
SecuriTeam
A potential security vulnerability has been identified in HP Version Control Repository Manager (VCRM) for Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
16:13
»
Packet Storm Security Exploits
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "Comp_Download" method in the SAP KWEdit ActiveX Control (kwedit.dll 6400.1.1.41).
-
16:13
»
Packet Storm Security Recent Files
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "Comp_Download" method in the SAP KWEdit ActiveX Control (kwedit.dll 6400.1.1.41).
-
16:13
»
Packet Storm Security Misc. Files
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "Comp_Download" method in the SAP KWEdit ActiveX Control (kwedit.dll 6400.1.1.41).
-
-
11:44
»
SecuriTeam
Potential security vulnerabilities have been identified in HP Insight Control Power Management for Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
11:39
»
SecuriTeam
Cross Site Scripting, Privilege Escalation and Unauthorized Access vulnerabilities have been identified in HP Insight Control Server Migration for Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
14:45
»
SecuriTeam
Cross Site Scripting, Privilege Escalation and Cross Site Request Forgery vulnerabilities have been identified in HP Insight Control performance management for Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
14:45
»
SecuriTeam
A potential security vulnerability has been identified in HP Insight Control performance management for Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
13:08
»
Hack a Day
You can salvage some nice motors out of optical drives but they can be tricky to control. That’s because brushless DC motors require carefully timed signals used in a process called Electronic Speed Control (ESC). [Fileark] built and ESC using an Arduino and has a couple of posts explaining the concept and demonstrating how it [...]
-
-
10:41
»
SecuriTeam
Cross Site Scripting, Denial of Service and Cross Site Request Forgery vulnerabilities have been identified in HP Insight Control Virtual Machine Management for Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
18:01
»
Packet Storm Security Recent Files
The Babylon online dictionary and translation software fails to sanitize user input before rendering it on the Trident control, effectively leading to a cross-application scripting vulnerability. The Trident control runs in Local Machine Zone (LMZ) which is not Locked down and due to this the vulnerability can allow for code execution.
-
18:01
»
Packet Storm Security Advisories
The Babylon online dictionary and translation software fails to sanitize user input before rendering it on the Trident control, effectively leading to a cross-application scripting vulnerability. The Trident control runs in Local Machine Zone (LMZ) which is not Locked down and due to this the vulnerability can allow for code execution.
-
-
10:01
»
Packet Storm Security Recent Files
Secunia Research has discovered a vulnerability in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the Install3rdPartyComponent() method in the Aventail.EPInstaller ActiveX control when creating an absolute path name based on values in the CabURL and Location arguments. This can be exploited to cause a stack-based buffer overflow via overly long values. Successful exploitation allows execution of arbitrary code.
-
10:01
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the Install3rdPartyComponent() method in the Aventail.EPInstaller ActiveX control when creating an absolute path name based on values in the CabURL and Location arguments. This can be exploited to cause a stack-based buffer overflow via overly long values. Successful exploitation allows execution of arbitrary code.
-
-
6:36
»
Sophos product advisories
We are incorporating a driver update and an LSP (Layered Service Protocol) update into the version 9.5.4 Endpoint Security and Control update due for release in late October/early November 2010. For these updates to take effect you will need to reboot endpoint computers.
-
-
11:00
»
Hack a Day
Inspired by the control system for the AMP suits in the movie Avatar, [Feelpavan] built this gesture controlled robotic hand. So far there is functionality for the wrists to rotate and bend, as well as for the fingers to flex (but not individually). This is accomplished by three servo motors on the hand assembly. The [...]
-
-
14:00
»
Hack a Day
[The Cheap Vegetable Gardener] wanted to check in on his garden from the road so he wrote a control app for his WinPhone. The hardware work is already done; having been built and tested for quite some time. The implementation comes in two parts, both shown in the chart above. The grow box is behind [...]
-
-
6:18
»
Sophos product advisories
We are incorporating a driver update and an LSP (Layered Service Protocol) update into the version 9.5.4 Endpoint Security and Control update due for release in late October/early November 2010. For these updates to take effect you will need to reboot endpoint computers.
-
6:07
»
Hack a Day
You can make your own lithium-ion batteries if you have a source for individual cells and a control board to match your desired voltage levels. [Bill Porter] put together a quick tutorial where he makes a 14.4V 2.2 AH battery for about $10. He picked up a set of cable-modem backup batteries (used to make [...]
-
-
2:54
»
Sophos product advisories
We are incorporating a driver update and an LSP (Layered Service Protocol) update into the version 9.5.4 Endpoint Security and Control update due for release in late October/early November 2010. For these updates to take effect you will need to reboot endpoint computers.
-
-
12:38
»
Hack a Day
Want to take back control of how your digital audio files become sound? One thing you can do is to build your own digital to analog converter. This one is made from discrete components, centered around a resistive ladder. Yes, there are a couple of integrated circuits in there which are used for demultiplexing the [...]
-
-
20:00
»
Packet Storm Security Advisories
Cisco Security Advisory - The Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine contain denial of service vulnerabilities during RTSP, HTTP, RTSP, and Session Initiation Protocol (SIP) inspection and SSL.
-
-
10:00
»
SecurityFocus Vulnerabilities
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine
-
-
15:00
»
Hack a Day
[Mathieu] spent three months developing this multimedia remote control. It connects to a PC via USB or Bluetooth and communicates with Winamp to pull down track information for display on a Nokia LCD screen. It can also be used as a wireless headset via the two on-board jacks. [Mettieu] thinks it’s just a small hop [...]
-
-
14:02
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
21:52
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
20:17
»
SecuriTeam
Execution of Arbitrary Code, Denial of Service and Unauthorized Access vulnerabilities were identified on HP Insight Control for Linux.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
20:08
»
SecuriTeam
Vulnerabilities were discovered affecting HP Insight Control Power Management for Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
12:18
»
Hack a Day
Here’s a homebrew remote control that [Jad Berro] is developing. He’s using a tank robot to test it out but eventually he plans to use it to control an RC plane thanks the 434 MHz wireless module inside. There’s no shortage of input, with two analog sticks from a PlayStation controller, several momentary push buttons, [...]
-
-
22:02
»
Packet Storm Security Advisories
Secunia Research has discovered some vulnerabilities in GIGABYTE Dldrv2 ActiveX Control, which can be exploited by malicious people to compromise a user's system. The unsafe method dl() allows automatically downloading and executing an arbitrary file. Combined usage of the unsafe methods SetDLInfo() and Bdl() allows automatically downloading an arbitrary file to an arbitrary location on the user's system. GIGABYTE Dldrv2 ActiveX Control version 1.4.206.11 is affected.
-
-
9:00
»
Hack a Day
[Andres Guzman] is chauffuering himself around the University of Illinois campus thanks to his wirelessly controlled mountainboard. He added a brushless motor to drive the rear axel with the help of a chain. Power is provided by a Lithium Iron Phosphate battery which we’ve seen used in other electric vehicles due to its lightweight properties. [...]
-
-
13:50
»
Hack a Day
This hack lets you use a TV in place of a graphic LCD screen. But we like to think of this less as a replacement for a GLCD and more of a simple way to get your information onto a television. A PIC 18F452 acts as a translator between the GLCD parallel inputs and a [...]
-
-
7:36
»
Hack a Day
If your soldering skills are up to snuff you can add a motion control feature to your radio controlled transmitter. [Starlino] used a combination accelerometer and gyroscope module as an alternate source of analog control information. He built a filter to dial in the analog voltage range to match that of one of the sticks [...]
-
-
12:52
»
SecuriTeam
Skinny Client Control Protocol (SCCP) crafted messages may cause a Cisco IOS device that is configured with the Network Address Translation (NAT) SCCP Fragmentation Support feature to reload.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
6:00
»
Hack a Day
Cell phone chopper control Control your tiny inexpensive helicopter with a Nokia N900. The chopper uses an infrared remote control, just like a television. Getting this to work was just a matter of figuring out the IR commands and writing an app for the phone to spit them out. Fade to black; inconspicuously Lost interest [...]
-
-
11:00
»
Hack a Day
The Personal Mobility Robot (PMR) has a chair for a passenger and balances on two wheels like a Segway. Now the clever folks at the University of Tokyo have added Wii remote control to the platform in a full-sized version of the Segwii. We understand that adding Wiimote control to anything isn’t exactly groundbreaking at [...]
-
-
20:00
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 10-077 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Download Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the gp.ocx ActiveX control. This control has a CLSID of {E2883E8F-472F-4fb0-9522-AC9BF37916A7} and the ProgID Atlcom.get_atlcom. Upon initialization this control copies the values from two parameters into a fixed length buffer. If supplied with large enough values this can lead lead to a buffer overflow that can be leveraged to execute arbitrary code under the context of the user running the browser.
-
20:00
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-077 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Download Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the gp.ocx ActiveX control. This control has a CLSID of {E2883E8F-472F-4fb0-9522-AC9BF37916A7} and the ProgID Atlcom.get_atlcom. Upon initialization this control copies the values from two parameters into a fixed length buffer. If supplied with large enough values this can lead lead to a buffer overflow that can be leveraged to execute arbitrary code under the context of the user running the browser.
-
-
9:00
»
Hack a Day
Remote motion control
This project walks though a method of controlling motors with an accelerometer when the two are physically separated. Two Arduinos are used, with the user interface and the motor control connected via Ethernet. This must be useful for something; maybe it should be the next step once you get your accelerometer up and [...]
-
-
17:45
»
SecuriTeam
During the installation of the DATEV Base System (Grundpaket Basis) an ActiveX Control will be installed (DVBSExeCall.ocx), in which the function "ExecuteExe" is vulnerable to a command execution bug.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
16:00
»
Packet Storm Security Recent Files
This Metasploit module exploits a memory corruption vulnerability in the Internet Explorer Tabular Data ActiveX Control. Microsoft reports that version 5.01 and 6 of Internet Explorer are vulnerable. By specifying a long value as the DataURL parameter to this control, it is possible to write a NUL byte outside the bounds of an array. By targeting control flow data on the stack, an attacker can execute arbitrary code.
-
16:00
»
Packet Storm Security Exploits
This Metasploit module exploits a memory corruption vulnerability in the Internet Explorer Tabular Data ActiveX Control. Microsoft reports that version 5.01 and 6 of Internet Explorer are vulnerable. By specifying a long value as the DataURL parameter to this control, it is possible to write a NUL byte outside the bounds of an array. By targeting control flow data on the stack, an attacker can execute arbitrary code.
-
-
20:00
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 10-065 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaws exist within the /ws_man/xosoapapi.asmx SOAP endpoint and occur when submitting malformed requests to the server. Successful exploitation can lead to code execution under the context of the service.
-
20:00
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 10-066 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /entry_point.aspx service and occurs due to an unbounded string copy utilizing a string controlled by the user as the source into a fixed length buffer located on the stack. Successful exploitation can lead to code execution under the context of the service.
-
20:00
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-065 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaws exist within the /ws_man/xosoapapi.asmx SOAP endpoint and occur when submitting malformed requests to the server. Successful exploitation can lead to code execution under the context of the service.
-
20:00
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-066 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /entry_point.aspx service and occurs due to an unbounded string copy utilizing a string controlled by the user as the source into a fixed length buffer located on the stack. Successful exploitation can lead to code execution under the context of the service.
-
-
11:08
»
Hack a Day
Powerplant control room panoramas:
There are two power plants presented in 360 degree panoramas here. All those dials and switches just get us giddy. The one pictured above was built in 1918 and is still in operation. Not only are the control rooms here, but several other locations around the facility too.
Energy recycling prosthetic foot:
At first, [...]
-
-
11:00
»
Hack a Day
If you think there’s never enough computerized numerical control in your life perhaps the pizza plotter should be your next project. This is a large 2-axis machine that shoots pressurized sauce onto a pizza crust. It’s a food-grade RepStrap and appears to use a garden sprayer as a reservoir. They learned [...]
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
Bugtraq
XSSed
Penetration Testing
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution