The NETGEAR WNR2000 router has a vulnerability in the way it handles password recovery. This vulnerability can be exploited by an unauthenticated attacker who is able to guess the value of a certain timestamp which is in the configuration of the router. Brute forcing the timestamp token might take a few minutes, a few hours, or days, but it is guaranteed that it can be bruteforced. This Metasploit module works very reliably and it has been tested with the WNR2000v5, firmware versions 1.0.0.34 and 1.0.0.18. It should also work with the hardware revisions v4 and v3, but this has not been tested.
732e6fa6166a24c612ef12a90f5f518874bfb536abb10e08608e1b6b32c2c86a
The NETGEAR WNR2000 router has a buffer overflow vulnerability in the hidden_lang_avi parameter. In order to exploit it, it is necessary to guess the value of a certain timestamp which is in the configuration of the router. An authenticated attacker can simply fetch this from a page, but an unauthenticated attacker has to brute force it. Brute-forcing the timestamp token might take a few minutes, a few hours, or days, but it is guaranteed that it can be brute-forced. This Metasploit module implements both modes, and it works very reliably. It has been tested with the WNR2000v5, firmware versions 1.0.0.34 and 1.0.0.18. It should also work with hardware revisions v4 and v3, but this has not been tested - with these routers it might be necessary to adjust the LibcBase variable as well as the gadget addresses.
9a070ce74f71e2662326a2f24f0e886e3c26c8510e555c2e622810bbc7f545ed
Gentoo Linux Security Advisory 201702-32 - Ruby Archive::Tar::Minitar is vulnerable to a directory traversal attack. Versions prior to 0.6.1 are affected.
157e690b127e197b5e2dc69bc809ae8b72ef330c005521c03a4cf6eaf39f4814
Debian Linux Security Advisory 3778-1 - Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library that provides the ability to deal with POSIX tar archive files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.
c28a74b1d780091d7e74cf192097bf7172364ae67c4a0e3192e81a82c7b905b9
Netgear WNR2000 suffers from a remote code execution vulnerability and various other security issues.
4d840ad95b6a4e6ffcfbdc06d54203748e463cde9adb5d6be5be3a975216ee2e
Red Hat Security Advisory 2016-0610-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.616. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
5145ad8c00fcfd2b59e1d57411a22febeb7e651b05d88217b455d025ff236f82