Category: Vulnerability Analysis

Firmware Updates Made Easy

Contributors: David Barksdale of Exodus Intelligence, Independent Security Researcher Jeremy Brown These are two vulnerabilities that allow a remote unauthenticated attacker to update firmware. If the

Read More

VxWorks: Execute My Packets

Contributors David Barksdale and Alex Wheeler 1. Background Earlier this year we reported 3 vulnerabilities in VxWorks to Wind River. Each of these vulnerabilities can be exploited

Read More

Exodus Intelligence 2016 Training Course

Vulnerability Development Master Class Since our inception, Exodus Intelligence has provided training courses on a variety of advanced subjects which have consistently been filled with students from

Read More

Execute My Packet

Contributors David Barksdale, Jordan Gruskovnjak, and Alex Wheeler 1. Background Cisco has issued a fix to address CVE-2016-1287. The Cisco ASA Adaptive Security Appliance is

Read More

Tails from the Cri2p

In continuation of the previous blog Fairy Tails and Silver Bullets we present the technical details of the flaws found in I2P (Invisible Internet Project)

Read More

Silver Bullets and Fairy Tails

Introduction This week we made mention on Twitter of a zero-day vulnerability we’ve unearthed that affects the popular Tails operating system. As the Tails website

Read More

DoS? Then Who Was Phone?

Introduction This post presents exploitation notes on a vulnerability we discovered in Asterisk, an open source telephony solution produced by Digium. We reported this bug

Read More