Engineer's Toolset Security Vulnerabilities

(RHSA-2014:0575) Low: Red Hat Enterprise Developer Toolset Version 1 One-month Retirement Notice

In accordance with the Red Hat Enterprise Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 1 offering will be retired as of June 30, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact...

Security update for Xen (important)

The SUSE Linux Enterprise 10 Service Pack 3 LTSS Xen hypervisor and toolset have been updated to fix various security issues: The following security issues have been addressed: * XSA-20: CVE-2012-4535: Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS ...

(RHSA-2014:0340) Low: Red Hat Enterprise Developer Toolset Version 1 3-month Retirement Notice

In accordance with the Red Hat Enterprise Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 1 offering will be retired as of June 30, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact...

Security update for Xen (important)

The SUSE Linux Enterprise Server 11 Service Pack 1 LTSS Xen hypervisor and toolset have been updated to fix various security issues and some bugs. The following security issues have been addressed: * XSA-84: CVE-2014-1894: Xen 3.2 (and presumably earlier) exhibit both problems with the...

[Nsdtool] Toolset of scripts used to detect netgear switches in local networks

Nsdtool is a toolset of scripts used to detect netgear switches in local networks. The tool contains some extra features like bruteforce and setting a new password. Netgear has its own protocol called NSDP (Netgear Switch Discovery Protocol), which is implemented to support security tests on the...

Security update for Xen (important)

The SUSE Linux Enterprise Server 10 Service Pack 4 LTSS Xen hypervisor and toolset have been updated to fix various security issues. The following security issues have been addressed: XSA-82: CVE-2013-6885: The microcode on AMD 16h 00h through 0Fh processors does not properly handle...

Security update for Xen (important)

The SUSE Linux Enterprise Server 11 Service Pack 3 Xen hypervisor and toolset has been updated to 4.2.4 to fix various bugs and security issues: The following security issues have been addressed: * XSA-60: CVE-2013-2212: The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling...

Security update for Xen (important)

The SUSE Linux Enterprise Server 11 Service Pack 2 LTSS Xen hypervisor and toolset has been updated to fix various security issues and several bugs. The following security issues have been addressed: * XSA-88: CVE-2014-1950: Use-after-free vulnerability in the xc_cpupool_getinfo function...

SuSE 11.3 Security Update : Xen (SAT Patch Number 8973)

The SUSE Linux Enterprise Server 11 Service Pack 3 Xen hypervisor and toolset has been updated to 4.2.4 to fix various bugs and security issues : The following security issues have been addressed : XSA-60: CVE-2013-2212: The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling...

[BlackArch] Linux Distribution with 600 Security Tools

BlackArch Linux is a lightweight expansion to Arch Linux for penetration testers and security researchers. The repository contains 630 tools. You can install tools individually or in groups. BlackArch is compatible with existing Arch installs. Tool List: Name | Version | Description | Homepage...

[Nimbostratus] Tools for fingerprinting and exploiting Amazon cloud infrastructures

Nimbostratus are tools for fingerprinting and exploiting Amazon cloud infrastructures. Nimbostratus is the first toolset to help you in the process of pivoting in Amazon AWS clouds Features Enumerate permissions to AWS services for current IAM role Use poorly configured IAM role to create new AWS.....

SuSE 11.3 Security Update : Xen (SAT Patch Number 8063)

The Xen hypervisor and toolset has been updated to 4.2.2_06 to fix various bugs and security issues : The following security issues have been addressed : Various integer overflows in the ELF loader were fixed. (XSA-55). (CVE-2013-2194) Various pointer dereferences issues in the ELF...

Security update for Xen (important)

The Xen hypervisor and toolset has been updated to 4.2.2_06 to fix various bugs and security issues: The following security issues have been addressed: CVE-2013-2194: Various integer overflows in the ELF loader were fixed. (XSA-55) CVE-2013-2195: Various pointer dereferences issues in ...

Researchers Uncover 'TeamSpy' Attack Campaign Against Government, Research Targets

Researchers have uncovered a long-term cyber-espionage campaign that used a combination of legitimate software packages and commodity malware tools to target a variety of heavy industry, government intelligence agencies and political activists. Known as the TeamSpy crew because of its affinity for....

[Revenssis] Mobile Penetration Testing Suite

Fully featured network, wireless and web app pentesting suite for Smartphones Nicknamed as the "Smartphone Version of Backtrack", Revenssis Penetration Suite is a set of all the useful types of tools used in Computer and Web Application security. Tools available in it include: Web App scanners,...

Inside the 1,000 Red October Cyberespionage Malware Modules

The Red October espionage malware campaign is providing security researchers with a deep dive into the complexity of targeted attacks, which in this case made use of more than 1,000 malware modules for everything from reconnaissance on targets to exfiltration of data to command and control...

Oracle Forms Recognition Detection

The remote host has Oracle Forms Recognition installed. Oracle Forms Recognition is a software toolset for processing captured documents and delivering the data to backend...

Patriot Hacker 'The Jester' list his all time favorite Open Source Intelligence toolset

Most of the readers have question in mind that, How hackers know everything about their target ? How to DOX (finding personal information) someone ? So answer is -- Open Source Intelligence (OSINT). A Patriot Hacker 'The Jester' (or "th3j35t3r") who made his name after harassing Anonymous activist....

ManageEngine OpUtils 6.0 - Persistent Cross-Site Scripting

ManageEngine OpUtils 6.0 - Persistent Cross-Site...

ManageEngine OpUtils 6.0 - Persistent Cross-Site Scripting

...

Confusing Attackers with Artillery By Dave Kennedy (ReL1K)

Confusing Attackers with Artillery By Dave Kennedy (ReL1K) Dave Kennedy (ReL1K), A security ninja & penetration tester develop Another amazing tool for Linux Protection, Named "Artillery". This Article is written by Dave for our January Issue of The Hacker News Magazine, We like to share with our.....

Hcon's Security Testing Framework (Hcon STF) v0.4 [Fire base]

Hcon's Security Testing Framework (Hcon STF) v0.4 [Fire base] Hcon respects & salutes to all of the freedom fighters of India, without whom we can never be able get our freedom.A tribute to all of the freedom fighters of all the countries we present HconSTF version 0.4 codename 'Freedom'.Hope...

Review : GFI LanGuard - Network Security Scanner & Vulnerability Management Tool

I'm a firm believer in multitasking. I tend to work on several things simultaneously; the more monitors I have connected the more things I can do in parallel, and I can bounce back and forth between tasks, given that no one interrupts me. When I find an application that can do more than one thing.....

Android Reverse Engineering Toolset Debuts

The Android platform has become one of the go-to choices for developers and device manufacturers in the last year or so, and that popularity has of course attracted the attention of attackers who have been busily coding up as much malware as they can for the platform. They’ve been quite...

NetSecL Linux 3.2 released with new XFCE

NetSecL Linux 3.2 released with new XFCE NetSecL 3.2 comes with a brand new XFCE which increased dramatically the performance experience, we closed many bugs and also gained more compatibility to OpenSuse 11.4 – most packages are 11.4 compatible. GrSecurity kernel is updated to 2.6.32.8...

Adobe Audition 3.0 build 7283 - Session File Handling Buffer Overflow (PoC)

...

Adobe Audition 3.0 (build 7283) Session File Handling Buffer Overflow PoC

No description provided by...

Adobe Audition 3.0 build 7283 - Session File Handling Buffer Overflow (PoC)

Adobe Audition 3.0 build 7283 - Session File Handling Buffer Overflow...

Adobe Audition 3.0 (build 7283) Session File Handling Buffer Overflow PoC

Exploit for windows platform in category dos /...

Adobe Audition 3.0 (build 7283) Session File Handling Buffer Overflow

...

Adobe Audition 3.0 (build 7283) Session File Handling Buffer Overflow PoC

Title: Adobe Audition 3.0 (build 7283) Session File Handling Buffer Overflow PoC Advisory ID: ZSL-2011-5012 Type: Local/Remote Impact: System Access, DoS Risk: (3/5) Release Date: 12.05.2011 Summary Recording, mixing, editing, and mastering — Adobe® Audition® 3 software is the all-in-one toolset...

RawCap sniffer for Windows released !

RawCap sniffer for Windows released We are today proude to announce the release of RawCap, which is a free raw sockets sniffer for Windows. Here are some highlights of why RawCap is a great tool to have in your toolset: Can sniff any interface that has got an IP address, including 127.0.0.1...

SolarWinds Orion Network Performance Monitor (NPM) Detection (HTTP)

HTTP based detection of the SolarWinds Orion Network Performance Monitor...

Easily crack Win2008 password-ERD6. 0-vulnerability warning-the black bar safety net

Everyone knows ERD5. 0 On win2008 and Vista operating system not afford to do with, how to crack win2008 and vista? ERD6. 0 done this point, below we our to MDOP2008 as an example to introduce how to customize a picture of ERD6. 0 tools CD-ROM First, in win2008 insert MDOP2008 the installation...

PHP application of Common Vulnerability analysis-vulnerability warning-the black bar safety net

Transfer from: WhyTT Not impregnable, as PHP is widely used, some hackers also at no time not looking for a PHP trouble, by the PHP application vulnerability to attack is one of them. In the section, we will from a global variable, remote file, file upload, library files, Session files, data...

Penetration of the underlying routing techniques-vulnerability warning-the black bar safety net

Source: Huaxia hacking Union Master scan the underlying routing can greatly facilitate invasion within the network,such as enterprise,company,school, etc..if thorough techniques can intercept sensitive information,simplifying the invasion process,and obtain a routing privilege,it can be prepared...

Microsoft Malware Protection Engine TWO DoS Vulnerabilities

CVE-2008-1437 CVE-2008-1438 There are two vulnerabilities idenitified in Microsoft Antivirus product. These vulnerabilities can be exploited to cause Denial of service. CVE-2008-1437 PE Parsing Memory Corruption While scanning a specially crafted PE file, Malware orotection engine...

Microsoft恶意软件保护引擎多个拒绝服务漏洞(MS08-029)

BUGTRAQ ID: 29060,29073 CVE(CAN) ID: CVE-2008-1437,CVE-2008-1438 Microsoft恶意软件保护引擎可为防病毒和反间谍软件客户端提供扫描、监测和清除功能。 Microsoft恶意软件保护引擎处理特制文件的方式中存在拒绝服务漏洞，攻击者可以通过建立特制文件来利用此漏洞，当目标计算机系统接收或Microsoft恶意软件保护引擎扫描到此文件时，就可能导致Microsoft恶意软件保护引擎停止响应和自动重新启动，或耗尽所有磁盘空间 0 Microsoft Windows Live OneCare Microsoft Antigen...

Microsoft Security Bulletin MS08-029 – Moderate Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)

Microsoft Security Bulletin MS08-029 – Moderate Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044) Published: May 13, 2008 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in the...

Hack of the classic tutorial of understanding Address Resolution Protocol attacks-exploit warning-the black bar safety net

The contents of the list 1 About this article 2 ARP description 2.1 ARP mean? 2.2 ARP cache of the object 2.3 ARP how it works 2.4 Protocol flaws 3 ARP attack methods 3.1 terms and definitions 3.2 connection hijacking and interception 3.2 connection reset 3.4 intermediaries 3.5 packet...

GForge <= 4.5 Multiple Script XSS

The remote host is running GForge, an open source software development collaborative toolset using PHP and PostgreSQL. The installed version of GForge on the remote host fails to properly sanitize user-supplied input to several parameters / scripts before using it in dynamically-generated pages. .....

Mac OS X Cocktail 3.5.4 admin password disclosure

Application: Mac OS X Cocktail Version: 3.5.4 and probably below URL: www.macosxcocktail.com Vulnerability: admin password disclosure ======================================================= Vendor's description: "Cocktail is a general purpose utility for Mac OS X. The application serves up a...

NetSQL 1.0 - Remote Buffer Overflow

NetSQL 1.0 - Remote Buffer...

NetSQL 1.0 - Remote Buffer Overflow

...

STM symlink Vulnerability

Support Tool Manager Symlink Vulnerability &gt;From the STM manual page : &gt;The Support Tools Manager (STM) provides three interfaces that allow a &gt;user access to an underlying toolset, consisting of information &gt;modules, firmware update tools, verifiers, diagnostics, exercisers, &gt;expert...

Microsoft Windows NT 4.0 - SNMP-WINS Denial of Service

Microsoft Windows NT 4.0 - SNMP-WINS Denial of...

Microsoft Windows NT 4.0 - SNMP-WINS Denial of Service

...