546 matches found
Scavenger - Is A Multi-Threaded Post-Exploitation Scanning Tool For Scavenging Systems, Finding Most Frequently Used Files And Folders As Well As "Interesting" Files Containing Sensitive Information
scavenger : is a multi-threaded post-exploitation scanning tool for scavenging systems, finding most frequently used files and folders as well as "interesting" files containing sensitive information. Problem Definition: Scavenger confronts a challenging issue typically faced by Penetration Testin...
[SECURITY] Fedora 28 Update: community-mysql-5.7.24-1.fc28
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
[SECURITY] Fedora 28 Update: clamav-0.100.2-2.fc28
Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...
Beers with Talos EP 37: Snort 3 Beta Uses Multithreading. It’s Super Effective!
Beers with Talos BWT Podcast Ep. 37 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast. Ep. 37 show notes: Recorded Sept. 7, 2018 — We have Joel back this week and he is very happy to have himse...
[SECURITY] Fedora 27 Update: community-mysql-5.7.23-1.fc27
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
[SECURITY] Fedora 28 Update: mariadb-10.2.17-1.fc28
MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client...
Scout2 - Security Auditing Tool For AWS Environments
Scout2 is a security tool that lets AWS administrators assess their environment's security posture. Using the AWS API, Scout2 gathers configuration data for manual inspection and highlights high-risk areas automatically. Rather than pouring through dozens of pages on the web, Scout2 supplies a...
[SECURITY] Fedora 27 Update: mariadb-10.2.15-2.fc27
MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client...
Mylobot Botnet Emerges with Rare Level of Complexity
An unusual botnet dubbed Mylobot has emerged, percolating up from the Dark Web – and displaying a never-before-seen level of complexity in terms of the sheer breadth of its various tools, especially evasion techniques. According to an analysis posted on Tuesday by Tom Nipravsky, a security...
Pure python post-exploitation RAT for macOS & OSX: EvilOSX
A pure python, post-exploitation, RAT Remote Administration Tool for macOS / OSX. Features Emulate a simple terminal instance Undetected by anti-virus OpenSSL AES-256 encrypted payloads, HTTPS communication Multi-threaded No client dependencies pure python Persistent Simple extendable module syst...
OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)
It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out...
Vayne-RaT - An Advanced C# .NET RAT
Vayne-RaT is Free and Open SourceRemote Administration Tool Coded In C. Features: Multi-Threaded CMD Shell File Manager Download & Upload Remote Desktop Password Recovery Assembly Builder Scan-Time Crypter FUD Requirements Stub Coded In .NET 2.0 Mono.Cecil.dll Dissembler Lib.dll BunifuUIv1.52.dll...
CVE-2017-13251
In impeg2ddecpicdatathread of impeg2ddechdr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when running multi threaded with no additional execution privileges needed. User interaction is needed for exploitation. Product:...
Huawei P9 Information Disclosure Vulnerability
Huawei P9 is a smartphone from Chinese company Huawei Huawei. The Huawei P9 suffers from an information disclosure vulnerability where the system fails to reasonably protect a resource when it is accessed by multiple threads. An attacker can cause kernel information leakage by tricking a user wit...
Multi-Threaded HTTP Server v1.1 for Zimbra
The remote web server is identified as Multi-Threaded HTTP Server for Zimbra. This third-party Zimbra add-on fails to sanitize URLs in a way that allows traversal attacks. An unauthenticated, remote attacker can exploit this to view arbitrary files on the remote host. C Tenable Network Security,...
OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)
It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out...
[SECURITY] Fedora 26 Update: clamav-0.99.4-1.fc26
Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...
OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)
It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out...
[SECURITY] Fedora 27 Update: clamav-0.99.4-1.fc27
Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...
CVE-2017-13251
In impeg2ddecpicdatathread of impeg2ddechdr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when running multi threaded with no additional execution privileges needed. User interaction is needed for exploitation. Product:...