SUSE SLED12 / SLES12 Security Update : pigz (SUSE-SU-2015:0670-1)

Pigz, a multi-threaded implementation of gzip, was updated to fix one vulnerability. The following vulnerability was fixed : - A crafted file could have caused an unwanted directory traversal on extract CVE-2015-1191 Note that Tenable Network Security has extracted the preceding description block...

[SECURITY] Fedora 22 Update: clamav-0.98.7-1.fc22

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

[SECURITY] Fedora 21 Update: clamav-0.98.7-1.fc21

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

The vulnerability the batch using the scan framework-vulnerability warning-the black bar safety net

0x00 Preface Each vulnerability after the outbreak, many people are in a hurry to find a batch, thinking to brush a few holes in the submission of the clouds. In fact, some of the vulnerabilities of the detection step time can be unified extraction do into the framework. Today I'll share to make...

The local file contains（LFI）vulnerability Detection Tool – Kadimus-vulnerability warning-the black bar safety net

Kadimus is for detecting a site local file inclusion（LFI）vulnerability of security tools. Characteristics Detect all URL parameters /var/log/auth. log RCE /proc/self/environ RCE php://input RCE data://text RCE The source code leak detection Multi-thread scanning HTTP command execution vulnerabili...

[SECURITY] Fedora 20 Update: clamav-0.98.6-1.fc20

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

AutoScan-Network - Automatically scan your network

AutoScan-Network is a network scanner discovering and managing application. No configuration is required to scan your network. The main goal is to print the list of connected equipments in your network. System Requirements : •Mac OS X 10.5 or later •Microsoft Windows XP, Vista •GNU/Linux •Maemo 4...

WordPress 4.0 Denial Of Service

$argv2, 'pwd' = strrepeat"A",1000000, 'redirectto' = $argv1 . "/wp-admin/", 'reauth' = 1, 'testcookie' = '1', 'wp-submit' = "Log%20In"; $cookieFiles = "cookie.txt"; curlsetoptarray$ch, array CURLOPTHEADER = 1, CURLOPTUSERAGENT = "Mozilla/5.0 Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6...

[SECURITY] Fedora 20 Update: clamav-0.98.5-1.fc20

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

RedHat Update for rsyslog5 and rsyslog RHSA-2014:1671-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 20 Update: rsyslog-7.4.8-2.fc20

Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up,...

[SECURITY] Fedora 21 Update: rsyslog-7.4.10-5.fc21

Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up,...

RedHat Update for rsyslog RHSA-2014:1397-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 19 Update: mariadb-5.5.39-1.fc19

MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client...

openssl: race condition in ssl_parse_serverhello_tlsext

A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execut...

WordPress xmlrpc using the test tool multi-threaded version-bug warning-the black bar safety net

The following is the code import futures import requests from Queue import Queue XMLURL = "http://www.myhack58.com/" USERFILE = "username.txt" PASSFILE = "password.txt" THREADNUM = 2 0 data = """wp. getUsersBlogs%s%s""" task = Queuedef attack: while not task. empty: username = the task. get passt...

Libsafe 2.0 Multi-threaded Process Race Condition Security Bypass Weakness

No description provided by source. source: http://www.securityfocus.com/bid/13190/info Libsafe will normally kill an application when certain types of memory corruption are detected, preventing exploitation of some buffer overflow and format string vulnerabilities. A weakness has been reported th...

CentOS 5 : mysql55-mysql (CESA-2014:0536)

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

openssl multi-threaded multi-domain EXP, support for custom ports, save the binary file to save space-bug warning-the black bar safety net

!/ usr/bin/python Quick and dirty demonstration of CVE-2 0 1 4-0 1 6 0 by Jared Stafford [email protected] The author disclaims copyright to this source code. Multi process and bin dump version by [email protected] import sys import struct import socket import time import select impo...

WVS v9.5 - Acunetix Web Vulnerability Scanner

Acunetix Web Vulnerability Scanner WVS is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web...