CVE-2014-7844

BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address...

CVE-2014-7844

BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address...

Design/Logic Flaw

BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address...

CVE-2014-7844

CVE-2014-7844 affects BSD mailx 8.1.2 and earlier and Heirloom mailx 12.5 and earlier. Root cause: the expand function (fio.c) allows shell meta-characters in an email address to trigger remote command execution. Impact: remote attacker could execute arbitrary commands with the privileges of the ...

CVE-2014-7844

BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address...

Fedora Update for wpa_supplicant FEDORA-2019-0e0b28001d

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Pylane - An Python VM Injector With Debug Tools, Based On GDB

Pylane is a python vm injector with debug tools, based on gdb and ptrace. Pylane uses gdb to trace python process, inject and run some code in its python vm. Usage use inject command to inject a python script in an process: pylane inject use shell command to inject an interactive shell: pylane...

[SECURITY] Fedora 30 Update: wpa_supplicant-2.8-3.fc30

wpasupplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11...

Fedora Update for wpa_supplicant FEDORA-2019-2bdcccee3c

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for wpa_supplicant FEDORA-2019-65509aac53

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 31 Update: wpa_supplicant-2.9-2.fc31

wpasupplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11...

BSD Dump Password Hashes

Post module to dump the password hashes for all users on a BSD system. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BSD Dump Password Hashes', 'Description' = %q Post module to dump the...

Gather GRUB Password

This module gathers GRUB passwords from GRUB bootloader config files. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gather GRUB Password', 'Description' = %q This module gathers GRUB password...

UNIX Co-Founder Ken Thompson's BSD Password Has Finally Been Cracked

A 39-year-old password of Ken Thompson, the co-creator of the UNIX operating system among, has finally been cracked that belongs to a BSD-based system, one of the original versions of UNIX, which was back then used by various computer science pioneers. In 2014, developer Leah Neukirchen spotted a...

Pocsuite

This project is an open-sourced remote vulnerability testing and proof-of-concept development framework called Pocsuite, developed by the Knownsec Security Team. It comes with a powerful proof-of-concept engine and many niche features for penetration testers and security researchers. The framewor...

Django-JSONField, the HStoreField SQL injection vulnerability-vulnerability warning-the black bar safety net

! One, Foreword Django is an open source Web application framework made of Python written. The use of a MTV framework of the model, i.e. the Model M, view V and template T. It was originally being developed for the management of the Lawrence Publishing Group, owned by some to the news content bas...

Xymon useradm Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xymon useradm Command Execution', 'Description' = %q This module exploits a command injection vulnerability in Xymon versions before 4.3.25 which...

Xymon 4.3.25 - useradm Command Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xymon useradm Command Execution', 'Description' = %q This module exploits a command injection vulnerability in Xymon versions before 4.3.25 which...

Redis is not authorized to access high-risk vulnerability alerts-a vulnerability alert-the black bar safety net

Recently, Sangfor security team found that open-source databases Redis broke up an unauthorized access vulnerability, the first time for tracking and analysis of early warning. The study found that the use of the vulnerability, the attacker can achieve rally shell for arbitrary code execution...

Xymon useradm Command Execution

This module exploits a command injection vulnerability in Xymon versions before 4.3.25 which allows authenticated users to execute arbitrary operating system commands as the web server user. When adding a new user to the system via the web interface with useradm.sh, the user's username and passwo...