306 matches found
Sttr - Cross-Platform, Cli App To Perform Various Operations On String
sttr is command line software that allows you to quickly run various transformation operations on the string. // With input prompt sttr // Direct input sttr md5 "Hello World" // File input sttr md5 file.text sttr base64-encode image.jpg // Reading from different processor like cat, curl, printf...
Backdoored XZ Utils (CVE-2024-3094)
On Friday, March 29, after investigating anomalous behavior in his Debian sid environment, developer Andres Freund contacted an open-source security mailing list to share that he had discovered an upstream backdoor in widely used command line tool XZ Utils liblzma. The backdoor, added by an...
Exploit for Embedded Malicious Code in Tukaani Xz
Vulnerability Overview XZ is a data compression format that e...
XZ Utils SSHd Backdoor
On March 29th, 2024, security researcher Andres Freund discovered a backdoor in XZ Utils versions 5.6.0 and 5.6.1. Under certain conditions, this backdoor may allow remote access to the targeted system. This disclosure was posted to the Openwall mailing list. The security researcher mentions that...
Arsenal - Just A Quick Inventory And Launcher For Hacking Programs
Arsenal is just a quick inventory, reminder and launcher for pentest commands. This project written by pentesters for pentesters simplify the use of all the hard-to-remember commands In arsenal you can search for a command, select one and it's prefilled directly in your terminal. This functionali...
CVE-2023-24626
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process...
ALPINE-CVE-2023-24626
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process...
CVE-2023-24626
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process...
GNU screen 4.9.0 Privilege Escalation
Exploit Title: GNU screen v4.9.0 - Privilege Escalation Date: 03.02.2023 Exploit Author: Manuel Andreas Vendor Homepage: https://www.gnu.org/software/screen/ Software Link: https://ftp.gnu.org/gnu/screen/screen-4.9.0.tar.gz Version: 4.9.0 Tested on: Arch Linux CVE : CVE-2023-24626 import os impor...
GNU screen v4.9.0 - Privilege Escalation Exploit
Exploit Title: GNU screen v4.9.0 - Privilege Escalation Date: 03.02.2023 Exploit Author: Manuel Andreas Vendor Homepage: https://www.gnu.org/software/screen/ Software Link: https://ftp.gnu.org/gnu/screen/screen-4.9.0.tar.gz Version: 4.9.0 Tested on: Arch Linux CVE : CVE-2023-24626 import os impor...
GNU screen v4.9.0 - Privilege Escalation
Exploit Title: GNU screen v4.9.0 - Privilege Escalation Date: 03.02.2023 Exploit Author: Manuel Andreas Vendor Homepage: https://www.gnu.org/software/screen/ Software Link: https://ftp.gnu.org/gnu/screen/screen-4.9.0.tar.gz Version: 4.9.0 Tested on: Arch Linux CVE : CVE-2023-24626 import os impor...
[ASA-202210-2] linux: multiple issues
Arch Linux Security Advisory ASA-202210-2 ========================================= Severity: Critical Date : 2022-10-14 CVE-ID : CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 Package : linux Type : multiple issues Remote : Yes Link :...
Aruba Networks ArubaOS and InstantOS Command Execution Vulnerabilities
ArubaOS is the network operating system for Aruba Mobility Controllers, Mobility Masters, and controller-managed Access Points APs.InstantOS is an Arch Linux-based distribution. A command execution vulnerability exists in Aruba Networks ArubaOS and InstantOS. The vulnerability stems from the...
Aruba Networks ArubaOS and Instant PAPI Protocol Buffer Overflow Vulnerability
ArubaOS is the network operating system for Aruba Mobility Controllers, Mobility Masters, and controller-managed access points APs. instantOS is an Arch Linux-based distribution. aruba networks ArubaOS and Instant PAPI The Aruba Networks ArubaOS and Instant PAPI protocols are vulnerable to a buff...
[ASA-202207-4] webkit2gtk-4.1: multiple issues
Arch Linux Security Advisory ASA-202207-4 ========================================= Severity: Critical Date : 2022-07-29 CVE-ID : CVE-2022-32792 CVE-2022-32816 Package : webkit2gtk-4.1 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2791 Summary ======= The package...
WEF - Wi-Fi Exploitation Framework
A fully offensive framework to the 802.11 networks and protocols with different types of attacks for WPA and WEP, automated hash cracking, bluetooth hacking and much more. I recommend you my alfa adapter: Alfa AWUS036ACM , which works really great with both, 2.4 and 5 Ghz Tested and supported in...
[ASA-202205-1] python-httpx: access restriction bypass
Arch Linux Security Advisory ASA-202205-1 ========================================= Severity: Critical Date : 2022-05-16 CVE-ID : CVE-2021-41945 Package : python-httpx Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-2718 Summary ======= The package...
[ASA-202205-3] thunderbird: multiple issues
Arch Linux Security Advisory ASA-202205-3 ========================================= Severity: High Date : 2022-05-16 CVE-ID : CVE-2022-1520 CVE-2022-29909 CVE-2022-29911 CVE-2022-29912 CVE-2022-29913 CVE-2022-29914 CVE-2022-29916 CVE-2022-29917 Package : thunderbird Type : multiple issues Remote ...
[ASA-202204-11] powerdns: denial of service
Arch Linux Security Advisory ASA-202204-11 ========================================== Severity: Low Date : 2022-04-15 CVE-ID : CVE-2022-27227 Package : powerdns Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2655 Summary ======= The package powerdns before version...
[ASA-202204-7] gzip: arbitrary command execution
Arch Linux Security Advisory ASA-202204-7 ========================================= Severity: High Date : 2022-04-07 CVE-ID : CVE-2022-1271 Package : gzip Type : arbitrary command execution Remote : No Link : https://security.archlinux.org/AVG-2666 Summary ======= The package gzip before version...