WatchGuard XTMv 11.12 Build 516911 - User Management Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications !-- KL-001-2017-004 : WatchGuard XTMv User Management Cross-Site Request Forgery Title: WatchGuard XTMv User Management Cross-Site Request Forgery Advisory ID: KL-001-2017-004 Publication Date: 2017.03.10 Publication URL:...

ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting

!-- ZKTeco ZKAccess Security System 5.3.1 Stored XSS Vulnerability Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version: 5.3.12252 Summary: ZKAccess Systems are built on flexible, open technology to provide...

Python Remote Access Tool: Ares

Ares is a Python Remote Access Tool Only use this software according to your current legislation. Misuse of this software can raise legal and ethical issues which I don’t support nor can be held responsible for. Ares is made of two main programs: A Command aNd Control server, which is a Web...

Ares - Python Botnet and Backdoor

Ares is made of two main programs: A Command aNd Control server, which is a Web interface to administer the agents An agent program, which is run on the compromised host, and ensures communication with the CNC The Web interface can be run on any server running Python. You need to install the...

Android libstagefright - Integer Overflow Remote Code Execution

Exploit for Android platform in category remote exploits !/usr/bin/python2 import cherrypy import os import pwnlib.asm as asm import pwnlib.elf as elf import sys import struct with open'shellcode.bin', 'rb' as tmp: shellcode = tmp.read while lenshellcode % 4 != 0: shellcode += '\x00' heap groomin...

Google Android - libstagefright Integer Overflow Remote Code Execution

Google Android - libstagefright Integer Overflow Remote Code Execution !/usr/bin/python2 import cherrypy import os import pwnlib.asm as asm import pwnlib.elf as elf import sys import struct with open'shellcode.bin', 'rb' as tmp: shellcode = tmp.read while lenshellcode % 4 != 0: shellcode += '\x00...

Google Android - libstagefright Integer Overflow Remote Code Execution

!/usr/bin/python2 import cherrypy import os import pwnlib.asm as asm import pwnlib.elf as elf import sys import struct with open'shellcode.bin', 'rb' as tmp: shellcode = tmp.read while lenshellcode % 4 != 0: shellcode += '\x00' heap grooming configuration allocsize = 0x20 groomcount = 0x4 spraysi...

Quantum vmPRO Default Credentials Check

Nessus was able to login to the remote web administration interface of the Quantum vmPRO appliance using a known set of default credentials. A remote attacker using these credentials would have complete control of the appliance. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Calibre 0.7.34 Cross Site Scripting/ Directory Traversal

waraxe-2010-SA077 - Multiple Vulnerabilities in Calibre 0.7.34 =============================================================================== Author: Janek Vind "waraxe" Date: 20. December 2010 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-77.html Affected Software: Calibre is a fr...

[waraxe-2010-SA#077] - Multiple Vulnerabilities in Calibre 0.7.34

waraxe-2010-SA077 - Multiple Vulnerabilities in Calibre 0.7.34 =============================================================================== Author: Janek Vind "waraxe" Date: 20. December 2010 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-77.html Affected Software: Calibre is a fr...

Fedora Update for python-cherrypy FEDORA-2008-0299

Check for the Version of python-cherrypy OpenVAS Vulnerability Test Fedora Update for python-cherrypy FEDORA-2008-0299 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

Fedora Update for python-cherrypy FEDORA-2008-0333

Check for the Version of python-cherrypy OpenVAS Vulnerability Test Fedora Update for python-cherrypy FEDORA-2008-0333 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

Fedora Update for python-cherrypy FEDORA-2008-0333

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for python-cherrypy FEDORA-2008-0299

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Gentoo Security Advisory GLSA 200605-16 (cherrypy)

The remote host is missing updates announced in advisory GLSA 200605-16. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200801-11 (cherrypy)

The remote host is missing updates announced in advisory GLSA 200801-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200605-16 (cherrypy)

The remote host is missing updates announced in advisory GLSA 200605-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200801-11 (cherrypy)

The remote host is missing updates announced in advisory GLSA 200801-11. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-1481-1 : python-cherrypy - missing input sanitising

It was discovered that a directory traversal vulnerability in CherryPy, a pythonic, object-oriented web development framework, may lead to denial of service by deleting files through malicious session IDs in cookies. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

[SECURITY] [DSA 1481-1] New python-cherrypy packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1481-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 05, 2008 http://www.debian.org/security/faq -...