1109 matches found
Adobe Flash Player PCRE Regex Vulnerability
This module exploits a vulnerability found in Adobe Flash Player. A compilation logic error in the PCRE engine, specifically in the handling of the \c escape sequence when followed by a multi-byte UTF8 character, allows arbitrary execution of PCRE bytecode. This module requires Metasploit:...
Security update for clamav (important)
clamav was updated to version 0.98.5 to fix two security issues. These security issues were fixed: - Segmentation fault when processing certain files CVE-2013-6497. - Heap-based buffer overflow when scanning crypted PE files CVE-2014-9050. The following non-security issues were fixed: - Support f...
[SECURITY] Fedora 20 Update: pam-1.1.8-2.fc20
PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...
THC-Hydra 8.1 - Network Logon Cracker
A very fast network logon cracker which support many different services. See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept...
[SECURITY] Fedora 19 Update: arm-none-eabi-binutils-cs-2014.05.28-3.fc19
This is a cross-compilation version of GNU Binutils, which can be used to assemble and link binaries for the arm-none-eabi platform. This Binutils package is based on the CodeSourcery 2014.05-28 release, which includes improved ARM target support compared to the corresponding FSF release...
Fedora 21 : clamav-0.98.5-1.fc21 (2014-15434)
ClamAV 0.98.5 ============= ClamAV 0.98.5 also includes these new features and bug fixes : - Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. Addition of shared library support for LLVM versions 3.1 - 3.5 for the purpose of just-in-timeJIT...
[SECURITY] Fedora 21 Update: arm-none-eabi-binutils-cs-2014.05.28-3.fc21
This is a cross-compilation version of GNU Binutils, which can be used to assemble and link binaries for the arm-none-eabi platform. This Binutils package is based on the CodeSourcery 2014.05-28 release, which includes improved ARM target support compared to the corresponding FSF release...
[SECURITY] Fedora 20 Update: arm-none-eabi-binutils-cs-2014.05.28-3.fc20
This is a cross-compilation version of GNU Binutils, which can be used to assemble and link binaries for the arm-none-eabi platform. This Binutils package is based on the CodeSourcery 2014.05-28 release, which includes improved ARM target support compared to the corresponding FSF release...
SuSE 11.3 Security Update : clamav (SAT Patch Number 10016)
clamav was updated to version 0.98.5 to fix three security issues and several non-security issues. These security issues have been fixed : - Crash when scanning maliciously crafted yoda's crypter files. CVE-2013-6497 - Heap-based buffer overflow when scanning crypted PE files. CVE-2014-9050 - Cra...
Security update for clamav (important)
clamav was updated to version 0.98.5 to fix two security issues. These security issues were fixed: - Segmentation fault when processing certain files CVE-2013-6497. - Heap-based buffer overflow when scanning crypted PE files CVE-2014-9050. The following non-security issues were fixed: - Support f...
OracleVM 3.2 : kernel-uek (OVMSA-2013-0003)
The remote OracleVM system is missing necessary patches to address critical security updates : - bonding: fixup typo in rlb mode of bond and bridge fix Guru Anbalagane Orabug: 16069448 - bonding: rlb mode of bond should not alter ARP originating via bridge zheng.li Orabug: 14650975 - compilation...
Bash Me Some More
Good morning! This is kinda long. == Background == If you are not familiar with the original bash function export vulnerability CVE-2014-6271, you may want to have a look at this article: http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html Well, long story short: the...
openSUSE Security Update : dbus-1 (openSUSE-SU-2014:1228-1)
DBUS-1 was upgraded to upstream release 1.8. This brings the version of dbus to the latest stable release from an unstable snapshot 1.7.4 that is know to have several regressions - Upstream changes since 1.7.4 : + Security fixes : - Do not accept an extra fd in the padding of a cmsg message, whic...
[SECURITY] Fedora 21 Update: icecream-1.0.1-8.20140822git.fc21
Icecream is a distributed compile system. It allows parallel compiling by distributing the compile jobs to several nodes of a compile network running the icecc daemon. The icecc scheduler routes the jobs and provides status and statistics information to the icecc monitor. Each compile node can...
[SECURITY] Fedora 20 Update: distcc-3.2rc1-8.fc20
distcc is a program to distribute compilation of C or C++ code across several machines on a network. distcc should always generate the same results as a local compile, is simple to install and use, and is often two or more times faster than a local compile...
[SECURITY] Fedora 19 Update: distcc-3.2rc1-4.fc19
distcc is a program to distribute compilation of C or C++ code across several machines on a network. distcc should always generate the same results as a local compile, is simple to install and use, and is often two or more times faster than a local compile...
一步步击溃PHPYUN(另类方法绕过防注入)
简要描述: 由某处SQL注入引起,最终通过组合漏洞击溃PHPYUN 详细说明: 测试版本:PHPYUN 3.1 GBK beta 20140728 PHPYUN使用了两套waf,一套自己写的,一套360的,从第一套开始。 \data\db.safety.php: quotesGPC; // 效果:addslashes if$config'syistemplate'!='1' || md5md5$config'sysafekey'.$GET'm'!=$POST'safekey' foreach$POST as $id=$v safesql$id,$v,"POST",$config; $id...
Real Server 7/8/9 Remote Root Exploit (Windows & Linux)
No description provided by source. / / THCREALbad 0.4 - Wind0wZ & Linux remote root exploit / Exploit by: Johnny Cyberpunk thehackerschoice / THC PUBLIC SOURCE MATERIALS / / http://www.service.real.com/help/faq/security/rootexploit082203.html / / After successful exploitation of a Linux box just...
MailEnable Mail Server IMAP <= 1.52 Remote Buffer Overflow Exploit
No description provided by source. / MailEnable , IMAP Service, Remote Buffer Overflow Exploit v0.4 Homepage : www.mailenable.com Affected versions: Pro v1.52 Enterprise v1.01 Bug discovery : Nima Majidi at www.hat-squad.com Exploit code : class101 at www.hat-squad.com & dfind.kd-team.com Fix :...
Apache Portable Runtime, APR Utility Library: Denial of service
Background The Apache Portable Runtime aka APR provides a set of APIs for creating platform-independent applications. The Apache Portable Runtime Utility Library aka APR-Util provides an interface to functionality such as XML parsing, string matching and database connections. Description Multiple...