CVE-2017-7938

Stack-based buffer overflow in DMitry Deepmagic Information Gathering Tool version 1.3a Unix allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a long argument. An example threat model is automated execution of DMitry with hostname string...

CVE-2017-7938

Stack-based buffer overflow in DMitry Deepmagic Information Gathering Tool version 1.3a Unix allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a long argument. An example threat model is automated execution of DMitry with hostname string...

DMitry - ( Deepmagic Information Gathering Tool ) - Local Stack Buffer Overflow Vulnerability

Exploit for linux platform in category local exploits Exploit Title: DmitryDeepmagic Information Gathering Tool Local Stack Buffer Overflow CVE: CVE-2017-7938 CWE: CWE-119 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage:...

Dmitry 1.3a - Local Buffer Overflow (PoC)

Dmitry 1.3a - Local Buffer Overflow PoC Exploit Title: DmitryDeepmagic Information Gathering Tool Local Stack Buffer Overflow CVE: CVE-2017-7938 CWE: CWE-119 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: http://mor-pah.net/software/dmitry-deepmagic-information-gathering-tool/ Versio...

Dmitry 1.3a - Local Buffer Overflow (PoC)

Exploit Title: DmitryDeepmagic Information Gathering Tool Local Stack Buffer Overflow CVE: CVE-2017-7938 CWE: CWE-119 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: http://mor-pah.net/software/dmitry-deepmagic-information-gathering-tool/ Version : 1.3a Unix Exploit Tested on: Parrot ...

Oracle PeopleSoft HCM 9.2 Cross Site Scripting Vulnerability

Exploit for windows platform in category local exploits Application: Oracle PeopleSoft Vendor: Oracle Bugs: XXS Reported: 31.10.2016 Vendor response: 1.11.2016 Date of Public Advisory: 17.01.2017 Reference: Oracle CPU Jan 2017 Authors: Vahagn Vardanyan, Dmitry Yudin 1. ADVISORY INFORMATION Title:...

SAP NetWeaver KERNEL 7.5 Buffer Overflow

Application: SAP NetWeaver KERNEL Versions Affected: SAP NetWeaver KERNEL 7.0-7.5 Vendor URL: http://SAP.com Bugs: Denial of Service Sent: 09.03.2016 Reported: 10.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 12.07.2016 Reference: SAP Security Note 2295238 Author: Dmitry Yudin...

DMitry - Deepmagic Information Gathering Tool

DMitry Deepmagic Information Gathering Tool is a UNIX/GNULinux Command Line Application coded in C language. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan,...

Deepmagic Information Gathering Tool: DMitry

Deepmagic Information Gathering Tool DMitry Deepmagic Information Gathering Tool is a UNIX/GNU Linux Command Line program coded purely in C with the ability to gather as much information as possible about a host. DMitry has a base functionality with the ability to add new functions, the basic...

Siemens SIMATIC STEP 7 (TIA Portal) Information Disclosure Vulnerabilities

OVERVIEW Siemens has released a new version of SIMATIC STEP 7 TIA Portal to mitigate information disclosure vulnerabilities. These vulnerabilities were reported directly to Siemens by Dmitry Sklyarov and Gleb Gritsai from Positive Technologies. Siemens has produced a new version to mitigate these...

Siemens SICAM PAS Information Disclosure Vulnerabilities (Update B)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-182-02A Siemens SICAM PAS Vulnerabilities that was published November 29, 2016, on the NCCIC/ICS-CERT web site. Positive Technologies’ Ilya Karpov and Dmitry Sklyarov have identified two vulnerabilities in the...

Debian Security Advisory DSA 3434-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. CVE-2015-7513 It was discovered that a local user permitted to use the x86 KVM subsystem could configure the PIT emulation to cause a denial of service...

Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2843-3)

Guoyong Gang discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl on /dev/ppp could cause a denial of service system crash. CVE-2015-7799 Dmitry Vyukov discovered that the Linux kernel's...

USN-2843-2: Linux kernel (Wily HWE) vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2829-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2829-2 advisory. It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local...

USN-2829-2: Linux kernel (Vivid HWE) vulnerabilities

It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service system crash. CVE-2015-5283 Dmitry Vyukov discovered that the Linux kernel's keyring handler...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2823-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2823-1 advisory. It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local...

SAP Afaria 7 Cross Site Scripting Vulnerability

SAP Afaria version 7 suffers from a stored cross site scripting vulnerability. Application: SAP Afaria Versions Affected: SAP Afaria 7, probably others Vendor URL: http://SAP.com Bugs: Stored XSS Send: 18.02.2015 Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015...

USN-2765-1 Linux Kernel (Vivid HWE) Vulnerability | Cloud Foundry

USN-2765-1 Linux Kernel Vivid HWE Vulnerability High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 LTS Description It was discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their...

USN-2765-1: Linux kernel (Vivid HWE) vulnerability

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service system crash...