August 23, 2016 — KB3176934 (OS Build 14393.82)

August 23, 2016 — KB3176934 OS Build 14393.82 This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Network Controller, DNS server, gateways, Storage Spaces Direct, Group Managed Service...

Parrot Security 4.2.2 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

Updated kernel and core packages Parrot 4.2 is powered by the latestLinux 4.18 debianized kernel with all the usual wireless patches. A new version of the Debian-Installer now powers our netinstall images and the standard Parrot images. Firmware packages were updated to add broader hardware...

PowerShell Front-End for Windows Debugger Engine: DbgShell

The main impetus for DbgShell is that it’s just waaaay too hard to automate anything in the debugger. There are facilities today to assist in automating the debugger, of course. But in my opinion they are not meeting people’s needs. Using the built-in scripting language is arcane, limited,...

chromium-browser: Local file access in DevTools

Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system without file access permission via a crafted Chrome Extension...

CVE-2018-16081

Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system without file access permission via a crafted Chrome Extension...

Immunity Debugger 1.85 Denial Of Service

Exploit Title: Immunity Debugger 1.85 - Denial of Service PoC Author: Gionathan "John" Reale Date: 2018-08-28 Homepage: https://www.immunityinc.com/ Software Link: https://www.immunityinc.com/products/debugger/index.html Tested Version: v1.85 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run...

Immunity Debugger 1.85 - Denial of Service

Exploit for windows platform in category dos / poc Exploit Title: Immunity Debugger 1.85 - Denial of Service PoC Author: Gionathan "John" Reale Homepage: https://www.immunityinc.com/ Software Link: https://www.immunityinc.com/products/debugger/index.html Tested Version: v1.85 Tested on OS: Window...

Immunity Debugger 1.85 - Denial of Service (PoC)

Exploit Title: Immunity Debugger 1.85 - Denial of Service PoC Author: Gionathan "John" Reale Date: 2018-08-28 Homepage: https://www.immunityinc.com/ Software Link: https://www.immunityinc.com/products/debugger/index.html Tested Version: v1.85 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run...

Immunity Debugger 1.85 - Denial of Service (PoC)

Immunity Debugger 1.85 - Denial of Service PoC Exploit Title: Immunity Debugger 1.85 - Denial of Service PoC Author: Gionathan "John" Reale Date: 2018-08-28 Homepage: https://www.immunityinc.com/ Software Link: https://www.immunityinc.com/products/debugger/index.html Tested Version: v1.85 Tested ...

Ring 0 Army Knife: r0ak

r0ak is a Windows command-line utility that enables you to easily read, write, and execute kernel-mode code with some limitations from the command prompt, without requiring anything else other than Administrator privileges. Motivation The Windows kernel is a rich environment in which hundreds of...

EKFiddle - A Framework Based On The Fiddler Web Debugger To Study Exploit Kits, Malvertising And Malicious Traffic In General

A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. Installation Download and install the latest version of Fiddler https://www.telerik.com/fiddler Special instructions for Linux and Mac here:...

[SECURITY] Fedora 27 Update: seamonkey-2.49.4-1.fc27

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

openSUSE Security Update : Chromium (openSUSE-2018-759)

This update for Chromium to version 67.0.3396.99 fixes multiple issues. Security issues fixed bsc1095163 : - CVE-2018-6123: Use after free in Blink - CVE-2018-6124: Type confusion in Blink - CVE-2018-6125: Overly permissive policy in WebUSB - CVE-2018-6126: Heap buffer overflow in Skia -...

Security update for Chromium (important)

This update for Chromium to version 67.0.3396.99 fixes multiple issues. Security issues fixed bsc1095163: - CVE-2018-6123: Use after free in Blink - CVE-2018-6124: Type confusion in Blink - CVE-2018-6125: Overly permissive policy in WebUSB - CVE-2018-6126: Heap buffer overflow in Skia -...

Security update for perl (important)

This update for perl fixes the following issues: This security issue was fixed: - CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a directory-traversal protection mechanism and overwrite arbitrary files bsc1096718 This non-security issue was fixed: - fix debugger crash ...

SUSE-SU-2018:1972-1 Security update for perl

This update for perl fixes the following issues: These security issue were fixed: - CVE-2018-6913: Fixed space calculation issues in pppack.c bsc1082216. - CVE-2018-6798: Fixed heap buffer overflow in regexec.c bsc1082233. - CVE-2018-6797: Fixed sharp-s regexp overflow bsc1082234. - CVE-2018-1201...

GHSA-GHJX-3JG5-H6R2 Mercurial has Incorrect Permission Assignment for Critical Resource

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name...

Mercurial has Incorrect Permission Assignment for Critical Resource

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name...

Debian DSA-4237-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2018-6118 Ned Williamson discovered a use-after-free issue. - CVE-2018-6120 Zhou Aiting discovered a buffer overflow issue in the pdfium library. - CVE-2018-6121 It was discovered that malicious extensions could...

CVE-2018-5167

The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display...