266 matches found
Downloads Resources over HTTP
Overview Affected versions of dalek-browser-ie insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...
Downloads Resources over HTTP
Overview Affected versions of install-nw insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution o...
Downloads Resources over HTTP
Overview Affected versions of strider-sauce insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code executio...
Downloads Resources over HTTP
Overview Affected versions of selenium-download insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...
KLA10909 Security vulnerabilitity in Mozilla Firefox
An unspecified vulnerability was found in Mozilla Firefox 49 and 50. It can be exploited to gain priveleges. Technical details Redirection from HTTP connection to a data:URL assigns the referring of site origin to the data: URL in some cases. Because of that same-origin violations against a domai...
Censys Search
The module uses the Censys REST API to access the same data accessible through the web interface. The search endpoint allows queries using the Censys Search Language against the Hosts dataset. Setting the CERTIFICATES option will also retrieve the certificate details for each relevant service by...
Race condition
Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open...
CVE-2016-7098
CVE-2016-7098 affects GNU Wget 1.17 and earlier. A race condition in recursive/mirroring mode can allow remote servers to bypass access-list restrictions by keeping an HTTP connection open. Public evidence includes exploit-db entries for GNU Wget
CVE-2016-7098
Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open...
CVE-2016-7098
Race condition in wget 1.17 and earlier, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open...
Fierce - A DNS Reconnaissance Tool for Locating Non-Contiguous IP Space
First, credit where credit is due, fierce was originally written by RSnake along with others at http://ha.ckers.org/ . This is simply a conversion to Python 3 to simplify and modernize the codebase. The original description was very apt, so I'll include it here: Fierce is a semi-lightweight scann...
Debian DSA-3590-1 : chromium-browser - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2016-1667 Mariusz Mylinski discovered a cross-origin bypass. - CVE-2016-1668 Mariusz Mylinski discovered a cross-origin bypass in bindings to v8. - CVE-2016-1669 Choongwoo Han discovered a buffer overflow in the v8...
[SECURITY] [DSA 3590-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3590-1 [email protected] https://www.debian.org/security/ Michael Gilbert June 01, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3590-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1667 Mariusz Mylinski discovered a cross-origin bypass. CVE-2016-1668 Mariusz Mylinski discovered a cross-origin bypass in bindings to v8. CVE-2016-1669 Choongwoo Han discovered a buffer overflow in the v8 javascri...
DSA-3590-1 chromium-browser - security update
Bulletin has no description...
Google Chrome < 51.0.2704.63 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 51.0.2704.63. It is, therefore, affected by multiple vulnerabilities as referenced in the 201605stable-channel-update25 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers...
DNS reconnaissance tool: Fierce
Fierce is a DNS reconnaissance tool for locating non-contiguous IP space Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains. It’s really meant as a pre-cursor to nmap, unicornscan, nessus, nikto, etc, since all of those require...
Insecure Defaults Leads to Potential MITM
Overview Affected versions of ezseed-transmission download and run a script over an HTTP connection. An attacker in a privileged network position could launch a Man-in-the-Middle attack and intercept the script, replacing it with malicious code, completely compromising the system running...
New Relic: Server Side Browsing - localhost open port enumeration
Hi again to all, I've found that is possible to scan all the open ports and network information of internal instances of your amazon DC that are related with synthetics monitors. NOTE: I do not have a pro account so I can use the more advanced synthetics functions or the Insights db query to get...
Endian Firewall < 3.0.0 - OS Command Injection (Python PoC) Exploit
Exploit for cgi platform in category remote exploits !/usr/bin/env python Endian Firewall Proxy User Password Change /cgi-bin/chpasswd.cgi OS Command Injection Exploit POC Reverse TCP Shell Ben Lincoln, 2015-06-28 http://www.beneaththewaves.net/ Requires knowledge of a valid proxy username and...