249 matches found
Rekall - The Most Complete Memory Analysis Framework
The Rekall Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated but...
Mandriva Linux Security Advisory : ipython (MDVSA-2015:160)
Updated ipython package fixes security vulnerability : In IPython before 1.2, the origin of websocket requests was not verified within the IPython notebook server. If an attacker has knowledge of an IPython kernel id they can run arbitrary code on a user's machine when the client visits a crafted...
GRR Rapid Response
GRR Rapid Response is an incident response framework focused on remote live forensics. GRR consists of an agent client that can be deployed to a target system, and server infrastructure that can manage and talk to the agent. Client Features: Cross-platform support for Linux, OS X and Windows...
openSUSE Security Update : IPython (openSUSE-SU-2014:1060-1)
This IPython update fixes the following security issue : - RCE in IPython Notebook via cross-origin websocket connection CVE-2014-3429, bnc887577 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Updat...
[ MDVSA-2014:157 ] ipython
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:157 http://www.mandriva.com/en/support/security/ Package : ipython Date : August 8, 2014 Affected: Business Server 1.0 Problem Description: Updated ipython package fixes security vulnerability: In IPython...
IPython code execution
notebook server doesn't check websocket source...
Mandriva Linux Security Advisory : ipython (MDVSA-2014:157)
Updated ipython package fixes security vulnerability : In IPython before 1.2, the origin of websocket requests was not verified within the IPython notebook server. If an attacker has knowledge of an IPython kernel id they can run arbitrary code on a user's machine when the client visits a crafted...
CVE-2014-3429
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...
DEBIAN-CVE-2014-3429
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...
CVE-2014-3429
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...
Code injection
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...
UBUNTU-CVE-2014-3429
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...
PYSEC-2014-21
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...
CVE-2014-3429
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...
PYSEC-2014-21
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...
CVE-2014-3429
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...
CVE-2014-3429
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...
CVE-2014-3429
IPython Notebook 0.12–1.x before 1.2.0 does not validate the origin of websocket requests, enabling remote code execution by a crafted page with kernel ID knowledge. Affected: IPython Notebook server; vulnerability arises from cross-origin websocket hijacking. Impact: arbitrary code execution on ...
Updated ipython package fixes security vulnerability
In IPython before 1.2, the origin of websocket requests was not verified within the IPython notebook server. If an attacker has knowledge of an IPython kernel id they can run arbitrary code on a user's machine when the client visits a crafted malicious page CVE-2014-3429...
MGASA-2014-0320 Updated ipython package fixes security vulnerability
In IPython before 1.2, the origin of websocket requests was not verified within the IPython notebook server. If an attacker has knowledge of an IPython kernel id they can run arbitrary code on a user's machine when the client visits a crafted malicious page CVE-2014-3429...