Local Elevation of Privilege Vulnerability in Multiple IBM DB2 Products

IBM DB2 and DB2 Connect Server for Linux, UNIX, and Windows are database products for Linux, UNIX, and Windows platforms from IBM, U.S.A. DB2 is a relational database management system for use in large application environments.DB2 Connect Server is a DB2 Connect Server is a mainframe database...

The Ultimate Hosts Blacklist

The Ultimate hosts file for protecting your computer or device against over a million bad web sites. Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware. A hosts file for use on any operating system t...

AWS Auditing & Hardening Tool: Zeus

Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access...

CVE-2017-1297

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 includes DB2 Connect Server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159...

Read Asset Identification Tag on scanned host (Linux/Unix SSH Login)

This routine reads the Greenbone Asset Identifier of a system, provided it is a unixoid system offering SSH access. By default, this routine is disabled even it is selected to run. To activate it, it needs to be explicitly enabled with its corresponding preference switch. The file is named asset....

Apache Struts Detection for Linux / UNIX

Binary data strutsdetectnix.nbin...

kernel: Stack corruption while reading /proc/keys when gcc stack protector is enabled

It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks...

CVE-2017-6516

A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. This...

Adobe Flash Player Within Google Chrome Detection (Linux/Unix SSH Login)

SSH login-based detection of Adobe Flash Player within Google Chrome. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 25 Update: dovecot-2.2.27-1.fc25

Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages...

CVE-2016-2946

Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring ITM 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors...

GNU Bourne-Again Shell (Bash) 'Shellshock' - Lenovo Support US

No description provided...

Flexera InstallAnywhere Detection (Linux/Unix SSH Login)

Detects the installed version of Flexera InstallAnywhere on Linux. The script logs in via ssh, searches for executable and queries the version from SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Android security development of ZIP file directory traversal-vulnerability warning-the black bar safety net

ZIP compressed package file to allow the presence of“../”string, an attacker can carefully construct the ZIP file, use multiple“../”thereby changing the ZIP package to a file in the storage position, the cover to replace the application the original file. If the overwritten file is available. so...

CVE-2016-1543

The RPC API in the RSCD agent in BMC BladeLogic Server Automation BSA 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure...

CVE-2016-0211

IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service daemon crash via a crafted DRDA message...

BMC Software BladeLogic Server Automation Suite RSCD Agent Password Reset Vulnerability

BMC Software BladeLogic Server Automation Suite is a solution for managing the lifecycle of servers and applications from BMC Software, USA. A password reset vulnerability exists in the RSCD Agent of the BMC Software BladeLogic Server Automation Suite for Linux and Unix platforms. A remote attack...

flash-plugin: multiple code execution issues fixed in APSB16-08

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a deni...

Amanda 3.3.1 - Local Privilege Escalation

/ AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup solution that allows the IT administrator to set up a single master backup server to back up multiple hosts over network to tape drives/changers or disks or optical media. Amanda uses native utilities and formats e.g. du...

Operating System (OS) Detection (Telnet)

Telnet banner based Operating System OS detection. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH SPDX-FileCopyrightText: Reworked, improved and extended detection code and pattern since 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...