Desktop Linux Password Stealer / Privilege Escalation

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' require 'msf/core/exploit/exe' require 'base64' require 'metasm' class Metasploit4 'Desktop Linux Password Stealer and Privilege...

[SECURITY] Fedora 20 Update: util-linux-2.24.2-2.fc20

The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux contains the fdisk configuration tool and the login program...

Event tracking: Belkin router Belkin router）0day overflow vulnerability analysis-vulnerability warning-the black bar safety net

Vulnerability summary Security researcher Marco Vaz in Belkin n750 the model router found a serious vulnerability that can allow an attacker on the victim's device to get Root access permissions i.e. administrator privileges, the vulnerability of the main attacks is the router's Web...

[SECURITY] Fedora 19 Update: glibc-2.17-21.fc19

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update

Updated glibc packages that fix two security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detaile...

[SECURITY] Fedora 20 Update: ksystemlog-4.14.1-1.fc20

This program is developed for beginner users, who don't know how to find information about their Linux system, and don't know where log files are. It is also of course designed for advanced users, who quickly want to under stand problems of their machine with a more powerful and graphical tool th...

CVE-2014-3532

dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6, when running on Linux 2.6.37-rc4 or later, allows local users to cause a denial of service system-bus disconnect of other services or applications by sending a message containing a file descriptor, then exceeding the maximum recursion depth before...

Create Linux System Backup: Systemback

Create Linux System Backup Systemback makes it easy to create backups of system and users configuration files. In case of problems you can easily restore the previous state of the system. There are extra features like system copying, system installation and Live system creation. Create Linux Syst...

Mandriva Linux Mandrake 7.0 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1265/info The linux cdrecorder binary is vulnerable to a locally exploitable buffer overflow attack. When installed in a Mandrake 7.0 linux distribution, it is by default setgid cdburner which is a group, gid: 80, that is...

Abyss Web Server 1.0/1.1 Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9171/info It has been reported that Abyss Web Server is prone to an authentication bypass vulnerability that may allow an attacker to gain access to server resources. This issue may be carried out by accessing a password...

RedHat Linux 6.0/6.1/6.2 pam_console Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1176/info A vulnerability exists in the pamconsole PAM module, included as part of any Linux system running PAM. pamconsole exists to own certain devices to users logging in to the console of a Linux machine. It is design...

DenyHosts: Denial of service

Background DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks. Description DenyHosts does not properly define the regular expressions used when parsing SSH authentication logs. Impact A remote attacker could possibly cause a Denial of Service...

Debian Security Advisory DSA 2834-1 (typo3-src - several vulnerabilities)

Several vulnerabilities were discovered in TYPO3, a content management system. This update addresses cross-site scripting, information disclosure, mass assignment, open redirection and insecure unserialize vulnerabilities and corresponds to TYPO3-CORE-SA-2013-004 . OpenVAS Vulnerability Test $Id:...

Website url filtering is not strictly caused by downloading any file vulnerability-vulnerability warning-the black bar safety net

At the end of a very busy and recently have been dealing with security issues, of which one example is more representative, and thus wanted to come up with to talk. Probably is such a site in a directory under the provided pdf document to download, but with security, by the path and file name of...

Moderate: Red Hat Security Advisory: glibc security and bug fix update

Updated glibc packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Fedora Update for glibc FEDORA-2013-17475

Check for the Version of glibc OpenVAS Vulnerability Test Fedora Update for glibc FEDORA-2013-17475 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

[SECURITY] Fedora 20 Update: glibc-2.18-9.fc20

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

[SECURITY] Fedora 19 Update: glibc-2.17-14.fc19

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

[SECURITY] Fedora 19 Update: glibc-2.17-13.fc19

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

Apache suEXEC - Information Disclosure / Privilege Escalation

Apache suEXEC privilege elevation / information disclosure Discovered by Kingcope/Aug 2013 The suEXEC feature provides Apache users the ability to run CGI and SSI programs under user IDs different from the user ID of the calling web server. Normally, when a CGI or SSI program executes, it runs as...