IP-Tools 2.5 - Log to file Local Buffer Overflow (SEH) (Egghunter)

IP-Tools 2.5 - Log to file Local Buffer Overflow SEH Egghunter !/usr/bin/env python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: IP-Tools 2.5 - Local Buffer OverflowEggHunter Date: 2019-02-06 Author:...

IP-Tools 2.5 Local Buffer Overflow

!/usr/bin/env python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: IP-Tools 2.5 - Local Buffer OverflowEggHunter Date: 2019-02-06 Author: Juan Prescotto Tested Against: Win7 Pro SP1 64 bit Software...

IP-Tools 2.5 - Local Buffer Overflow (SEH) (Egghunter) Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: IP-Tools 2.5 - Local Buffer OverflowEggHunter Date: 2019-02-06 Author: Juan...

CVE-2019-7653

The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts...

Rockwell Automation EtherNet/IP Web Server Modules

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: EtherNet/IP Web Server Modules Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker...

CVE-2018-20752

An issue was discovered in Recon-ng before 4.9.5. Lack of validation in the modules/reporting/csv.py file allows CSV injection. More specifically, when a Twitter user possesses an Excel macro for a username, it will not be properly sanitized when exported to a CSV file. This can result in remote...

Security Bulletin: Vulnerabilities in OpenSSL affect Upward Integration Modules (UIM) (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Upward Integration Modules UIM. Upward Integration Modules UIM has addressed the applicableCVEs and included the SSL 3.0 Fallback...

Security Bulletin: Vulnerability in SSLv3 affects IBM BNT Uplink Ethernet Switch Modules for IBM BladeCenter (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM BNT Uplink Ethernet Switch Modules for IBM BladeCenter. Vulnerability Details Summary SSLv3 contains a vulnerability that has been referred...

CIRTKit - Tools For The Computer Incident Response Team

One DFIR console to rule them all. Built on top of theViper Framework Documentation Please see the wiki for more information about CIRTKit and documentation Roadmap Future integrations Bit9 Palo Alto Networks EnCase/FTK Future modules Packet Analysis possibly Dshell Javascript...

Sn0Int - Semi-automatic OSINT Framework And Package Manager

sn0int is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. sn0int is enumerating attack surface by semi-automatically processing public information and mapping the result...

Improper Restriction of XML External Entity Reference in org.springframework.integration:spring-integration-ws and org.springframework.integration:spring-integration-xml

Spring Integration spring-integration-xml and spring-integration-ws modules, versions 4.3.18, 5.0.10, 5.1.1, and older unsupported versions, were susceptible to XML External Entity Injection XXE when receiving XML data from untrusted sources...

Nuuo Central Management Server Authenticated Arbitrary File Download

The Nuuo Central Management Server allows an authenticated user to download files from the installation folder. This functionality can be abused to obtain administrative credentials, the SQL Server database password and arbitrary files off the system with directory traversal. The module will...

Commix v2.7 - Automated All-in-One OS Command Injection And Exploitation Tool

Commix short for command injection exploiter is an automated tool written by Anastasios Stasinopoulos @ancst that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related...

Shed - .NET Runtime Inspector

Shed is an application that allow to inspect the .NET runtime of a program in order to extract useful information. It can be used to inspect malicious applications in order to have a first general overview of which information are stored once that the malware is executed. Shed is able to: Inject ...

Arbitrary Code Execution

openstack-puppet-modules is vulnerable to arbitrary code execution. A known default password is configured in the pcsd daemon, allowing an attacker to gain access to the daemon and execute arbitrary shell commands as root...

Remote Code Execution (RCE)

Django is vulnerable to remote code execution. The django.core.urlresolvers.reverse function allows remote attackers to use a view that constructs URLs to input a "dotted Python path" to import and execute Python modules...

Arbitrary Code Execution

abrt is vulnerable to arbitrary code execution. The /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache tool does not sufficiently sanitize its environment variables, allowing arbitrary Python modules to be loaded and run from non-standard directories such as /tmp. A local attacker is able t...

PHP 5.6.x < 5.6.26 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.26. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in ext/standard/varunserializer.re when destroying deserialized objects due to improper validation of user-supplied input...

Linux: Mounting of vfat filesystems

Older Windows systems and portable USB drives or flash modules use the FAT filesystem. The vfat module supports FAT12, FAT16 and FAT32. Linux kernel modules which implement filesystems that are not needed by the local system should be disabled. Note: This script looks for entry...

Fedora 28 : knot-resolver (2018-c894f896fd)

Knot Resolver 2.4.0 2018-07-03 ================================ Incompatible changes -------------------- - minimal libknot version is now 2.6.7 to pull in latest fixes 366 Security -------- - fix a rare case of zones incorrectly dowgraded to insecure status !576 New features ------------ - TLS...