378 matches found
DNSspider - Very Fast, Async Mulithreaded Subdomain Scanner
A very fast multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation. CHANGELOG: v0.9 use async multithreading via concurrent.futures module attack while mutating - don't generate whole list when using -t 1 log only the subdomains to logfile when '-r' was...
OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)
It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out...
OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)
It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out...
NoSQL Exploitation Framework 2.0 - A Framework For NoSQL Scanning and Exploitation
A FrameWork For NoSQL Scanning and Exploitation Framework Authored By Francis Alexander. Added Features: First Ever Tool With Added Support For Mongo,Couch,Redis,H-Base,Cassandra Support For NoSQL WebAPPS Added payload list for JS Injection,Web application Enumeration. Scan Support for...
dirsearch v0.3.8 - Brute Force Directories and Files in Websites
dirsearch is a simple command line tool designed to brute force directories and files in websites. Operating Systems supported Windows XP/7/8/10 GNU/Linux MacOSX Features Multithreaded Keep alive connections Support for multiple extensions -e|--extensions asp,php Reporting plain text, JSON...
CentOS 7 : sssd (CESA-2017:3379)
An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, libsss_sudo, python, sssd security update
CentOS Errata and Security Advisory CESA-2017:3379 An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
dnsenum - Multithreaded perl script to enumerate DNS information
Multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks. OPERATIONS: Get the host’s addresse A record. Get the namservers threaded. Get the MX record threaded. Perform axfr queries on nameservers and get BIND VERSION threaded. Get extra names an...
portSpider - A Lightning Fast Multithreaded Network Scanner Framework With Modules
A lightning fast multithreaded network scanner framework with modules. modules: http - Scan for open HTTP ports, and get the the titles. mysql - Scan for open MySQL servers, and try to log in with the default credentials. mongodb - Scan for open MongoDB instances, and check if they are password...
Reconnoitre - A Security Tool For Multithreaded Information Gathering And Service Enumeration
A reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst also creating a directory structure of results for each host, recommended commands to execute and directory structures for storing loot and flags. Usage This tool can be used and copied f...
Amazon Linux AMI : kernel (ALAS-2017-814)
Possible double free in stcpsendmsg incorrect fix for CVE-2017-5986 : It was found that the code in net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service...
CVE-2017-6353
It was found that the code in net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service invalid unlock and double free via a multithreaded application. This...
CVE-2017-6346
Race condition in net/packet/afpacket.c in the Linux kernel allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via a multithreaded application that makes PACKETFANOUT setsockopt system calls...
Linux kernel local denial of service vulnerability (CNVD-2017-02607)
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the net/packet/afpacket.c file in Linux kernel versions prior to 4.9.13. A local attacker can exploit this vulnerability to...
Race condition
Race condition in net/packet/afpacket.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via a multithreaded application that makes PACKETFANOUT setsockopt system calls...
DEBIAN-CVE-2017-6353
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service invalid unlock and double free via a multithreaded application. NOTE: this vulnerability exists because...
CVE-2017-6353
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service invalid unlock and double free via a multithreaded application. NOTE: this vulnerability exists because...
CVE-2017-6346
Race condition in net/packet/afpacket.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via a multithreaded application that makes PACKETFANOUT setsockopt system calls...
CVE-2017-6353
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service invalid unlock and double free via a multithreaded application. NOTE: this vulnerability exists because...
CVE-2017-6346
CVE-2017-6346 affects the Linux kernel net/packet/af_packet.c, describing a race condition in the PACKET_FANOUT fanout path that can cause a use-after-free in multithreaded user apps. The connected sources confirm this is a local vulnerability with potential denial of service and possible unspeci...