Lucene search
+L

572 matches found

FreeBSD
FreeBSD
added 2012/08/13 12:0 a.m.34 views

ansible -- enable host key checking in paramiko connection type

Ansible changelog reports: Host key checking is on by default. Disable it if you like by adding hostkeychecking=False in the default section of /etc/ansible/ansible.cfg or /ansible.cfg or by exporting ANSIBLEHOSTKEYCHECKING=False...

7.4CVSS7.6AI score0.01963EPSS
Exploits0References3
0day.today
0day.today
added 2012/02/29 12:0 a.m.25 views

Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit (Egghunter)

Exploit for windows platform in category remote exploits Sysax Multi Server version 5.53 SFTP post authentication SEH exploit with egghunter shellcode that binds a shell to port 4444. !/usr/bin/python Title: Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit Egghunter Author: Craig Freyman @cd1zz...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2012/02/27 12:0 a.m.11 views

Sysax Multi Server 5.53 - SFTP (Authenticated) (SEH)

Sysax Multi Server 5.53 - SFTP Authenticated SEH !/usr/bin/python Title: Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit Egghunter Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit Software Versions Tested: 5.53 Date Discovered: Febrary 22, 2012 Vendor Contacted: Febrary 23, 2012 Vendor...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2012/02/27 12:0 a.m.16 views

Sysax 5.53 - SSH Username Remote Buffer Overflow Remote Code Execution (Egghunter)

Sysax 5.53 - SSH Username Remote Buffer Overflow Remote Code Execution Egghunter !/usr/bin/python Title: Sysax " sys.exit1 host = sys.argv1 port = intsys.argv2 egghunter = "\x66\x81\xca\xff\x0f\x42\x52\x6a\x02\x58\xcd\x2e\x3c\x05" "\x5a\x74\xef\xb8\x44\x4e\x57\x50\x8b\xfa\xaf\x75\xea\xaf"...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2012/02/27 12:0 a.m.20 views

Sysax 5.53 SSH Username Buffer Overflow Exploit

!/usr/bin/python Title: Sysax " sys.exit1 host = sys.argv1 port = intsys.argv2 egghunter = "\x66\x81\xca\xff\x0f\x42\x52\x6a\x02\x58\xcd\x2e\x3c\x05" "\x5a\x74\xef\xb8\x44\x4e\x57\x50\x8b\xfa\xaf\x75\xea\xaf" "\x75\xe7\xff\xe7" msfpayload windows/shellbindtcp LPORT=4444 R | msfencode -e -e...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2012/02/27 12:0 a.m.21 views

Sysax Multi Server 5.53 - SFTP (Authenticated) (SEH)

!/usr/bin/python Title: Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit Egghunter Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit Software Versions Tested: 5.53 Date Discovered: Febrary 22, 2012 Vendor Contacted: Febrary 23, 2012 Vendor Response: February 27, 2012 Vendor Fix: Version 5.55...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/06/29 12:0 a.m.23 views

Sysax Multi Server Add Administrator

Assuming the server is running as admin the overflow can actually be used to execute arbitrary code. In our example we spawn an instance of cmd.exe and create a new admin, Billyboy, with a password of woot. This has been tested with Windows XP SP2. +-------- Start Exploit --------+ import paramik...

0.6AI score
Exploits0
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.27 views

Fedora Update for python-paramiko FEDORA-2008-0722

Check for the Version of python-paramiko OpenVAS Vulnerability Test Fedora Update for python-paramiko FEDORA-2008-0722 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

4.3CVSS6.4AI score0.0162EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.22 views

Fedora Update for python-paramiko FEDORA-2008-0644

Check for the Version of python-paramiko OpenVAS Vulnerability Test Fedora Update for python-paramiko FEDORA-2008-0644 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

4.3CVSS6.4AI score0.0162EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.16 views

Fedora Update for python-paramiko FEDORA-2008-0644

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS6.7AI score0.0162EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.14 views

Fedora Update for python-paramiko FEDORA-2008-0722

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS6.7AI score0.0162EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2009/02/02 3:41 a.m.4 views

paramiko

No d...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.18 views

Gentoo Security Advisory GLSA 200803-07 (paramiko)

The remote host is missing updates announced in advisory GLSA 200803-07. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

4.3CVSS6.5AI score0.0162EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.19 views

Gentoo Security Advisory GLSA 200803-07 (paramiko)

The remote host is missing updates announced in advisory GLSA 200803-07. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.7AI score0.0162EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2008/03/07 12:0 a.m.19 views

GLSA-200803-07 : Paramiko: Information disclosure

The remote host is affected by the vulnerability described in GLSA-200803-07 Paramiko: Information disclosure Dwayne C. Litzenberger reported that the file 'common.py' does not properly use RandomPool when using threads or forked processes. Impact : A remote attacker could predict the values...

4.3CVSS5.4AI score0.0162EPSS
Exploits1References2
securityvulns
securityvulns
added 2008/03/04 12:0 a.m.34 views

Paramiko SSH server weak encryption

Weak PRNG generator is used for encryption...

4.3CVSS1.7AI score0.0162EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2008/03/04 12:0 a.m.58 views

[ GLSA 200803-07 ] Paramiko: Information disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200803-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...

4.3CVSS6AI score0.0162EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2008/03/03 12:0 a.m.31 views

Paramiko: Information disclosure

Background Paramiko is a Secure Shell Server implementation written in Python. Description Dwayne C. Litzenberger reported that the file "common.py" does not properly use RandomPool when using threads or forked processes. Impact A remote attacker could predict the values generated by applications...

4.3CVSS6.3AI score0.0162EPSS
Exploits1
Prion
Prion
added 2008/01/16 11:0 p.m.12 views

Session fixation

common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool...

4.3CVSS6.4AI score0.0162EPSS
Exploits1References12Affected Software1
NVD
NVD
added 2008/01/16 11:0 p.m.27 views

CVE-2008-0299

common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool...

4.3CVSS5.9AI score0.0162EPSS
Exploits1References12
Rows per page
Query Builder