97 matches found
Security update for cups-filters
This update for cups-filters fixes the following issues: cups-browsed would bind on UDP INADDRANY:631 and trust any packet from any source to trigger a Get-Printer-Attributes IPP request to an attacker controlled URL. This patch removes support for the legacy CUPS and LDAP protocols, the previous...
postgresql:10 security update
10.23-2.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35103668 10.23-2 - Backport fixes for CVE-2023-2454 and CVE-2023-2455 - Update postgresql-setup to 8.7 https://github.com/devexp-db/postgresql-setup/pull/35 - Resolves: 2207931 10.23-1 - Resolves: CVE-2022-2625 - Rebase to...
postgresql:12 security update
pgaudit pgrepack postgres-decoderbufs postgresql 12.15-1.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35103668 12.15-1 - Update postgresql-setup to 8.7 https://github.com/devexp-db/postgresql-setup/pull/35 - Resolves: 2207932 - Update to version 12.15...
postgresql security update
13.11-1.0.1 - Fixed postgresql port binding issue during bootup Orabug: 35420628 13.11-1 - Update to 13.11 - Resolves: 2207935...
SUSE CVE-2007-2480
The udplibgetport function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other application...
SUSE CVE-2018-20587
Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0.17.x before 0.17.1.knots20181229 have Incorrect Access Control. Local users can exploit this to steal currency by binding the RPC IPv4 localhost port, and forwarding requests to the IPv6 localhost port...
Linux/x86 Bindshell With Dynamic Port Binding Shellcode (102 bytes)
Exploit Title: Linux/x86 - bindshell with dynamic shellcode port binding size: 102 bytes Exploit Author: d7x Tested on: Ubuntu x86 / x86 bindshell with dynamic shellcode port binding size: 102 bytes tested on Ubuntu 12.04 LTS Author: d7x https://d7x.promiselabs.net/ https://www.promiselabs.net/ /...
CVE-2021-35448
Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections...
Release Information for Huawei Plug-In for Veeam Backup & Replication
Huawei Plug-In - End of Life The Huawei Plug-In for Veeam Backup & Replication reached End-of-Life on 2022-04-22 and is no longer available. Requirements Before installing Huawei Plug-In v1.0.23, ensure that you are running Veeam Backup & Replication 10.0.0.4461 or later. To check the version, op...
openSUSE Security Update : coturn (openSUSE-2020-937)
This update for coturn fixes the following issues : Version 4.5.1.3 : - Remove reference to SSLv3: ghcoturn/coturn566 - Ignore MD5 for BoringSSL: ghcoturn/coturn579 - STUN response buffer not initialized properly; he issue found and reported ghcoturn/coturn583 by Felix Drre all credits belongs to...
OPENSUSE-SU-2020:0937-1 Security update for coturn
This update for coturn fixes the following issues: Version 4.5.1.3: Remove reference to SSLv3: ghcoturn/coturn566 Ignore MD5 for BoringSSL: ghcoturn/coturn579 STUN response buffer not initialized properly; he issue found and reported ghcoturn/coturn583 by Felix D�rre all credits belongs to him...
PT-2019-10115
Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions 0.12.0 through 0.17.1 Bitcoin Knots versions 0.12.0 through 0.17.x before 0.17.1.knots20181229 Description: The issue allows local users to exploit Incorrect Access Control, potentially leading to currency theft. This is...
Linux/x86 - Bind (4444/TCP) Shell Shellcode (105 bytes)
/ ; Filename: tcpbindshellcodelight.nasm ; Author: Paolo Perego ; Website: https://codiceinsicuro.it ; Twitter: @thesp0nge ; SLAE-ID: 1217 ; Purpose: binds on TCP port 4444 and spawn a shell on incoming connections. global start section .text start: ; Creating the socket. ; ; int socketint domain...
HP PageWide Printers HP OfficeJet Pro Printers (OfficeJet Pro 8210) - Arbitrary Code Execution
HP PageWide Printers HP OfficeJet Pro Printers OfficeJet Pro 8210 - Arbitrary Code Execution Create a bind shell on an unpatched OfficeJet 8210 Write a script to profile.d and reboot the device. When it comes back online then nc to port 1270. easysnmp instructions: sudo apt-get install libsnmp-de...
Quest Privilege Manager pmmasterd Buffer Overflow
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Quest Privilege Manager pmmasterd Buffer Overflow', 'Description' = %q This modules exploits a buffer overflow in the Quest Privilege Manager, a...
CVE-2017-7269 a few tips and BUG fixes-vulnerability warning-the black bar safety net
Seen the analysis, to talk about the use of a few tips. 1. Vulnerability scope The original poc above wrote only applies to the 03 r2, in fact, the most common of 03 sp2 can also be directly reproduced, so it seems that the attack range is very large, after all, the domestic selling most of the 0...
Apache-+-PHP-5.x
quick'n'dirty VERY UGLYY C=000DEEE IZ N0T MY STYLE : - for connect back shell start netcat/nc and bind port on given host:port - is ip-range scanner not is multithreaded, but iz multithreaded iz in random scanner and is scanner from file greets to MustLive - no ssl support - more php paths can be...
TildeSlash Monit 1-4 Authentication Handling Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10581/info It is reported that TildeSlash Monit is vulnerable to a buffer overflow vulnerability during authentication handling. This issue arises due to a failure of the affected application to properly handle...
CylantSecure 1.0 Kernel Module Syscall Rerouting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2958/info CylantSecure is a commercial Linux hardening tool and security infrastructure available from Cylant Technology. A problem in the CylantSecure infrastructure could allow users to escape monitoring. A user with ro...
Polymorphic Bindport 31337 with setreuid (0,0) linux/x86
No description provided by source. / Title : Polymorphic shellcode that bindport to 31337 with setreuid 0,0 x86 linux shellcode. Name : 131 bytes bind port 31337 x86 linux polymorphic shellcode. Date : Sat Jun 17 21:27:03 2010 Author : gunslinger yudha.gunslingeratgmail.com Web :...