966 matches found
PYSEC-2015-28
OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...
CVE-2015-5306
OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...
CVE-2015-5306
CVE-2015-5306 affects OpenStack Ironic Inspector (ironic-inspector/ironic-discoverd). When Flask debug mode is enabled, an error can expose the Flask debug console, potentially allowing a remote attacker to execute arbitrary Python code. The vulnerability is documented in OSV and Red Hat advisori...
CVE-2015-5306
OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...
PT-2015-6843 · Openstack · Openstack Ironic Inspector
Name of the Vulnerable Software and Affected Versions: OpenStack Ironic Inspector affected versions not specified Description: The issue allows remote attackers to access the Flask console and execute arbitrary Python code by triggering an error when debug mode is enabled. Recommendations: At the...
net-snmp security and bug fix update
1:5.7.2-24 - Fixed lmSensorsTable not reporting sensors with duplicate names 1252053 - Fixed close overhead of extend commands 1252048 - Fixed out-of-bounds write in python code 1252034 1:5.7.2-23 - Fixed parsing of invalid variables in incoming packets 1248414 - Fixed...
SuperScan 4.1 - Windows Enumeration HostnameIPURL Field Overflow (SEH)
SuperScan 4.1 - Windows Enumeration HostnameIPURL Field Overflow SEH !/usr/bin/env python -- coding: utf-8 -- Exploit Title : SuperScan 4.1 Windows Enumeration Hostname/IP/URL Field SEH Overflow Crash PoC Discovery by : Luis Martínez Email : [email protected] Discovery Date : 18/11/2015...
QNap QVR Client 5.1.0.11290 - Crash PoC
Exploit for windows platform in category dos / poc !/usr/bin/env python -- coding: utf-8 -- Exploit Title : QNap QVR Client 5.1.0.11290 Crash PoC Discovery by : Luis Martínez Email : email protected Discovery Date : 05/11/2015 Vendor Homepage: http://www.qnapsecurity.com/n/en/ Software Link :...
CDex Genre 1.79 Stack Buffer Overflow
''' Exploit Title: CDex Genre Stack Buffer Overflow Date: 10/9/2015 Exploit Author: UnN0n Software Link: http://cdex.mu/download Version: 1.79 Tested on: Windows 7 x8632 BIT Steps to Produce the Crash: 1- Generate a File by python code mentioned below. 2- Goto...
Palo Alto Networks Panorama PAN-OS < 6.0.1 Firmware Signature Verification Bypass Arbitrary Code Execution
The remote Panorama appliance is running a version of Palo Alto Networks PAN-OS prior to 6.0.1. It is, therefore, affected by a firmware signature bypass vulnerability due to a flaw in signature verification process that allows an attacker to execute arbitrary Python code within an image file...
CVE-2014-2331
CheckMK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...
Code injection
CheckMK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...
CVE-2014-2331
CheckMK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330...
Netsparker 2.3.x - Remote Code Execution
!/usr/bin/python Title : Netsparker 2.3.X - Remote Code Execution Tested on Netsparker 2.3.x / Win 7 Author : Hesam Bazvand E-Mail : [email protected] FaceBook : https://www.facebook.com/hesam.king73 Twitter : https://twitter.com/hesamking73 Exploit MS14-064 CVE2014-6332 1 . run python code...
Netsparker 2.3.x - Remote Code Execution
Netsparker 2.3.x - Remote Code Execution !/usr/bin/python Title : Netsparker 2.3.X - Remote Code Execution Tested on Netsparker 2.3.x / Win 7 Author : Hesam Bazvand E-Mail : [email protected] FaceBook : https://www.facebook.com/hesam.king73 Twitter : https://twitter.com/hesamking73 Exploit...
Acunetix Web Vulnerability Scanner 9.5 - Crash (PoC)
!/usr/bin/env python Title : Acunetix Web Vulnerability Scanner 9.5 - Crash Proof Of Concept Website : https://www.acunetix.com Tested : win 7 / win 8.1 / win vista Author : Hadi Zomorodi Monavar Email : [email protected] 1 . run python code : python poc.py 2 . open hadi.txt and copy content...
CVE-2015-3446
The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file .cfg...
Code injection
The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file .cfg...
CVE-2015-3446
The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file .cfg...
AlienVault Unified Security Management Plugin Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AlienVault Unified Security Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AlienVault framework daemon which permits remote...