massExpConsole - Collection of Tools and Exploits with a CLI UI

Collection of Tools and Exploits with a CLI UI What does it do? an easy-to-use user interface cli execute any adapted exploit with process-level concurrency crawler for baidu and zoomeye a simple webshell manager some built-in exploits automated more to come... Requirements GNU/Linux or MacOS, WS...

Ubuntu: Security Advisory (USN-3134-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2016-0296 Updated python3/python packages fix security vulnerability

Fix for CVE-2016-1000110 HTTPoxy attack. Many software projects and vendors have implemented support for the “Proxy” request header in their respective CGI implementations and languages by creating the “HTTPPROXY” environmental variable based on the header value. When this variable is used in man...

MGASA-2016-0282 Updated python-django packages fix security vulnerability

It was discovered that Django is prone to a cross-site scripting vulnerability in the admin's add/change related popup CVE-2016-6186...

[SECURITY] Fedora 24 Update: pulp-python-1.1.2-1.fc24

Provides a collection of platform plugins and client extensions support for Python packages...

AWS OpenVPN Deployment Tool: AutoVPN

AWS OpenVPN Deployment Tool Dependencies: boto and paramiko python packages and aws .credentials file on system 1. Clone repo to system. 2. Execute autovpn with -C -k and -r options to deploy to AWS ./autovpn -C -r us-east-1 -k macbook 3. OpenVPN config files are downloaded to current working...

MGASA-2016-0230 Updated python packages fix security vulnerabilities

Updated python and python3 packages fixes security vulnerability: - Heap overflow in zipimporter module CVE-2016-5636. - HTTP header injection in urrlib2/urllib/httplib/http.client CVE-2016-5699. - smtplib StartTLS stripping attack CVE-2016-0772...

MGASA-2015-0460 Updated python-cryptography packages fix security vulnerability

The OpenSSL backend prior to 1.0.2 made extensive use of assertions to check response codes where our tests could not trigger a failure. However, when Python is run with -O these asserts are optimized away. If a user ran Python with this flag and got an invalid response code this could result in...

MGASA-2015-0091 Updated python packages fix CVE-2014-9365

Updated python packages fix security vulnerability: When Python's standard library HTTP clients httplib, urllib, urllib2, xmlrpclib are used to access resources with HTTPS, by default the certificate is not checked against any trust store, nor is the hostname in the certificate checked against th...

Mandriva Linux Security Advisory : python (MDVSA-2014:197)

Updated python packages fix security vulnerability : Python before 2.7.8 is vulnerable to an integer overflow in the buffer type CVE-2014-7185. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandriva Linux Security...

MGASA-2014-0399 Updated python packages fix CVE-2014-7185

Updated python packages fix security vulnerability: Python before 2.7.8 is vulnerable to an integer overflow in the buffer type CVE-2014-7185...

MGASA-2014-0216 Updated python3 packages fix security vulnerability

It was reported that a patch added to Python 3.2 caused a race condition where a file created could be created with world read/write permissions instead of the permissions dictated by the original umask of the process. This could allow a local attacker that could win the race to view and edit fil...

Updated python3, bzr and some python packages fix security vulnerabilties

Updated python3 packages fix security vulnerabilities: A denial of service flaw was found in the way SSL module implementation of Python 3 performed matching of the certificate's name in the case it contained many '' wildcard characters. A remote attacker, able to obtain valid certificate with it...

MGASA-2013-0250 Updated python packages fix CVE-2013-4238 and pip

Updated python packages fix security vulnerability: Ryan Sleevi of the Google Chrome Security Team has discovered that Python's SSL module doesn't handle NULL bytes inside subjectAltNames general names. This could lead to a breach when an application uses ssl.matchhostname to match the hostname...

Oracle Linux 4 : python (ELSA-2011-0260)

From Red Hat Security Advisory 2011:0260 : Updated python packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS ba...

VMSA-2012-0016 : VMware security updates for vSphere API and ESX Service Console

a. VMware vSphere API denial of service vulnerability The VMware vSphere API contains a denial of service vulnerability. This issue allows an unauthenticated user to send a maliciously crafted API request and disable the host daemon. Exploitation of the issue would prevent management activities o...

Slackware Advisory SSA:2008-217-01 python

The remote host is missing an update as announced via advisory SSA:2008-217-01. OpenVAS Vulnerability Test $Id: esoftslkssa200821701.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware Advisory SSA:2005-111-02 Python SimpleXMLRPCServer module

The remote host is missing an update as announced via advisory SSA:2005-111-02. OpenVAS Vulnerability Test $Id: esoftslkssa200511102.nasl 6649 2017-07-10 11:37:47Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Mandriva Linux Security Advisory : firefox (MDVSA-2010:147)

Security issues were identified and fixed in firefox : layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary co...

Mandriva Update for blogtk MDVA-2010:070 (blogtk)

Check for the Version of blogtk OpenVAS Vulnerability Test Mandriva Update for blogtk MDVA-2010:070 blogtk Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...