2294 matches found
Red Team Tool Roundup
In many cases Red Team tools are not written because someone feels like writing a tool, or wakes up one morning thinking, “I want to write a tool today”. Red Teamers generally identify tedious tasks in their methodology and then create tools that automate these tasks for current and future...
CVE-2016-4429
CVE-2016-4429: In glibc, a stack-based buffer overflow in sunrpc/clnt_udp.c:clntudp_call can be triggered by a flood of crafted ICMP/UDP packets, enabling a remote attacker to cause a denial of service (crash) and possibly other impact. Connected docs confirm the issue as a buffer overflow in the...
CVE-2 0 1 6-2 5 6 3 vulnerability analysis and exploit-vulnerability warning-the black bar safety net
0x01 vulnerability description Using putty's pscp components can achieve the Windows and theLinux serverbetween the remote copy of the file. Recently 3 to on 7, broke the pscp in the presence of a buffer overflow vulnerability, when from the server-side copy of the file, the pscp client the sscan...
File Replication Pro Information Disclosure Vulnerability
File Replication Pro is a file management solution for backing up, copying files from different network nodes. An information disclosure vulnerability exists in File Replication Pro version 7.2.0 and earlier. As File Replication Pro allows a malicious user to access arbitrary files on a remote...
CVE-2016-4555
CVE-2016-4555 affects Squid 3.x (before 3.5.18) and 4.x (before 4.0.10); DoS/crash via crafted Edge Side Includes (ESI) responses due to incorrect pointer handling and ref-counting. Connected advisories indicate fixes in Squid 3.4.8-6+deb8u3 and 3.5.19-1 (Debian), CentOS/RHSA advisories, and Fedo...
Libpam-sshauth Local Privilege Vulnerability
libpam-sshauth is a PAM module that can be used to authenticate users on a local computer by connecting to a remote server via ssh. A programming error in libpam-sshauth allows local attackers to exploit this vulnerability to gain root privileges...
[SECURITY] Fedora 23 Update: obs-signd-2.2.1-8.fc23
The OpenSUSE Build Service sign client and daemon. This daemon can be used to sign anything via gpg by communicating with a remote server to avoid the need to host the private key on the same server...
DEBIAN-CVE-2015-8746
fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service NULL pointer dereference and panic via crafted network traffic...
NetIQ Sentinel Detection
Detection of NetIQ Sentinel The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
The vulnerability of the operating system for Clustered Data ONTAP storage systems allows a attacker to obtain confidential information or replace servers.
The vulnerability of the Clustered Data ONTAP operating system exists due to the lack of verification of X.509 certificate checks for the TLS server. Exploiting this vulnerability allows a malicious actor to replace the server remotely or obtain confidential information using a specially crafted...
CVE-2015-8702
The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...
CVE-2015-8702
The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...
CVE-2012-6700
The decodesearch function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response...
CVE-2012-6699
The decodesearch function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service out-of-bounds read via a crafted response...
Drupal 7.x < 7.38 Multiple Vulnerabilities
Binary data 9217.prm...
Secret of how to use Python black off intelligent boiler-vulnerability warning-the black bar safety net
! Citation Last year I bought a new condensing boilerhome heating, so consider the above there must be a“smart thermostat”, and select also many, including Google, Nest, Hive, the British Gas Company design and Worcester·Bosch‘Wave’of. But in the end chose the latter. ! Finally it is installed in...
Adobe Flash - URLStream.readObject Use-After-Free
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=611 There is a use-after-free in URLStream.readObject. If the object read is a registered class, the constructor will get invoked to create the object. If the constructor calls...
[SECURITY] [DSA 3522-1] squid3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3522-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 20, 2016 https://www.debian.org/security/faq -...
DSA-3522-1 squid3 - security update
Bulletin has no description...
CVE-2016-2569
Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service assertion failure and daemon exit via a long string, as demonstrated by a crafted HTTP Vary header...