Remote Vulnerability Testing Framework: Pocsuite

Pocsuite is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec Security Team. It comes with a powerful proof-of-concept engine, many niche features for the ultimate penetration testers and security researchers. Requirements Python 2.6...

Generate TCP/UDP Outbound Traffic On Multiple Ports

This module generates TCP or UDP traffic across a sequence of ports, and is useful for finding firewall holes and egress filtering. It only generates traffic on the port range you specify. It is up to you to run a responder or packet capture tool on a remote endpoint to determine which ports are...

CVE-2016-2428

libAACdec/src/aacdecdrc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limit the number of threads, which allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via...

Apple Mac OSX - Kernel AppleKeyStore Use-After-Free

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=710 The AppleKeyStore userclient uses an IOCommandGate to serialize access to its userclient methods, however by racing two threads, one of which closes the userclient which frees...

Oracle Linux 7 : 389-ds-base (ELSA-2016-0204)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-0204 advisory. - Resolves: bug 1299757 - CVE-2016-0741 389-ds-base: Worker threads do not detect abnormally closed connections causing DoS Tenable has extracted the preceding...

glibc security update

2.12-1.166.7 - Update fix for CVE-2015-7547 1296028. 2.12-1.166.6 - Create helper threads with enough stack for POSIX AIO and timers 1301625. 2.12-1.166.5 - Fix CVE-2015-7547: getaddrinfo stack-based buffer overflow 1296028. 2.12-1.166.4 - Support loading more libraries with static TLS 1291270...

Apache Httpd < 2.4.20 : mod_http2: denial of service by thread starvation

By manipulating the flow control windows on streams, a client was able to block server threads for long times, causing starvation of worker threads. Connections could still be opened, but no streams where processed for these. This issue affected HTTP/2 support in 2.4.17 and 2.4.18...

GDB-Dashboard - Modular Visual Interface For Gdb In Python

Modular visual interface for GDB in Python. This comes as a standalone single-file .gdbinit which, among the other things, enables a configurable dashboard showing the most relevant information during the program execution. Its main goal is to reduce the number of GDB commands issued to inspect t...

Sawef - Send Attack Web Forms

SAWEF - Send Attack Web Forms DESCRIPTION The purpose of this tool is to be a Swiss army knife for anyone who works with HTTP, so far it she is basic, bringing only some of the few features that want her to have, but we can already see in this tool: - Email Crawler in sites - Crawler forms on the...

[SECURITY] Fedora 21 Update: nspr-4.10.10-1.fc21

NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management malloc and free and shared library linking...

[SECURITY] Fedora 22 Update: nspr-4.10.10-1.fc22

NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management malloc and free and shared library linking...

Debian DLA-322-1 : commons-httpclient security update

Trevin Beattie 1 discovered an issue where one could observe hanging threads in a multi-threaded Java application. After debugging the issue, it became evident that the hanging threads were caused by the SSL initialization code in commons-httpclient. This upload fixes this issue by respecting the...

[SECURITY] [DLA 322-1] commons-httpclient security update

Package : commons-httpclient Version : 3.1-9+deb6u2 CVE ID : CVE-2015-5262 Trevin Beattie 1 discovered an issue where one could observe hanging threads in a multi-threaded Java application. After debugging the issue, it became evident that the hanging threads were caused by the SSL initialization...

DLA-322-1 commons-httpclient - security update

Bulletin has no description...

Microsoft Windows Kernel - DeferWindowPos Use-After-Free (MS15-073)

Microsoft Windows Kernel - DeferWindowPos Use-After-Free MS15-073 Source: https://code.google.com/p/google-security-research/issues/detail?id=339 The attached PoC demonstrate a use-after-free condition that occurs when operating on a DeferWindowPos object from multiple threads. The DeferWindowPos...

ownCloud: Apache Range Header Denial of Service Attack (Confirmed PoC)

owncloud.com is vulnerable to Apache range header denial of service. This was confirmed by injecting Range: header payloads and analyzing the request vs. response times to an arbitrary page. The results confirm that processing times took up to 50,000 milliseconds per request when the range header...

powerdns: denial of service

A bug was found in the PowerDNS Authoritative Server DNS packet parsing/generation code, which, when exploited, can cause individual threads disabling service or whole processes allowing a supervisor to restart them to crash with just one or a few query packets...

OracleVM 3.3 : net-snmp (OVMSA-2015-0099)

The remote OracleVM system is missing necessary patches to address critical security updates : - Add Oracle ACFS to hrStorage John Haxby orabug 18510373 - Quicker loading of IP-MIB::ipAddrTable 1191393 - Quicker loading of IP-MIB::ipAddressTable 1191393 - Fixed snmptrapd crash when '-OQ' paramete...

Image Transfer IOS - Remote Crash (PoC)

Image Transfer IOS - Remote Crash PoC !/usr/bin/perl -w Title : Image Transfer IOS - Remote Crash Proof Of Concept Affected Versions: All Version Tested on IOS 8.4 12h143 / 2.0 Itunes link : https://itunes.apple.com/us/app/image-transfer-photo-video/id588696602?mt=8 EDB note: Might require to be...

Use-after-free due to Media Decoder Thread creation during shutdown — Mozilla

Security researchers Tyson Smith and Jesse Schwartzentruber reported a use-after-free during the shutdown process. This was caused by a race condition when media decoder threads are created during the shutdown process in some circumstances. This leads to a potentially exploitable crash when...