72 matches found
Updated dbus packages fix security vulnerabilities
A format string vulnerability in the reference bus implementation, dbus-daemon, could potentially allow local users to cause arbitrary code execution or denial of service. Symlink attack in nonce-tcp transport bsc1025950. Symlink attack in unit tests bsc1025951...
SSLsplit - transparent SSL/TLS interception
SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis and penetration testing. SSLsplit is designed to transparently terminate connections that are redirected to it using a...
Fuzzer for Individual Method Parameters: RamFuzz
Fuzzer for Individual Method Parameters RamFuzz is a fuzzer for individual method parameters in unit tests. A unit test can use RamFuzz to generate random parameter values for methods under test. The values are logged, and the log can be replayed to repeat the exact same test scenario. But RamFuz...
Tests Crypto Libraries Against Known Attacks: Wycheproof
Rests Crypto Libraries Against Known Attacks Project Wycheproof tests crypto libraries against known attacks. It is developed and maintained by members of Google Security Team, but it is not an official Google product. In cryptography, subtle mistakes can have catastrophic consequences. Good...
[SECURITY] Fedora 24 Update: msgpuck-1.1.3-1.fc24
MsgPack is a binary-based efficient object serialization library. It enables to exchange structured objects between many languages like JSON. But unlike JSON, it is very fast and small. msgpuck is very lightweight header-only library designed to be embedded to your application by the C/C++...
[SECURITY] Fedora 25 Update: msgpuck-1.1.3-1.fc25
MsgPack is a binary-based efficient object serialization library. It enables to exchange structured objects between many languages like JSON. But unlike JSON, it is very fast and small. msgpuck is very lightweight header-only library designed to be embedded to your application by the C/C++...
Cross Platform ELF Analysis: ELF Parser
ELF Parser attempts to move ELF malware analysis forward by quickly providing basic information and static analysis of the binary. The end goal of ELF Parser is to indicate to the analyst if it thinks the binary is malicious / dangerous and if so why. Load Any Executable ELF ELF Parser supports...
Bypass of file blacklist - ownCloud
A blacklist bypass vulnerability including UTF-8 encoding in file paths in the mentioned ownCloud versions, allows authenticated remote attackers to bypass the file blacklist and upload files such as the .htaccess files. An attacker could leverage this bypass by uploading a .htaccess and execute...
Bypass of file blacklist on Microsoft Windows Platform - ownCloud
A blacklist bypass vulnerability including UTF-8 encoding in file paths in the mentioned ownCloud Server versions, when running on a Microsoft Windows Platform, allows authenticated remote attackers to bypass the file blacklist and upload files such as the .htaccess files. An attacker could...
unittest NSE Script
Runs unit tests on all NSE libraries. Script Arguments unittest.run Run tests. Causes unittest.testing to return true. unittest.tests Run tests from only these libraries defaults to all Example Usage nmap --script unittest --script-args unittest.run Script Output Pre-scan script results: |...
Fedora 16 : php-pear-CAS-1.3.0-2.fc16 (2012-4119)
Upstream changelog Changes in version 1.3.0 Bug Fixes : - the saml logout url should be parsed urlencoded 24 dlineate - fix a proxy mode bug introduced in a previous comitt 16 Adam Franco - Fix includepath order so that the phpCAS path takes precedence 13 Adam Franco - fix invalid characters in t...
PT-2007-1470 · Smarty · Smarty
Name of the Vulnerable Software and Affected Versions: Smarty version 2.6.1 Description: A remote file inclusion issue in the unit test/test cases.php file of Smarty allows remote attackers to execute arbitrary PHP code via a URL in the SMARTY DIR parameter. Recommendations: For Smarty version...