567 matches found
[SECURITY] Fedora 25 Update: libtool-2.4.6-14.fc25
GNU Libtool is a set of shell scripts which automatically configure UNIX and UNIX-like systems to generically build shared libraries. Libtool provides a consistent, portable interface which simplifies the process of using shared libraries. If you are developing programs which will use shared...
Supervisor Remote Command Execution Vulnerability
Supervisor is a client/server system developed in Python that manages and monitors processes on UNIX-like operating systems. It can start and shut down multiple processes at the same time. A remote command execution vulnerability exists in Supervisor. It allows a remote user to execute arbitrary...
PRET - Printer Exploitation Toolkit
PRET is a new tool for printer security testing developed in the scope of a Master's Thesis at Ruhr University Bochum. It connects to a device via network or USB and exploits the features of a given printer language. Currently PostScript, PJL and PCL are supported which are spoken by most laser...
[SECURITY] Fedora 25 Update: radicale-1.1.2-1.fc25
The Radicale Project is a CalDAV calendar and CardDAV contact server. It aims to be a light solution, easy to use, easy to install, easy to configur e. As a consequence, it requires few software dependencies and is pre-configur ed to work out-of-the-box. The Radicale Project runs on most of the...
[SECURITY] Fedora 24 Update: radicale-1.1.2-1.fc24
The Radicale Project is a CalDAV calendar and CardDAV contact server. It aims to be a light solution, easy to use, easy to install, easy to configur e. As a consequence, it requires few software dependencies and is pre-configur ed to work out-of-the-box. The Radicale Project runs on most of the...
[SECURITY] Fedora 26 Update: radicale-1.1.2-1.fc26
The Radicale Project is a CalDAV calendar and CardDAV contact server. It aims to be a light solution, easy to use, easy to install, easy to configur e. As a consequence, it requires few software dependencies and is pre-configur ed to work out-of-the-box. The Radicale Project runs on most of the...
PonyOS Local Elevation of Privilege Vulnerability (CNVD-2017-05965)
PonyOS is a new Unix-like operating system. PonyOS suffers from a local elevation of privilege vulnerability that allows an attacker to exploit the vulnerability to elevate privileges...
exFAT: Multiple vulnerabilities
Background A full-featured exFAT file system implementation for Unix-like systems. Description Two vulnerabilities were found in exFAT. A malformed input can cause a write heap overflow or cause an endless loop. Impact Remote attackers could execute arbitrary code or cause Denial of Service...
Sudo Local Information Disclosure Vulnerability
Sudo is a program developed by software developer Todd C. Miller for use on Unix-like operating systems that allows users to execute commands in a secure manner with special privileges. Sudo suffers from a local information disclosure vulnerability that could be exploited by an attacker to obtain...
Bruteforce BitCoin Wallet
The purpose of this program is to try to find the password of an encrypted Peercoin or Bitcoin, Litecoin, etc… wallet file i.e. wallet.dat. It can be used in two ways: try all the possible passwords given a charset try all the passwords in a file There is a command line option to specify the numb...
Yasr 0.6.9-5 Buffer Overflow
Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: General-purpose console screen reader Version: 0.6.9-5 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: Yasr is a general-purpose console screen reader for...
Yasr Screen Reader 0.6.9 - Local Buffer Overflow
Yasr Screen Reader 0.6.9 - Local Buffer Overflow ''' Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: General-purpose console screen reader Version: 0.6.9-5 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description:...
Samba Security Updates Address Badlock Vulnerabilities
The Samba Team has released security updates that address vulnerabilities, collectively known as Badlock, affecting both Windows operating systems and Samba in UNIX-like platforms. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system or create a...
Nginx Web Application Firewall: NAXSI
NAXSI means Nginx Anti XSS & SQL Injection . Technically, it is a third party nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple and readable rules containing 99% of known patterns involved in website vulnerabilities. For...
[SECURITY] Fedora 22 Update: radicale-1.1.1-1.fc22
The Radicale Project is a CalDAV calendar and CardDAV contact server. It aims to be a light solution, easy to use, easy to install, easy to configur e. As a consequence, it requires few software dependencies and is pre-configur ed to work out-of-the-box. The Radicale Project runs on most of the...
[SECURITY] Fedora 23 Update: radicale-1.1.1-1.fc23
The Radicale Project is a CalDAV calendar and CardDAV contact server. It aims to be a light solution, easy to use, easy to install, easy to configur e. As a consequence, it requires few software dependencies and is pre-configur ed to work out-of-the-box. The Radicale Project runs on most of the...
[SECURITY] Fedora 23 Update: dovecot-2.2.19-1.fc23
Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages...
EMC AutoStart ftagent Opcode 85 Subcode 33 SQL Injection (CVE-2015-0538)
A remote SQL injection vulnerability exists in EMC AutoStart. The vulnerability is due to insufficient validation of remotely supplied data within the ftagent component. A remote unauthenticated attacker can leverage this vulnerability by sending malicious requests to the ftagent process...
RaspBSD – FreeBSD distribution for Raspberry Pi
Raspberry Pi is gaining new heights by rapidly maturing as; after Microsoft made Windows 10 IoT core supporting the Raspberry Pi 2, now a new version FreeBSD operating system is also deployable on Raspberry Pi devices, called RaspBSD. FreeBSD Berkeley Software Distribution is an open source...
[SECURITY] Fedora 20 Update: dovecot-2.2.16-2.fc20
Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages...