John the Ripper GUI Frontend: Johnny

Johnny the open source cross-platform GUI frontend for John the Ripper, the popular password cracker, written in C++ using the Qt framework. Johnny’s aim is to automate and simplify the password cracking routine on the Desktop as well as add extra functionality like session management and easy...

Moderate: Red Hat Security Advisory: autofs security and bug fix update

Updated autofs packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Johnny - GUI for John the Ripper

Johnny is a cross-platform open-source GUI for the popular password cracker John the Ripper. Features 1. user could start, pause and resume attack though only one session is allowed globally, 2. all attack related options work, 3. all input file formats are supported pure hashes, pwdump, passwd,...

4images 1.7.11 File Inclusion

| Title : 4images 1.7.11 Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by 4images 1.7.11 | Tested on: windows 8.1 Français V.Pro | Download : http://www.4homepages.de/ ======================================= Host Header Attack : Vulnerability...

SUSE-RU-2015:1175-1 Recommended update for Package Management Stack

This update provides fixes and enhancements for the Software Update Stack. gnome-packagekit: - Fix title of license agreement window. bsc927319 libsolv: - Rework splitprovides handling. bnc921332 - Add product:regflavor attribute. bnc896224 - Fix bug in reorderdqforjobrules that could lead to...

Ubuntu: Security Advisory (USN-2617-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Toshiba 4690 OS contains an information disclosure vulnerability

Overview The Toshiba 4690 operating system, version 6 Release 3 and possibly earlier versions, contains an information disclosure vulnerability. Description CWE-200: Information Exposure - CVE-2014-4876The Toshiba 4690 operating system, version 6 Release 3 and possibly earlier versions, contains...

CA Common Services Local Elevation of Privilege Vulnerability

CA is a leading global provider of IT management software and solutions, with products and technologies that span the full spectrum of IT environments, from mainframes to distributed systems, from virtualization to the cloud. CA Common Services has a security issue with the handling of environmen...

DayuCMS 1.526 and DirCMS front any code to perform the analysis and POC-vulnerability warning-the black bar safety net

DayuCMS in converting the string to array function in the direct use of eval, and presence of control variables, leading to arbitrary code execution. DayuCMS may reference the DirCMS code, The two CMS code is almost similar. This article only analysis DayuCMS 0x01. Vulnerability description DayuC...

Updated fuse packages fix CVE-2015-3202

Updated fuse packages fix security vulnerability: Tavis Ormandy discovered that FUSE incorrectly filtered environment variables. A local attacker could use this issue to gain administrative privileges CVE-2015-3202...

USN-2617-3: NTFS-3G vulnerability

USN-2617-1 fixed a vulnerability in NTFS-3G. The original patch did not completely address the issue. This update fixes the problem. Original advisory details: Tavis Ormandy discovered that FUSE incorrectly filtered environment variables. A local attacker could use this issue to gain administrati...

Ubuntu 15.04 : ntfs-3g vulnerability (USN-2617-3)

USN-2617-1 fixed a vulnerability in NTFS-3G. The original patch did not completely address the issue. This update fixes the problem. Tavis Ormandy discovered that FUSE incorrectly filtered environment variables. A local attacker could use this issue to gain administrative privileges. Note that...

fuse NTFS-3G privilege escalation

Insufficient filtering of environment variables...

USN-2617-2: NTFS-3G vulnerability

USN-2617-1 fixed a vulnerability in FUSE. This update provides the corresponding fix for the embedded FUSE copy in NTFS-3G. Original advisory details: Tavis Ormandy discovered that FUSE incorrectly filtered environment variables. A local attacker could use this issue to gain administrative...

USN-2617-1 fuse vulnerability

Tavis Ormandy discovered that FUSE incorrectly filtered environment variables. A local attacker could use this issue to gain administrative privileges...

Extract Metadata From Files: ImageCat

Extract Metadata From Files This is an OODT RADIX application that uses Apache Solr , Apache Tika and Apache OODT to ingest 10s of millions of files images,but could be extended to other files in place, and to extract metadata and OCR information from those files/images using Tika and Tesseract O...

Arbitrary Variable Overwrite in eShop WordPress Plugin

Advisory ID: HTB23255 Product: eShop WordPress plugin Vendor: Rich Pedley Vulnerable Versions: 6.3.11 and probably prior Tested Version: 6.3.11 Advisory Publication: April 15, 2015 without technical details Vendor Notification: April 15, 2015 Public Disclosure: May 6, 2015 Vulnerability Type: Cod...

WordPress eShop 6.3.11 Code Execution Exploit

High-Tech Bridge Security Research Lab discovered a security vulnerability in the eShop WordPress Plugin, which can be exploited by remote attackers to overwrite arbitrary PHP variables within the context of the vulnerable application. The vulnerability exists due to insufficient validation of...

automount privilege escalation

Insufficient local variables filtering...

ABRT abrt-action-install-debuginfo-to-abrt-cache local elevation of privilege vulnerability

ABRT is an automated bug reporting tool. ABRT abrt-action-install-debuginfo-to-abrt-cache handles environment variables with vulnerabilities that allow local attackers to exploit exploits for elevation of privilege...