[MSF-Installer] Script to Automate Metasploit Framework Installation

Script to help with installing and configuring Metasploit Framework, Armitage and the Plugins I have written on OSX and Linux To use the script on OSX Java, Xcode and Command Development Tools from Xcode must be installed before running the script. In the case of OSX I also added the option of...

CVE-2013-3241

export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...

Design/Logic Flaw

export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...

CVE-2013-3241

export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...

CVE-2013-3241

export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...

CVE-2013-3241

export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...

Global variables overwrite in "export.php".

PMASA-2013-5 Announcement-ID: PMASA-2013-5 Date: 2013-04-24 Summary Global variables overwrite in "export.php". Description The export script generates global variables from those present in the $$POST superglobal. This may lead to other exploits in the export script. Severity We consider this...

Mandriva Linux Security Advisory : emacs (MDVSA-2013:076)

Updated emacs packages fix security vulnerabilities : Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent...

CVE-2013-0132

The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing crafted environment variables...

Lxblog blog system variables cover the resulting injection+Getshell attached to the use of the exp-bug warning-the black bar safety net

Nonsense: lxblog is www. phpwind. net development of multi-blog system, now seems to have stopped updating! Statement: We only do the technical research, please do not illegally used, together with consequences with himself, independent of it! Text: Key file:/mod/ajaxmod.php if ! empty$POST $POST...

CentOS Update for openssl CESA-2013:0587 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for openssl RHSA-2013:0587-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Scientific Linux Security Update : openssl on SL5.x, SL6.x i386/x86_64 (20130304)

It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a paddi...

openssl security update

CentOS Errata and Security Advisory CESA-2013:0587 Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CV...

Moderate: Red Hat Security Advisory: openssl security update

Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

Nmap NSE 6.01: ntp-info

Gets the time and configuration variables from an NTP server. We send two requests: a time request and a 'read variables' opcode 2 control message. Without verbosity, the script shows the time and the value of the 'version', 'processor', 'system', 'refid', and 'stratum' variables. With verbosity,...

PHP Common Vulnerabilities code analysis-vulnerability warning-the black bar safety net

Opening remarks: the PHP, The is a English hypertext pre-processing language Hypertext Preprocessor acronym. PHP is an HTML embedded language, is a server-side implementation of the embedded HTML document the script language, the language style is similar to the C language, and PHP unique syntax...

php: PG(magic_quote_gpc) was not restored on shutdown

PHP before 5.3.10 does not properly perform a temporary change to the magicquotesgpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/phpvariables.c, sapi/cgi/cgimain.c, and...

Joomla! 2.5.x < 2.5.9 / 3.0.x < 3.0.3 Multiple Vulnerabilities

According to its self-reported version number, the Joomla! installation running on the remote web server is 2.5.x prior to 2.5.9 or 3.0.x prior to 3.0.3. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the highlight.php script, within the...

Scientific Linux Security Update : abrt and libreport on SL6.x i386/x86_64 (20130131)

It was found that the /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache tool did not sufficiently sanitize its environment variables. This could lead to Python modules being loaded and run from non-standard directories such as /tmp/. A local attacker could use this flaw to escalate their...