Metasploitable3 - An Intentionally Vulnerable Machine for Exploit Testing

Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities. It is intended to be used as a target for testing exploits with metasploit . Metasploitable3 is released under a BSD-style license. See COPYING for more details. Building Metasploitable 3...

Xen elevation of privilege vulnerability (CNVD-2016-11648)

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen suffers from an elevation of...

Teradata Virtual Machine Community Edition 15.0 Insecure File Creation Vulnerability

Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure creation of files in /tmp that may lead to elevated code execution. Title: Teradata Virtual Machine Community Edition v15.10 Insecure creation of files in /tmp Author: Larry W. Cashdollar, @larry0 Date: 2016-10-01...

Intentionally Vulnerable Machine for Exploit Testing: Metasploitable3

Intentionally Vulnerable Machine for Exploit Testing Metasploitable3 is a free virtual machine that allows you to simulate attacks largely using Metasploit. It has been used by people in the security industry for a variety of reasons: such as training for network exploitation, exploit development...

Teradata Virtual Machine Community Edition 15.0 Insecure File Creation

Title: Teradata Virtual Machine Community Edition v15.10 Insecure creation of files in /tmp Author: Larry W. Cashdollar, @larry0 Date: 2016-10-01 Download Site: http://downloads.teradata.com/download/database/teradata-virtual-machine-community-edition-for-vmware Vendor: Teradata Vendor Notified:...

VMware Patches Virtual Machine Escape Vulnerability

VMware quickly turned around a patch for a critical code execution flaw that was worth $150,000 to the researchers who found it. While there have been no reported public exploits, the vulnerability is serious because it could allow an attacker to access a virtual instance and run code on the host...

Teradata Virtual Machine Community Edition Code Execution Vulnerability

Teradata Virtual Machine Community Edition is a Teradata virtual container packaged with the SUSE Linux Enterprise Server SLES operating system and Teradata databases to run in a virtualized environment on third-party hardware. A code execution vulnerability exists in Teradata Virtual Machine...

Teradata Virtual Machine Community Edition Elevation of Privilege Vulnerability

Teradata Virtual Machine Community Edition is a Teradata virtual container packaged with the SUSE Linux Enterprise Server SLES operating system and Teradata databases to run in a virtualized environment on third-party hardware. A security vulnerability exists in Teradata Virtual Machine Community...

Teradata Virtual Machine Community Edition 15.10 Insecure File Permission

Title: Teradata Virtual Machine Community Edition v15.10 has insecure file permission Author: Larry W. Cashdollar, @larry0 Date: 2016-10-01 Download Site: http://downloads.teradata.com/download/database/teradata-virtual-machine-community-edition-for-vmware Vendor: Teradata Vendor Notified:...

CVE-2016-7489

Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution...

CVE-2016-7488

Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr. These could allow a local user to modify its contents and execute commands as root...

CVE-2016-7488

Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr. These could allow a local user to modify its contents and execute commands as root...

CVE-2016-7488

Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr. These could allow a local user to modify its contents and execute commands as root...

CVE-2016-7489

Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution...

CVE-2016-7489

Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution...

CVE-2016-7488

Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr. These could allow a local user to modify its contents and execute commands as root...

CVE-2016-7489

Teradata Virtual Machine Community Edition v15.10 is affected by an insecure file-creation flaw in the perl script /opt/teradata/gsctools/bin/t2a.pl, which creates temporary files in /tmp. The root cause is insecure handling of /tmp files, enabling a local user to inject/execute commands (e.g., b...

[SECURITY] Fedora 23 Update: xen-4.5.5-3.fc23

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Moderate: Red Hat Security Advisory: libguestfs and virt-p2v security, bug fix, and enhancement update

An update for libguestfs and virt-p2v is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Kernel: powerpc: kvm: Infinite loop via H_CEDE hypercall when running under hypervisor-mode

arch/powerpc/kvm/book3shvrmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIGKVMBOOK3S64HV is enabled, allows guest OS users to cause a denial of service host OS infinite loop by making a HCEDE hypercall during the existence of a suspended transaction...