Exploit for CVE-2020-1472

CVE-2020-1472 is a vulnerability in the Windows Netlogon service that allows an attacker to authenticate as the computer account password. The vulnerability is a buffer overflow in the Netlogon service, which can be exploited by sending a specially crafted request to the service. The exploit code...

Design/Logic Flaw

A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the value of restuserkey, and...

Microsoft Exchange Server 代码问题漏洞

Exchange is a messaging and collaboration system that is a suite of e-mail service components from Microsoft. Microsoft Exchange Server request forgery vulnerability can be exploited by an attacker to be able to send arbitrary HTTP requests and authenticate with Exchange Server...

Amazon Linux 2 : ImageMagick (ALAS-2021-1596)

The version of ImageMagick installed on the remote host is prior to 6.9.10.68-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1596 advisory. A flaw was found in ImageMagick. The -authenticate option is mishandled allowing user-controlled password set for a PDF fil...

CVE-2021-21240

An uncontrolled resource consumption flaw as found in python-httplib2, due to a flawed regular expression used while parsing the WWW-Authenticate header in an HTTP response. This flaw allows a malicious or compromised server to reply with a crafted sequence of characters in the WWW-Authenticate...

CVE-2021-21240

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service CPU burn while parsing header of the httplib2 client accessing said...

PYSEC-2021-16

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service CPU burn while parsing header of the httplib2 client accessing said...

CVE-2021-21240

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service CPU burn while parsing header of the httplib2 client accessing said...

PYSEC-2021-16

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service CPU burn while parsing header of the httplib2 client accessing said...

httplib2 Resource Management Error Vulnerability

httplib2 is an HTTP client library. A security vulnerability in httplib2 versions prior to 0.19.0, which stems from a response to the long string of xa0 characters in the www-authenticate header, could cause a denial of service when an httplib2 client accesses the server...

LiteSpeed Web Server Enterprise 5.4.11 - Command Injection (Authenticated)

Exploit Title: LiteSpeed Web Server Enterprise 5.4.11 - Command Injection Authenticated Date: 05/20/2021 Exploit Author: cmOs - SunCSR Vendor Homepage: https://www.litespeedtech.com/ Software Link: https://www.litespeedtech.com/products Version: 5.4.11 Ubuntu/Kali Linux Step 1: Log in to the...

CVE-2020-23355

CVE-2020-23355 affects Codiad 2.8.4, where in the file /componetns/user/class.user.php the Authenticate() function is vulnerable to a magic hash authentication bypass. Encrypted or hashed passwords that take certain formats (e.g., 0e123 or 0e234) can bypass authentication. Multiple connected advi...

EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2021-1074)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image...

ImageMagick: Shell injection via PDF password could result in arbitrary code execution

A flaw was found in ImageMagick. The -authenticate option is mishandled allowing user-controlled password set for a PDF file to possibly inject additional shell commands via coders/pdf.c. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

Oracle Linux 7 : ImageMagick (ELSA-2021-0024)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0024 advisory. 6.9.10.68-5 - Adding CTV-2020-29599 fix Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

PT-2021-11868 · WordPress · Aam Advanced Access Manager

Name of the Vulnerable Software and Affected Versions: Advanced Access Manager plugin versions prior to 6.6.2 Description: The issue arises when the Advanced Access Manager plugin for WordPress displays the unfiltered user object, including all metadata, upon login via the REST API at endpoints...

CVE-2020-35729

KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter...

ImageMagick6 -- multiple vulnerabilities

CVE reports: Several vulnerabilities have been discovered in ImageMagick: CVE-2021-20309: A flaw was found in ImageMagick in versions before 6.9.12, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an...

CVE-2020-29599

A flaw was found in ImageMagick. The -authenticate option is mishandled allowing user-controlled password set for a PDF file to possibly inject additional shell commands via coders/pdf.c. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

DEBIAN-CVE-2020-29599

ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via...