sudo 1.8.28 - Security Bypass Exploit

Exploit Title : sudo 1.8.28 - Security Bypass Original Author: Joe Vennix Exploit Author : Mohin Paramasivam Version : Sudo priv" os.system"cat priv | grep 'ALL' | cut -d '' -f 2 binary" binaryfile = open"binary" binary= binaryfile.read execute sudo exp...

CVE-2018-7738

A command injection flaw was found in the way util-linux implements umount autocompletion in Bash. An attacker with the ability to mount a filesystem with custom mount points may execute arbitrary commands on behalf of the user who triggers the umount autocompletion...

Photon OS 1.0: Bash PHSA-2019-1.0-0252

An update of the bash package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0252. The text itself is copyright C VMware, Inc. include"compat.inc"; if description scriptid129783;...

Photon OS 1.0: Bash PHSA-2019-1.0-0255

An update of the bash package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0255. The text itself is copyright C VMware, Inc. include"compat.inc"; if description scriptid129681;...

Fenrir - Simple Bash IOC Scanner

Fenrir is a simple IOC scanner bash script. It allows scanning Linux/Unix/OSX systems for the following Indicators of Compromise IOCs: Hashes MD5, SHA1 and SHA256 using md5sum, sha1sum, sha -a 256 File Names string - checked for substring of the full path, e.g. "temp/p.exe" in "/var/temp/p.exe"...

Sub.Sh - Online Subdomain Detect Script

OnlineSubdomain Detect Script. USAGE Script bash sub.sh webscantest.com ./sub.sh webscantest.com Curl curl -s -L https://raw.githubusercontent.com/cihanmehmet/sub.sh/master/sub.sh | bash -s webscantest.com Subdomain Alive Check bash subalive.sh bing.com curl -s -L...

Important Photon OS Security Update - PHSA-2019-0252

Updates of 'linux', 'tar', 'bash', 'yarn', 'linux-esx', 'python2', 'openssl', 'kubernetes' packages of Photon OS have been released...

EulerOS Virtualization for ARM 64 3.0.2.0 : bash (EulerOS-SA-2019-1942)

According to the version of the bash package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A heap-based buffer overflow was discovered in bash when wide characters, not supported by the current locale set in LCCTYPE...

EulerOS 2.0 SP5 : bash (EulerOS-SA-2019-1911)

According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A heap-based buffer overflow was discovered in bash when wide characters, not supported by the current locale set in LCCTYPE environment variable, are...

CVE-2019-16103

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation by administrators from the menu to a root Bash OS shell via the spsshell feature...

Privilege escalation

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation by administrators from the menu to a root Bash OS shell via the spsshell feature...

CVE-2019-16103

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation by administrators from the menu to a root Bash OS shell via the spsshell feature...

EMAGNET - Tool For Find Leaked Databases With 97.1% Accurate To Grab Mail + Password Together From Pastebin Leaks

Emagnet is a very powerful tool for it's purpose wich is to capture email addresses and passwords from leaked databases uploaded on pastebin. It's almost impossible to find leaked passwords when they are out of list on pastebin.com. Either they have been deleted by pastebin's techs or the uploads...

Cisco UCS Director Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Unauthenticated Remote Code Execution', 'Description' = %q The Cisco UCS Director virtual appliance contains two flaws that ca...

USN-4058-1: Bash vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that Bash incorrectly handled the restricted shell. An attacker could possibly use this issue to escape restrictions and execute any command. CVEs contained in this USN include: CVE-2019-99...

Sudomy - Subdomain Enumeration & Analysis

Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way. Features For recent time,Sudomy has these 9 features: Easy, light, fast and powerful. Bash script is available by default in almost all Linux distributions...

Exploit for Path Traversal in Ivanti Connect_Secure

CVE-2019-11510 Exploit for Arbitrary File Read on Pulse Secure...

Webmin 1.920 - Remote Code Execution

!/bin/sh CVE-2019-15107 Webmin Unauhenticated Remote Command Execution based on Metasploit module https://www.exploit-db.com/exploits/47230 Original advisory: https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html Alternative advisory spanish:...

Security update for ledger (moderate)

openSUSE Security Update: Security update for ledger Announcement ID: openSUSE-SU-2019:1895-1 Rating: moderate References: 1052478 1052484 1105084 Cross-References: CVE-2017-12481 CVE-2017-12482 CVE-2017-2807 CVE-2017-2808 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes four...

Mail.ru: Bash History file log

Researcher found a publicly accessible .bashhistory file on one of servers. File contained commands without sensitive data in them...