HT-WPS Breaker - High Touch WPS Breaker

High Touch WPS Breaker HT-WB is a small tool based on the bash script language, it can help you to extract the WPS pin of many vulnerable routers and get the password, in the last you want to notice that HT-WPS Breaker in its process is using these tools : "Piexiewps" "Reaver" "Bully" "Aircrack...

CVE-2019-9146

Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain a root shell by leveraging the "publish Bash shell scripts" feature to insert "/Applications/Utilities/Terminal app/Contents/MacOS/Terminal" into the TCP data stream...

Code injection

Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain a root shell by leveraging the "publish Bash shell scripts" feature to insert "/Applications/Utilities/Terminal app/Contents/MacOS/Terminal" into the TCP data stream...

CVE-2019-9146

Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain a root shell by leveraging the "publish Bash shell scripts" feature to insert "/Applications/Utilities/Terminal app/Contents/MacOS/Terminal" into the TCP data stream...

CVE-2019-9146

Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain a root shell by leveraging the "publish Bash shell scripts" feature to insert "/Applications/Utilities/Terminal app/Contents/MacOS/Terminal" into the TCP data stream...

Post-Exploitation Framework for Linux Written in Bash: Orc

Orc is a simple post-exploitation written in bash. I wrote this because I myself needed a more featureful post-exploitation toolkit for Linux. It’s part of a larger bundle of scripts and tools, but I’ll add those as I write and re-write them. It takes the form of an ENV script, so load orc into a...

Exploit for OS Command Injection in Docker

RunC-CVE-2019-5736 Two PoCs for CVE-2019-5736. See Twistlock...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2019:0423-1)

This update for qemu fixes the following issues : Security issues fixed : CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation bsc1123156. CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp bsc1119493. CVE-2018-19489:...

Potential Command Injection in shell-quote

Affected versions of shell-quote do not properly escape command line arguments, which may result in command injection if the library is used to escape user input destined for use as command line arguments. Proof of Concept: The following characters are not escaped properly: ,;,, Bash has a neat b...

GHSA-QG8P-V9Q4-GH34 Potential Command Injection in shell-quote

Affected versions of shell-quote do not properly escape command line arguments, which may result in command injection if the library is used to escape user input destined for use as command line arguments. Proof of Concept: The following characters are not escaped properly: ,;,, Bash has a neat b...

Up (Ultimate Plumber) - Tool For Writing Linux Pipes With Instant Live Preview

up is the Ultimate Plumber , a tool for writing Linux pipes in a terminal-based UI interactively, with instant live preview of command results. The main goal of the Ultimate Plumber is to help interactively and incrementally explore textual data in Linux, by making it easier to quickly build...

Photon OS 1.0: Bash PHSA-2017-0044

An update of the bash package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0044. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121755;...

Photon OS 2.0: Bash PHSA-2017-0045

An update of the bash package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0045. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121760;...

Photon OS 1.0: Bash PHSA-2017-0009

An update of the bash package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0009. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121675;...

Evince CBT File Command Injection

This module exploits a command injection vulnerability in Evince before version 3.24.1 when opening comic book .cbt files. Some file manager software, such as Nautilus and Atril, may allow automatic exploitation without user interaction due to thumbnailer preview functionality. Note that limited...

Security Bulletin: Vulnerabilities in bash affect IBM Flex System Chassis Management Module (CMM)

Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in bash. Vulnerability Details Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in bash. Vulnerability Details CVEID: CVE-2014-6277 Description: GNU Bash could allow a remote...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in bash (CVE-2014-6277 CVE-2014-6278 CVE-2016-0634 CVE-2016-7543)

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in bash. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in bash. Vulnerability Details CVEID: CVE-2014-6277 Description: GNU Bash could...

Security Bulletin: Vulnerability in bash affects IBM Chassis Management Module (CVE-2016-9401)

Summary IBM Chassis Management Module has addressed the following vulnerability in bash. Vulnerability Details Summary IBM Chassis Management Module has addressed the following vulnerability in bash. Vulnerability Details: CVEID: CVE-2016-9401 Description: GNU Bash could allow a local attacker to...

Security Bulletin: Vulnerabilities in Bash affect multiple products shipped with Intelligent Cluster (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Information about security vulnerabilities affecting multiple products shipped as components of Intelligent Cluster has been published in security bulletins. Vulnerability Details Abstract Information about security vulnerabilities affecting multiple products shipped as components of...

Security Bulletin: Vulnerabilities in Bash affect IBM Flex System FC5022 16Gb Fibre Channel SAN Switch (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Vulnerability Details Abstract Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as "Bash Bug" or "Shellshock" and two memory corruption vulnerabilities. Bash is used by IBM Flex System FC5022 16Gb Fibre Channel SAN...