2649 matches found
Cisco WebEx Meetings Server Command Bypass Vulnerability
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. The vulnerability is due to insufficient security configurations of bash in interactive mode. An attacker could exploit this vulnerability by...
Updated bash packages fix security vulnerability
In Bash, the popd command can be tricked to free a user supplied address, which could be used to bypass restricted shells rsh on some environments to cause use-after-free CVE-2016-9401...
MGASA-2017-0005 Updated bash packages fix security vulnerability
In Bash, the popd command can be tricked to free a user supplied address, which could be used to bypass restricted shells rsh on some environments to cause use-after-free CVE-2016-9401...
PT-2017-10117 · Gnu +5 · Bash +5
Name of the Vulnerable Software and Affected Versions: bash affected versions not specified Description: The issue allows local users to bypass the restricted shell and cause a use-after-free via a crafted address, potentially related to the popd command in bash. There is no information provided...
Required Applications and Permissions for Multi-OS FLR and Repository Support for Linux
Purpose This document provides information about required applications that must exist on Linux machines to function with Veeam Backup and Replication. Solution Permissions Requirements Permissions are dependent on the intended role of the Linux server. For more information, review this page of t...
GLSA-201701-02 : Bash: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201701-02 Bash: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Bash. Please review the CVE identifiers referenced below for details. Impact : A local attacker could possibly execute arbitrary code with t...
Exploit for OS Command Injection in Gnu Bash
ActiveScan++ ================== ActiveScan++ extends Burp Suite...
Bash: Multiple vulnerabilities
Background Bash is the standard GNU Bourne Again SHell. Description Multiple vulnerabilities have been discovered in Bash. Please review the CVE identifiers referenced below for details. Impact A local attacker could possibly execute arbitrary code with the privileges of the process, or cause a...
PHPMailer 5.2.17 Remote Code Execution
!/bin/bash CVE-2016-10033 exploit by opsxcq https://github.com/opsxcq/exploit-CVE-2016-10033 echo '+ CVE-2016-10033 exploit by opsxcq' if -z "$1" then echo '- Please inform an host as parameter' exit -1 fi host=$1 echo '+ Exploiting '$host curl -sq 'http://'$host -H 'Content-Type:...
PHPMailer 5.2.18 - Remote Code Execution (Bash)
PHPMailer 5.2.18 - Remote Code Execution Bash !/bin/bash CVE-2016-10033 exploit by opsxcq https://github.com/opsxcq/exploit-CVE-2016-10033 echo '+ CVE-2016-10033 exploit by opsxcq' if -z "$1" then echo '- Please inform an host as parameter' exit -1 fi host=$1 echo '+ Exploiting '$host curl -sq...
Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes)
/ ;author: Filippo "zinzloun" Bersani ;date: 16/12/2016 ;version: 1.0 ;X86 Assembly/NASM Syntax ;tested on: Linux OpenSuse001 2.6.34-12-desktop 32bit ; Linux ubuntu 3.13.0-100-generic 147precise1-Ubuntu 32bit ; Linux bb32 4.4.0-45-generic 32bit ;72 bytes ;description: executes arbitrary command...
Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes)
Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode 72 bytes. Shellcode exploit for Linx86 platform / ;author: Filippo "zinzloun" Bersani ;date: 16/12/2016 ;version: 1.0 ;X86 Assembly/NASM Syntax ;tested on: Linux OpenSuse001 2.6.34-12-desktop 32bit ; Linux ubuntu 3.13.0-100-generic...
Bash: Arbitrary code execution
Background Bash is the standard GNU Bourne Again SHell. Description A vulnerability was found in the way Bash expands $HOSTNAME. Injecting malicious code into $HOSTNAME could cause it to run each time Bash expands \h in the prompt string. Impact A remote attacker controlling the system’s hostname...
GLSA-201612-39 : Bash: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-201612-39 Bash: Arbitrary code execution A vulnerability was found in the way Bash expands $HOSTNAME. Injecting malicious code into $HOSTNAME could cause it to run each time Bash expands \h in the prompt string. Impact : A remote...
Auto Backdooring Utility: backdoorme
Auto Backdooring Utility Backdoorme is a powerful utility capable of backdooring Unix machines with a slew of backdoors. Backdoorme uses a familiar metasploit interface with tremendous extensibility.Backdoorme relies on having an existing SSH connection or credentials to the victim, through which...
Exploit for OS Command Injection in Gnu Bash
Shellshock exploit + vulnerable envir...
Fedora Update for bash FEDORA-2016-2c4b5ad64e
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for bash FEDORA-2016-eda100d886
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : bash (openSUSE-2016-1374) (Shellshock)
This update for bash fixes the following issues : - CVE-2016-7543: Local attackers could have executed arbitrary commands via specially crafted SHELLOPTS+PS4 variables bsc1001299 - CVE-2016-0634: Malicious hostnames could have allowed arbitrary command execution when $HOSTNAME was expanded in the...
XSSER - From XSS to RCE
From XSS to RCE 2.5 - Black Hat Europe Arsenal 2016 Demo Version 2.0 - 2015: https://www.youtube.com/playlist?list=PLIjb28IYMQgqqqApoGRCZO40vP-eKsgf Version 2.5 - 2016: https://www.youtube.com/playlist?list=PLRic6PgcrsWGkgacL6WFnSQKVRZIoofRj Requirements Python 2.7., version 2.7.11 was used for...