openSUSE Security Update : sysconfig (openSUSE-SU-2012:0242-1)

This update for sysconfig contains the following fixes : - sysconfig hook script for NetworkManager did not properly quote shell meta characters when processing ESSIDs. Specially crafted network names could therefore lead to execution of shell code CVE-2011-4182. - Explicitly disabled posix mode ...

openSUSE Security Update : bash (openSUSE-SU-2012:0898-1)

Bash was fixed to avoid a possible buffer overflow when expanding the /dev/fd prefix with e.g. the test builtin bnc770795 CVE-2012-3410 Due to FORTIFYSOURCE=2 enablement, the exploit will only abort the shell. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

openSUSE Security Update : sysconfig (openSUSE-SU-2012:0242-1)

This update for sysconfig contains the following fixes : - sysconfig hook script for NetworkManager did not properly quote shell meta characters when processing ESSIDs. Specially crafted network names could therefore lead to execution of shell code CVE-2011-4182. - Explicitly disabled posix mode ...

openSUSE Security Update : sysconfig (openSUSE-2012-74)

Fixed to quote config / interface variables in ifservices script and cleaned up content of the ESSID which gets appended to them by NetworkManager dispatcher hook bnc735394, CVE-2011-4182. Fixed also to return proper exit code 0 in NM dispatcher hooks. - Changed to call ip addr flush in ifdown,...

Iptables Blacklist Script

iptables blacklist script A small Bash shell script which uses ipset and iptables to ban a large number of IP addresses published in IP blacklists. ipset uses a hashtable to store/fetch IP addresses and thus the IP lookup is a lot faster than thousands of sequentially parsed iptables ban rules...

Batch site DNS zone transfer vulnerability detection-bash shell implemented-vulnerability warning-the black bar safety net

0x00 background The following illustration of eecs. cc author self-built a machine with a private root DNS server, and open the zone transfer permissions, so the results: the cc zone transfer success. The figure is just an experimental verification, the following article started! ! 2 0 1 4 0 5 1 ...

Fedora 20 : python-django14-1.4.11-1.fc20 (2014-5475)

update to 1.4.11 fixing CVE-2014-0473 and CVE-2014-0474 Parallel installable version based on Toshio Kuratomis contribution Fixed bash completion issue Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempte...

Mass Bleed 20140423

!/bin/bash massbleed.sh 20140423 by 1N3 http://treadstonesecurity.blogspot.ca Usage: sh massbleed.sh port proxy This script has four main functions with the ability to proxy all connections: 1. To mass scan any CIDR range for HeartBleed via port 443/tcp https example: sh massbleed.sh 192.168.0.0/...

Quantum vmPRO Backdoor Command

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'net/ssh' class Metasploit3 "Quantum vmPRO Backdoor Command", 'Description' = %q This module abuses a backdoor command in vmPRO 3.1.2. Any user,...

Quantum vmPRO Backdoor Command

This module abuses a backdoor command in Quantum vmPRO. Any user, even one without admin privileges, can get access to the restricted SSH shell. By using the hidden backdoor "shell-escape" command it's possible to drop to a real root bash shell. This module has been tested successfully on Quantum...

[Lazy-Kali] Bash Script for Kali Linux

A bash script for when you feel lazy. Adds quite a few tools to Kali Linux. Bleeding Edge Repos AngryIP Scanner Terminator Xchat Unicornscan Nautilus Open Terminal Simple-Ducky Subterfuge Ghost-Phisher Yamas PwnStar Ettercap0.7.6 Xssf Smbexec Flash Java Easy-Creds Java ... and more! Lazy-Kali wil...

PineApp MailSecure - Remote Command Execution Vulnerability

Exploit for linux platform in category remote exploits ----------------------------------------------------------------- It is possible execute any command bash as qmailq unprivilege user, sending only the following https request, without authentication...

PineApp MailSecure - Remote Command Execution

----------------------------------------------------------------- It is possible execute any command bash as qmailq unprivilege user, sending only the following https request, without authentication...

openSUSE: Security Advisory for NRPE (openSUSE-SU-2013:0624-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE Update for NRPE openSUSE-SU-2013:0624-1 (NRPE)

Check for the Version of NRPE OpenVAS Vulnerability Test $Id: gbsuse201306241.nasl 8494 2018-01-23 06:57:55Z teissa $ SuSE Update for NRPE openSUSE-SU-2013:0624-1 NRPE Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is fre...

SuSE Update for NRPE openSUSE-SU-2013:0621-1 (NRPE)

Check for the Version of NRPE OpenVAS Vulnerability Test $Id: gbsuse201306211.nasl 8045 2017-12-08 08:39:37Z santu $ SuSE Update for NRPE openSUSE-SU-2013:0621-1 NRPE Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

openSUSE: Security Advisory for NRPE (openSUSE-SU-2013:0621-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cisco NX-OS Software Arbitrary Code Execution Vulnerability

A vulnerability in the input parsing of Cisco NX-OS Software could allow an authenticated, local attacker to execute commands on the underlying operating system. The vulnerability is due to poor processing of parameters that include special characters. An attacker could exploit this vulnerability...

[(D)DoS Deflate] Script designed to block a denial of service attack

DoS+Deflate.gif DDoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes the command below to create a list of IP addresses connected to the server, along with their total number of connections. It is one of the simplest...

OSX <= 10.8.4 - Local Root Priv Escalation (py)

Exploit for iOS platform in category local exploits !/usr/bin/python Original MSF Module: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/sudopasswordbypass.rb Exploit Title: OSX & /dev/tcp/%s/%s...