165 matches found
Subversion 1.6.6 / 1.6.12 - Code Execution
Exploit for linux platform in category remote exploits This is an exploit for the subversion vulnerability published as CVE-2013-2088. Author: GlacierZ0ne email protected Exploit Type: Code Execution Access Type: Authenticated Remote Exploit Prerequisites: svn command line client available,...
Subversion 1.6.6/1.6.12 - Code Execution
This is an exploit for the subversion vulnerability published as CVE-2013-2088. Author: GlacierZ0ne [email protected] Exploit Type: Code Execution Access Type: Authenticated Remote Exploit Prerequisites: svn command line client available, subversion server exposes webdav through apache,...
CVE-2016-6413
The installation procedure on Cisco Application Policy Infrastructure Controller APIC devices 1.32f mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCva50496...
CVE-2016-6413
CVE-2016-6413 affects Cisco Application Policy Infrastructure Controller (APIC) devices, specifically version 1.3(2f). The installation procedure mishandles binary files, allowing an authenticated local attacker to obtain root-level privileges and take full control of the device. Remediation is a...
CVE-2016-6413
The installation procedure on Cisco Application Policy Infrastructure Controller APIC devices 1.32f mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCva50496...
Offline Digital Forensics Tool for Binary Files: ByteForce
Offline Digital Forensics Tool for Binary Files Offline Digital Forensics Tool for Binary Files This tool can be used for offline digital forensics and malware analysis as it shows all raw bytes of a file and also the ASCII representations. As you can see from the screenshots, It can be used on a...
SRC-2016-0040 : Microsoft Office Excel Binary Worksheet Use-After-Free Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
CVE-2016-1420
The installation component on Cisco Application Policy Infrastructure Controller APIC devices with software before 1.32f mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347...
CVE-2016-1420
CVE-2016-1420 - Cisco APIC local privilege escalation : The vulnerability affects Cisco Application Policy Infrastructure Controller (APIC) devices running software before 1.3(2f). During installation, the installation component mishandles binary files due to insecure permissions, enabling a loca...
CVE-2016-1420
The installation component on Cisco Application Policy Infrastructure Controller APIC devices with software before 1.32f mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347...
Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability
A vulnerability in the installation procedure for Cisco Application Policy Infrastructure Controller APIC devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to the use of incorrect installation and permissions settings for binary files...
Firmwalker - Script for searching the extracted firmware file system for goodies!
A simple bash script for searching the extracted or mounted firmware file system. It will search through the extracted or mounted firmware file system for things of interest such as: etc/shadow and etc/passwd list out the etc/ssl directory search for SSL related files such as .pem, .crt, etc...
BinDiff Now Free, To Delight of Security Researchers
BinDiff is a constant presence inside a security researcher’s toolbox, ideal for patch and malware analysis or reverse engineering of code. The Google-owned software allows researchers to conduct side-by-side comparisons of binary files in disassembled code looking for differences in the samples...
Updated xdelta3 packages fix CVE-2014-9765
Updated xdelta3 package fixes security vulnerability: Stepan Golosunov discovered that xdelta3, a diff utility which works with binary files, is affected by a buffer overflow vulnerability within the maingetappheader function, which may lead to the execution of arbitrary code CVE-2014-9765...
Debian Security Advisory DSA 3484-1 (xdelta3 - security update)
Stepan Golosunov discovered that xdelta3, a diff utility which works with binary files, is affected by a buffer overflow vulnerability within the maingetappheader function, which may lead to the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb3484.nasl 6608 2017-07-07 12:05:05Z...
DSA-3484-1 xdelta3 - security update
Bulletin has no description...
USN-2901-1: xdelta3 vulnerability
It was discovered that xdelta3 incorrectly handled certain files. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could use this issue to cause xdelta3 to crash, resulting in a denial of service, or possibly execute arbitrary code...
[SECURITY] [DLA 417-1] xdelta3 security update
Package : xdelta3 Version : 0y.dfsg-1+deb6u1 CVE ID : CVE-2014-9765 Debian Bug : 814067 It was discovered that there was a buffer overflow in in xdelta3, a diff utility which works with binary files. This vulnerability allowed arbitrary code execution from input files. For Debian 6 Squeeze, this...
UEFI firmware image viewer and editor: UEFITool
It supports parsing of full BIOS images starting with the flash descriptor or any binary files containing UEFI volumes. Original development was started here at MDL forums as a cross-platform analog to PhoenixTool ‘s structure mode with some additional features, but the program’s engine was prove...
Dell VPN client Netextender 0day analysis-vulnerability warning-the black bar safety net
The VPN client is most IT security professionals will use a tool, using it can be connected to a“restricted”local area network, anonymous Internet access, ensure network traffic security, etc. But just imagine, if the VPN client can cause the machine to the elevation of privileges? Note: currentl...