3386 matches found
The vulnerability of the OpenSSL library, which allows a hacker to trigger a service failure
The vulnerability of the ssleayrandbytes function in the OpenSSL library is related to buffer overflows in dynamic memory, caused by integer overflows. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by establishing multiple TLS sessions remotely...
Veeam Agent for Microsoft Windows job displays warning: Partition exceeds disk layout
Challenge A Veeam Agent for Microsoft Windows backup job displays the following warning: Partition exceeds disk layout by bytes This warning may be accompanied by the error: Error: The drive cannot find the sector requested. Asynchronous read operation failed Failed to upload disk. Agent failed t...
Windows x86 - user32!MessageBox "Hello World!" 199 Bytes Null-Free
Windows x86 - user32!MessageBox "Hello World!" 199 Bytes Null-Free. Shellcode exploit for win32 platform / This file was automatically generated by mkhex.sh, which, together with the complete and heavily commented assembly source code for this shellcode, is available at...
Linux x86 Egg Hunter Shellcode 19 bytes
Linux x86 Egg Hunter Shellcode 19 bytes. Shellcode exploit for linx86 platform / Title: Linux x86 Egg Hunter Shellcode 19 bytes Date: 4 August 2015 Author: Guillaume Kaddouch Website: http://networkfilter.blogspot.com Twitter: @gkweb76 Tested on: Ubuntu 14.04.2 LTS x86, Kali Linux 1.0.9 x86 This...
php5 -- multiple vulnerabilities
The PHP project reports: Core: Fixed bug 69793 Remotely triggerable stack exhaustion via recursive method calls. Fixed bug 70121 unserialize could lead to unexpected methods execution / NULL pointer deref. OpenSSL: Fixed bug 70014 opensslrandompseudobytes is not cryptographically secure. Phar:...
kernel security, bug fix, and enhancement update
2.6.32-573 - security selinux: dont waste ebitmap space when importing NetLabel categories Paul Moore 1130197 - x86 Revert Add driver auto probing for x86 features v4 Prarit Bhargava 1231280 - net bridge: netfilter: dont call iptables on vlan packets if sysctl is off Florian Westphal 1236551 - ne...
[SECURITY] [DLA 280-1] ghostscript security update
Package : ghostscript Version : 8.71dfsg2-9+squeeze2 CVE ID : CVE-2015-3228 Debian Bug : 793489 In gsheapallocbytes, add a sanity check to ensure we dont overflow the variable holding the actual number of bytes we allocate...
DLA-280-1 ghostscript - security update
Bulletin has no description...
SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2658-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2658-1 advisory. Neal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL bytes in file paths. A remote attacker could possibly use this issue to bypass...
USN-2658-1: PHP vulnerabilities
Neal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL bytes in file paths. A remote attacker could possibly use this issue to bypass intended restrictions and create or obtain access to sensitive files. CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026, CVE-2015-4598...
linux/x86 execve /bin/sh - shellcode 23 bytes
/ Compile with: gcc -fno-stack-protector -z execstack 23 byte execve shellcode 2 ; int execveconst char filename, char const argv, char const envp; 3 BITS 64 4 5 section .text 6 global start 7 8 start: 9 xor rdx, rdx ;zero out rdx 10 push rdx ;push rdx to stack to null terminate /bin//sh 11 mov a...
linux/x86 chmod('/etc/gshadow') - shellcode 37 bytes
/ Title: Linux/x86 chmod'/etc/gshadow' - shellcode 37 bytes Platform: linux/x8664 Author: Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes , reza.esparghamatgmaildotcom Website : www.reza.es Twitter : https://twitter.com/rezesp FaceBook :...
linux/x86 chmod('/etc/passwd',0777) - shellcode 42 bytes
/ Title: Linux/x86 chmod'/etc/passwd',0777 - shellcode 42 bytes Platform: linux/x8664 Author: Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes , reza.esparghamatgmaildotcom Website : www.reza.es Twitter : https://twitter.com/rezesp FaceBook :...
linux/x86 exec('/bin/dash') - shellcode 45 bytes
/ Title: Linux/x86 exec'/bin/dash' - shellcode 45 bytes Platform: linux/x8664 Date: 2015-06-15 Author: Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes , reza.esparghamatgmaildotcom Website : www.reza.es Twitter : https://twitter.com/rezesp FaceBook :...
Linux x86 - execve /bin/sh 23 Bytes
Linux x86 - execve /bin/sh 23 Bytes. Shellcode exploit for linx86-64 platform / Compile with: gcc -fno-stack-protector -z execstack 23 byte execve shellcode 2 ; int execveconst char filename, char const argv, char const envp; 3 BITS 64 4 5 section .text 6 global start 7 8 start: 9 xor rdx, rdx...
Linux/x86 - chmod'/etc/passwd',0777 shellcode 42 bytes
Linux/x86 - chmod'/etc/passwd',0777 shellcode 42 bytes. Shellcode exploit for linx86 platform / Title: Linux/x86 chmod'/etc/passwd',0777 - shellcode 42 bytes Platform: linux/x8664 Author: Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes ,...