Squid HTTP Response Processing Denial of Service (CVE-2016-3948)

The vulnerability is due to improper bounds checking while processing HTTP responses. A remote, unauthenticated attacker can exploit this vulnerability by returning crafted HTTP responses to the vulnerable proxy server. Successful exploitation of the vulnerability could lead to denial-of-service...

AIX 7.2 : bos.net.tcp.bind_utils (U870384)

The remote host is missing AIX PTF U870384, which is related to the security of the package bos.net.tcp.bindutils. ISC BIND is vulnerable to a denial of service, caused by an error in db.c when parsing incoming responses. A remote attacker could exploit this vulnerability to trigger a REQUIRE...

AIX 7.1 TL 4 : bos.net.tcp.client (U868958)

The remote host is missing AIX PTF U868958, which is related to the security of the package bos.net.tcp.client. Network Time Protocol NTP is vulnerable to a denial of service, caused by an error in the sntp program. By sending specially crafted NTP packets, a remote attacker from within the local...

AIX 6.1 TL 9 : bos.rte.control (U866671)

The remote host is missing AIX PTF U866671, which is related to the security of the package bos.rte.control. Libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the xmlParseEntityDecl or xmlParseConditionalSections function. By using a specially crafted XML dat...

AIX 6.1 TL 9 : bos.net.tcp.client (U869149)

The remote host is missing AIX PTF U869149, which is related to the security of the package bos.net.tcp.client. Network Time Protocol NTP is vulnerable to a denial of service, caused by an error in the sntp program. By sending specially crafted NTP packets, a remote attacker from within the local...

Linux/x86 - Bindshell with Configurable Port Shellcode (87 bytes)

/===================================================================/ / Filename: bindshell.c Author: JollyFrogs email protected License: This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License. Compile: gcc -m32 -fno-stack-protector -z execstack...

CVE-2016-3710

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue...

CVE-2016-3710

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue...

Design/Logic Flaw

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue...

CVE-2016-3710

CVE-2016-3710 : A bounds-checking flaw in QEMU’s VGA module (VBE read/write via I/O ports) allows a privileged guest to modify banked video memory and execute arbitrary code on the host with QEMU process privileges. Root cause: out-of-bounds read/write in VGA bank access. Impact: potential host c...

From 0 to TrustZone in the second article: the QSEE mention the right vulnerability and the use of CVE-2 0 1 5-6 6 3 9-a vulnerability warning-the black bar safety net

! In this article, we discuss how to find and exploit a vulnerability, access to Qualcomm secure execution environmentQSEEof the code execute permissions. Related reading From 0 to TrustZone first article: explore the high-pass SEE safe executable environment QSEE attack surface In a previous...

Core FTP Server 32-bit Build 587 - Heap Overflow

Exploit for windows platform in category dos / poc -- coding: cp1252 -- Exploit Title: Core FTP Server 32-bit - Build 587 Heap Overflow Date: 05/10/2016 Exploit Author: Paul Purcell Contact: ptpxploit at gmail Vendor Homepage: http://www.coreftp.com/ Vulnerable Version Download:...

Core FTP Server 32-bit Build 587 - Heap Overflow

-- coding: cp1252 -- Exploit Title: Core FTP Server 32-bit - Build 587 Heap Overflow Date: 05/10/2016 Exploit Author: Paul Purcell Contact: ptpxploit at gmail Vendor Homepage: http://www.coreftp.com/ Vulnerable Version Download: http://coreftp.com/server/download/archive/CoreFTPServer587.exe...

CVE-2016-3710

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue...

Amazon Linux: Security Advisory (ALAS-2016-694)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2016-0138)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 24 Update: roundcubemail-1.1.5-1.fc24

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 22 Update: roundcubemail-1.1.5-1.fc22

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

AIX 5.3 TL 12 : bind (IV81278) (deprecated)

ISC BIND is vulnerable to a denial of service, caused by improper bounds checking in apl42.c. By sending specially crafted Address Prefix List APL data, a remote authenticated attacker could exploit this vulnerability to trigger an INSIST assertion failure and cause the named process to terminate...

AIX 7.2 TL 0 : bind (IV81282) (deprecated)

ISC BIND is vulnerable to a denial of service, caused by improper bounds checking in apl42.c. By sending specially crafted Address Prefix List APL data, a remote authenticated attacker could exploit this vulnerability to trigger an INSIST assertion failure and cause the named process to terminate...