Design/Logic Flaw

Cisco Aironet 1850 access points with software 8.1112.4 allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694...

CVE-2015-6315

Cisco Aironet 1850 access points with software 8.1112.4 allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694...

CVE-2015-6315

Cisco Aironet 1850 access points with software 8.1112.4 allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694...

CVE-2015-6315

The CVE-2015-6315 issue affects Cisco Aironet 1850 Series Access Points running software 8.1(112.4). A local privilege-escalation vulnerability exists in the CLI, caused by insufficient escape protections when validating commands, allowing an authenticated, local attacker to gain root-level privi...

Fedora 21 : 389-ds-base-1.3.3.13-1.fc21 (2015-15128)

389-ds-base-1.3.3.13-1.fc21 - release 1.3.3.13 - Ticket 48265 - Complex filter in a search request doen't work as expected. regression - Ticket 47981 - COS cache doesn't properly mark vattr cache as invalid when there are multiple suffixes - Ticket 48252 - db2index creates index entry from delete...

Telegram Denial Of Service / Bypass Limit Vulnerabilities

Exploit for multiple platform in category dos / poc + Title: Telegram - Multiple Vulnerabilities + Product: Telegram + Vendor: http://telegram.org/ + SoftWare Link : https://web.telegram.org / https://my.telegram.org Author : Eduardo Alves E-Mail : edudx1 at gmail dot com Website :...

Fedora 23 : php-5.6.13-1.fc23 (2015-14978)

03 Sep 2015, PHP 5.6.13 Core: Fixed bug 69900 Too long timeout on pipes. Anatol Fixed bug 69487 SAPI may truncate POST data. cmb Fixed bug 70198 Checking liveness does not work as expected. Shafreeck Sea, Anatol Belski Fixed bug 70172 Use After Free Vulnerability in unserialize. Stas Fixed bug...

Speedtest - Command Line Interface for Testing Internet Bandwidth

speedtest-cli is a command line interface for testing internet bandwidth using speedtest.net Installation pip / easyinstall pip install speedtest-cli or easyinstall speedtest-cli Github pip install git+https://github.com/sivel/speedtest-cli.git or git clone...

otrs -- Scheduler Process ID File Access

The OTRS project reports: An attacker with valid LOCAL credentials could access and manipulate the process ID file for bin/otrs.schduler.pl from the CLI. The Proc::Daemon module 0.14 for Perl uses world-writable permissions for a file that stores a process ID, which allows local users to have an...

Fedora 22 : php-5.6.13-1.fc22 (2015-14977)

03 Sep 2015, PHP 5.6.13 Core: Fixed bug 69900 Too long timeout on pipes. Anatol Fixed bug 69487 SAPI may truncate POST data. cmb Fixed bug 70198 Checking liveness does not work as expected. Shafreeck Sea, Anatol Belski Fixed bug 70172 Use After Free Vulnerability in unserialize. Stas Fixed bug...

Security Advisory - DoS Vulnerability in Huawei U1900 CLI Module

Huawei eSpace U1900 switch series provides professional IP voice solutions to meet communications requirements from various enterprises of different sizes. Huawei eSpace U1900 series includes eSpace U1910, U1911, U1930, U1960, U1980, and U1981. The U1900 series uses the Command Line Interface CLI...

Amazon Linux: Security Advisory (ALAS-2015-464)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SparkyLinux - Lightweight & fast Debian-based Linux Distribution

SparkyLinux is a GNU/Linux distribution created on the “testing” branch of Debian. It features customized lightweight desktops like E19, LXDE and Openbox, multimedia plugins, selected sets of apps and own custom tools to ease different tasks. Why Sparky? SparkyLinux is a Debian-based Linux...

Intrigue - Intelligence Gathering Framework

Intrigue-core is an API-first intelligence gathering framework for Internet reconnaissance and research. Setting up a development environment The following are presumed available and configured in your environment redis sudo nmap zmap masscan java runtime Sudo is used to allow root access for...

CVE-2015-6265

The CLI in Cisco Application Control Engine ACE 4700 A5 3.0 and earlier allows local users to bypass intended access restrictions, and read or write to files, by entering an unspecified CLI command with a crafted file as this command's input, aka Bug ID CSCur23662...

CVE-2015-6265

The Cisco ACE 4700 A5 CLI vulnerability (CVE-2015-6265) allows an authenticated, local attacker to bypass access restrictions and read/write files by feeding a crafted file as input to a CLI command. Root cause: insufficient file access controls. Affected: ACE 4700 A5 running 3.0 and earlier. Imp...

Cisco ACE 4710 and ACE30 Application Control Engine CLI Privilege Escalation Vulnerability

A vulnerability in the command-line interface CLI of Cisco Application Control Engine ACE could allow an authenticated, local attacker to elevate privileges to read and alter the content of files that belong to other contexts. The vulnerability is due to insufficient file access controls. An...

CVE-2015-4327

The CVE-2015-4327 issue affects Cisco TelePresence Video Communication Server Expressway X8.5.2 CLI. The root cause is insufficient input validation when writing script arguments to a local file, enabling an authenticated, local attacker to gain root privileges by injecting/overwriting script par...

Cisco TelePresence Video Communication Server Expressway Arbitrary File Injection Vulnerability

A vulnerability in the command-line interface CLI of the Cisco TelePresence Video Communication Server VCS Expressway could allow an authenticated, local attacker to inject arbitrary arguments to a script on an affected system. The vulnerability is due to insufficient input validation of content ...

Nuts CMS Remote PHP Code Injection / Execution Exploit

Exploit for php platform in category web applications "cli" die$error0; if$argc "; echo"\nExample: php $argv0 localhost /"; die; ifisset$argv1 && isset$argv2 $host = $argv1; $path = $argv2; $pack = "GET $pathnuts/login.php?r= HTTP/1.0\r\n"; $pack.= "Host: $host\r\n"; $pack.= "Cmd: %s\r\n"; $pack....