Fedora 23 : php-5.6.13-1.fc23 (2015-14978)

03 Sep 2015, PHP 5.6.13 Core: Fixed bug 69900 Too long timeout on pipes. Anatol Fixed bug 69487 SAPI may truncate POST data. cmb Fixed bug 70198 Checking liveness does not work as expected. Shafreeck Sea, Anatol Belski Fixed bug 70172 Use After Free Vulnerability in unserialize. Stas Fixed bug...

Speedtest - Command Line Interface for Testing Internet Bandwidth

speedtest-cli is a command line interface for testing internet bandwidth using speedtest.net Installation pip / easyinstall pip install speedtest-cli or easyinstall speedtest-cli Github pip install git+https://github.com/sivel/speedtest-cli.git or git clone...

otrs -- Scheduler Process ID File Access

The OTRS project reports: An attacker with valid LOCAL credentials could access and manipulate the process ID file for bin/otrs.schduler.pl from the CLI. The Proc::Daemon module 0.14 for Perl uses world-writable permissions for a file that stores a process ID, which allows local users to have an...

Fedora 22 : php-5.6.13-1.fc22 (2015-14977)

03 Sep 2015, PHP 5.6.13 Core: Fixed bug 69900 Too long timeout on pipes. Anatol Fixed bug 69487 SAPI may truncate POST data. cmb Fixed bug 70198 Checking liveness does not work as expected. Shafreeck Sea, Anatol Belski Fixed bug 70172 Use After Free Vulnerability in unserialize. Stas Fixed bug...

Security Advisory - DoS Vulnerability in Huawei U1900 CLI Module

Huawei eSpace U1900 switch series provides professional IP voice solutions to meet communications requirements from various enterprises of different sizes. Huawei eSpace U1900 series includes eSpace U1910, U1911, U1930, U1960, U1980, and U1981. The U1900 series uses the Command Line Interface CLI...

Amazon Linux: Security Advisory (ALAS-2015-464)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SparkyLinux - Lightweight & fast Debian-based Linux Distribution

SparkyLinux is a GNU/Linux distribution created on the “testing” branch of Debian. It features customized lightweight desktops like E19, LXDE and Openbox, multimedia plugins, selected sets of apps and own custom tools to ease different tasks. Why Sparky? SparkyLinux is a Debian-based Linux...

Intrigue - Intelligence Gathering Framework

Intrigue-core is an API-first intelligence gathering framework for Internet reconnaissance and research. Setting up a development environment The following are presumed available and configured in your environment redis sudo nmap zmap masscan java runtime Sudo is used to allow root access for...

CVE-2015-6265

The CLI in Cisco Application Control Engine ACE 4700 A5 3.0 and earlier allows local users to bypass intended access restrictions, and read or write to files, by entering an unspecified CLI command with a crafted file as this command's input, aka Bug ID CSCur23662...

CVE-2015-6265

The Cisco ACE 4700 A5 CLI vulnerability (CVE-2015-6265) allows an authenticated, local attacker to bypass access restrictions and read/write files by feeding a crafted file as input to a CLI command. Root cause: insufficient file access controls. Affected: ACE 4700 A5 running 3.0 and earlier. Imp...

Cisco ACE 4710 and ACE30 Application Control Engine CLI Privilege Escalation Vulnerability

A vulnerability in the command-line interface CLI of Cisco Application Control Engine ACE could allow an authenticated, local attacker to elevate privileges to read and alter the content of files that belong to other contexts. The vulnerability is due to insufficient file access controls. An...

CVE-2015-4327

The CVE-2015-4327 issue affects Cisco TelePresence Video Communication Server Expressway X8.5.2 CLI. The root cause is insufficient input validation when writing script arguments to a local file, enabling an authenticated, local attacker to gain root privileges by injecting/overwriting script par...

Cisco TelePresence Video Communication Server Expressway Arbitrary File Injection Vulnerability

A vulnerability in the command-line interface CLI of the Cisco TelePresence Video Communication Server VCS Expressway could allow an authenticated, local attacker to inject arbitrary arguments to a script on an affected system. The vulnerability is due to insufficient input validation of content ...

Nuts CMS Remote PHP Code Injection / Execution Exploit

Exploit for php platform in category web applications "cli" die$error0; if$argc "; echo"\nExample: php $argv0 localhost /"; die; ifisset$argv1 && isset$argv2 $host = $argv1; $path = $argv2; $pack = "GET $pathnuts/login.php?r= HTTP/1.0\r\n"; $pack.= "Host: $host\r\n"; $pack.= "Cmd: %s\r\n"; $pack....

Nuts CMS - PHP Remote Code Injection Execution

Nuts CMS - PHP Remote Code Injection Execution "cli" die$error0; if$argc "; echo"\nExample: php $argv0 localhost /"; die; ifisset$argv1 && isset$argv2 $host = $argv1; $path = $argv2; $pack = "GET $pathnuts/login.php?r= HTTP/1.0\r\n"; $pack.= "Host: $host\r\n"; $pack.= "Cmd: %s\r\n"; $pack.=...

HTTPie - a CLI, cURL-like tool for humans

HTTPie pronounced aych-tee-tee-pie is a command line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. It provides a simple http command that allows for sending arbitrary HTTP requests using a simple and natural syntax, and displays colorized output...

CVE-2015-4279

The Manager component in Cisco Unified Computing System UCS 2.23b on B Blade Server devices allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect, aka Bug ID CSCut32778...

Fedora Update for openvas-cli FEDORA-2015-10946

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 22 : openvas-cli-1.4.1-2.fc22 / openvas-libraries-8.0.3-2.fc22 / openvas-manager-6.0.3-4.fc22 / etc (2015-10946)

Bump to openvas8 because of the issues found in previous versions. This should be the first version with scanner really working on Fedora. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

[SECURITY] Fedora 22 Update: openvas-cli-1.4.1-2.fc22

OpenVAS CLI contains the command line tool "omp" which allows to create bat ch processes to drive OpenVAS Manager...