PYSEC-2016-29

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...

UBUNTU-CVE-2016-3630

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...

CVE-2016-3630

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...

Access Point Impersonation Attacks: hostapd-wpe

hostapd-wpe – Wireless Pwnage Edition – hostapd-wpe is the replacement for FreeRADIUS-WPE . It implements IEEE 802.1x Authenticator and Authentication Server impersonation attacks to obtain client credentials, establish connectivity to the client, and launch other attacks where applicable...

Repeated snapshot consolidation requests on VM by Snapshot Hunter

Article Applicability This article specifically applies to a situation where a VM was created using a third-party VDI, fast-provisioning application, or PowerCLI with the -LinkedClone parameter. Challenge Shortly after a backup or replication job runs, multiple Consolidate Snapshot operations are...

DEBIAN-CVE-2015-8543

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service NULL function pointer dereference and system crash or possibly gain...

CVE-2015-8374

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action...

DEBIAN-CVE-2015-8374

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action...

CVE-2015-8374

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action...

CVE-2015-8374

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action...

UBUNTU-CVE-2015-8374

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action...

CVE-2015-8374

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action...

UBUNTU-CVE-2015-8543

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service NULL function pointer dereference and system crash or possibly gain...

git-fastclone permits arbitrary shell command execution from .gitmodules

Git allows executing arbitrary shell commands using git-remote-ext via a remote URLs. Normally git never requests URLs that the user doesn't specifically request, so this is not a serious security concern. However, submodules did allow the remote repository to specify what URL to clone from. If a...

0d1n - Tool For Automating Customized Attacks Against Web Applications

Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. You can do: brute force passwords in auth forms directory disclosure use PATH list to brute, and find HTTP status code test list on input to find SQL Injection and XSS vulnerabilities To run: require libcurl-dev or...

pcs security update

CentOS Errata and Security Advisory CESA-2015:2290 An updated pcs package that fixes one security issue, several bugs, and add various enhancements is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common...

Heartbleed Vulnerability Scanner - Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)

Heartbleed Vulnerability Scanner is a multiprotocol HTTP, IMAP, SMTP, POP CVE-2014-0160 scanning and automatic exploitation tool written with python. For scanning wide ranges automatically, you can provide a network range in CIDR notation and an output file to dump the memory of vulnerable system...

Milw0rm Clone Script 1.0 Cross Site Scripting

Exploit Title: Milw0rm Clone Script 1.0 - XSS Vulnerability Date: 03.09.2015 Exploit Author: CrashBandicot @DosPerl Vendor Homepage: http://milw0rm.sourceforge.net/ Software Link: http://sourceforge.net/projects/milw0rm/files/milw0rm.rar/download Version: v1.0 Tested on: MSWin64 Vulnerable File :...

Alibaba Clone B2B Script Sql Injection Vulnerability

Exploit Title: Alibaba Clone B2B Script Sql Injection All Versions Date: 2015-08-31 Exploit Author: Meisam Monsef email protected or email protected Vendor Homepage: http://www.superbscripts.com/ Version: All Versions Tested on: CentOS and Windows Exploit Title: Alibaba Clone B2B Script Sql...

kernel: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS

It was found that the espfix functionality could be bypassed by installing a 16-bit RW data segment into GDT instead of LDT which espfix checks, and using that segment on the stack. A local, unprivileged user could potentially use this flaw to leak kernel stack addresses...