Information Disclosure

jboss application server is vulnerable to information disclosure. The default configuration for the Command Line Interface created a history file .jboss-cli-history in the user's home directory with insecure file permissions. This allows a malicious local user to gain information otherwise not...

SUSE-RU-2018:4074-1 Recommended update for aws-cli, python-boto3, python-botocore, python-s3transfer

This update for aws-cli, python-boto3, python-botocore, python-s3transfer fixes the following issues: aws-cli: - Update to version 1.16.61. bsc1088310 + For detailed changes see https://github.com/aws/aws-cli/blob/1.16.1/CHANGELOG.rst - Update to version 1.16.1 bsc1105988, bsc1092493 +...

CVE-2018-6439

A Vulnerability in the configdownload command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...

Security feature bypass

A Vulnerability in the configdownload command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...

CVE-2018-6439

A Vulnerability in the configdownload command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...

[SECURITY] Fedora 27 Update: soundtouch-2.1.1-1.fc27

SoundTouch is a LGPL-licensed open-source audio processing library for changing the Tempo, Pitch and Playback Rates of audio streams or files. The SoundTouch library is suited for application developers writing sound processing tools that require tempo/pitch control functionality, or just for...

SUSE-SU-2018:3864-1 Security update for openssl

This update for openssl fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation bsc1113652. - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses bsc1113534. - CVE-2018-0737: Corrected the current erro...

[SECURITY] Fedora 28 Update: soundtouch-2.1.1-1.fc28

SoundTouch is a LGPL-licensed open-source audio processing library for changing the Tempo, Pitch and Playback Rates of audio streams or files. The SoundTouch library is suited for application developers writing sound processing tools that require tempo/pitch control functionality, or just for...

[SECURITY] Fedora 29 Update: soundtouch-2.1.1-1.fc29

SoundTouch is a LGPL-licensed open-source audio processing library for changing the Tempo, Pitch and Playback Rates of audio streams or files. The SoundTouch library is suited for application developers writing sound processing tools that require tempo/pitch control functionality, or just for...

Brocade Fabric OS Security Bypass Vulnerability (CNVD-2018-23084)

Brocade Fabric OS FOS is an embedded operating system used in devices such as switches and routers from Brocade Communications Systems Brocade. command line interface CLI is one of the command line interfaces. A security vulnerability exists in the 'supportsave' command in the Brocade FOS CLI. A...

CVE-2018-6437

A Vulnerability in the help command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...

CVE-2018-6436

A Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access...

Design/Logic Flaw

A Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface CLI versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, and gain root access...

Isip - Interactive Sip Toolkit For Packet Manipulations, Sniffing, Man In The Middle Attacks, Fuzzing, Simulating Of Dos Attacks

Interactive sip toolkit for packet manipulations, sniffing, man in the middle attacks, fuzzing, simulating of dos attacks. Video Setup git clone https://github.com/halitalptekin/isip.git cd isip pip install -r requirements.txt Usage Packet manipulation tools are in packet cmd loop. First start, y...

CVE-2018-15322

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 6.0.0-6.0.1, 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.0.1-2.3.0, or Enterprise Manager 3.1.1 a BIG-IP user granted with tmsh access may caus...

BSA-2018-730

Security Advisory ID : BSA-2018-730 Component : Fabric OS CLI Revision : 1.0: Initial Multiple Vulnerabilities in Brocade Fabric OS command line interface CLIcould allow a local attacker toescape the restricted shell and, gain root access. Commands Affected firmwaredownload command -CVE-2018-6436...

CVE-2018-0477

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, faili...

CVE-2018-15368

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...

Gurp - Golang command-line interface to Burp Suite's REST API

Requirements BurpSuite Professional v2.0.0beta or greater from PortSwigger Dependencies go get -u -v github.com/fatih/color go get -u -v github.com/integrii/flaggy go get -u -v github.com/tidwall/gjson go get -u -v github.com/grokify/html-strip-tags-go Binaries Latest version available here...

Unspecified Vulnerability in Red Hat JBoss Enterprise Application Platform

Red Hat JBoss Enterprise Application Platform EAP is the United States Red Hat Red Hat company's set of open source, J2EE-based middleware platform. The platform is mainly used to build, deploy and host Java applications and services. A security vulnerability exists in Red Hat JBoss EAP versions...