CVE-2018-20902

cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation SEC-408...

Design/Logic Flaw

cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation SEC-408...

CVE-2018-20902

CVE-2018-20902 affects cPanel before 71.9980.37. The vulnerability lets an attacker read the root user’s crontab by leveraging the ClamAV installation (SEC-408). This is a local access issue tied to the ClamAV integration within cPanel. The available documents do not specify a patch version or re...

CVE-2018-20902

cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation SEC-408...

RedGhost v3.0 - Linux Post Exploitation Framework Written In Bash Designed To Assist Red Teams In Persistence, Reconnaissance, Privilege Escalation And Leaving No Trace

Linux post exploitation framework designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace. Payloads Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perl SudoInject Function to inject sudo command with wrapper...

EvilGnome: A New Backdoor Implant Spies On Linux Desktop Users

Security researchers have discovered a rare piece of Linux spyware that's currently fully undetected across all major antivirus security software products, and includes rarely seen functionalities with regards to most Linux malware, The Hacker News learned. It's a known fact that there are a very...

RedGhost v2.0 - Linux Post Exploitation Framework Designed To Assist Red Teams In Gaining Persistence, Reconnaissance And Leaving No Trace

Linux post exploitation framework designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace. Payloads Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perl SudoInject Function to inject sudo command with wrapper...

CentOS Control Web Panel 0.9.8.836 - Privilege Escalation

//====================================================================\ || || || CWP Control Web Panel 0.9.8.836 - 0.9.8.839 || || Root Privilege Escalation || || || \====================================================================//...

Mr. Coffee with WeMo: Double Roast

ARCHIVED STORY Mr. Coffee with WeMo: Double Roast By Sam Quinn · May 30, 2019 McAfee Advanced Threat Research recently released a blog detailing a vulnerability in the Mr. Coffee Coffee Maker with WeMo. Please refer to the earlier blog to catch up with the processes and techniques I used to...

MGASA-2019-0157 Updated cronie packages fix security vulnerabilities

Updated cronie packages fix security vulnerabilities: Cronie before 1.5.3 allows local users to cause a denial of service daemon crash via a large crontab file because the calloc return value is not checked CVE-2019-9704. Cronie before 1.5.3 allows local users to cause a denial of service memory...

openSUSE Security Update : salt (openSUSE-2019-1019)

This update for salt fixes the following issues : Security issues fixed : - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api bsc1113698. - CVE-2018-15751: Fixed remote authentication bypass in salt-apinetapi that allows to execute arbitrary commands bsc1113699. Non-security...

Debian DLA-1723-1 : cron security update

Various security problems have been discovered in Debian's CRON scheduler. CVE-2017-9525 Fix group crontab to root escalation via the Debian package's postinst script as described by Alexander Peslyak Solar Designer in http://www.openwall.com/lists/oss-security/2017/06/08/3 CVE-2019-9704 DoS: Fix...

CVE-2019-9704

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service daemon crash via a large crontab file because the calloc return value is not checked...

CVE-2019-9705

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service memory consumption via a large crontab file because an unlimited number of lines is accepted...

CVE-2019-9704

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service daemon crash via a large crontab file because the calloc return value is not checked...

CVE-2019-9705

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service memory consumption via a large crontab file because an unlimited number of lines is accepted...

UBUNTU-CVE-2019-9704

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service daemon crash via a large crontab file because the calloc return value is not checked...

CVE-2019-9705

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service memory consumption via a large crontab file because an unlimited number of lines is accepted...

DEBIAN-CVE-2019-9704

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service daemon crash via a large crontab file because the calloc return value is not checked...

CVE-2019-9704

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service daemon crash via a large crontab file because the calloc return value is not checked...