71 matches found
Remote code execution
curses is bindings for the native curses library, a full featured console IO library. curses downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled...
CVE-2016-10615
curses is bindings for the native curses library, a full featured console IO library. curses downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled...
CVE-2016-10615
The CVE-2016-10615 issue affects the curses package, where the library downloads binary resources over HTTP. The underlying problem is insecure HTTP delivery, enabling a MitM attacker to swap the requested binary, potentially leading to remote code execution on the host. The connected advisories ...
[SECURITY] Fedora 27 Update: ncurses-6.0-14.20170722.fc27
The curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses new curses library is a freely distributable replacement for the discontinued 4.4 BSD classic curses library. This package contains support utilities, including a...
Airpydump - Analyze Wireless Packets On The Fly. Currently Supporting Three Working Modes (Reader, Live, Stealth)
Analyze Wireless Packets on the fly. Currently supporting three working Modes Reader, Live, Stealth Description airpydump is a wireless packet analyzer, providing the interface most likely that of airodump-ng from aircrack suite. It currently provides three working modes which are Reader, Stealth...
iSelect v1.4 - Local Buffer Overflow
iSelect v1.4 - Local Buffer Overflow Exploit developed using Exploit Pack v7.01 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: iSelect Affected value: -k, --key=KEY Version: 1.4.0-2+b1 Tested and developed under: Kali Linux 2.0 x86 -...
iSelect 1.4 Local Buffer Overflow
Exploit developed using Exploit Pack v7.01 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: iSelect Affected value: -k, --key=KEY Version: 1.4.0-2+b1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description:...
Internet Bug Bounty: stack buffer overflows in the curses module
I found two stack buffer overflows in the curses module. These vulnerabilities have been reported to the PSRT and were fixed here: https://hg.python.org/cpython/rev/d5f6bc45b376 https://hg.python.org/cpython/rev/85b35300f200 Below are copies of the mails I sent to the PSRT. They describe the...
Code injection
cantocurses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharacters in a URL in a feed...
CVE-2013-7416
cantocurses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharacters in a URL in a feed...
CVE-2013-7416
cantocurses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharacters in a URL in a feed...
CVE-2013-7416
CVE-2013-7416 affects canto_curses/guibase.py in Canto Curses prior to 0.9.0. The issue allows a remote feed server to execute arbitrary commands via shell metacharacters in a URL contained in a feed. CVSS v2 base score is 7.5 (HIGH) with network access, low attack complexity, and no authenticati...
[SECURITY] [DSA-2102-1] New barnowl packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-2102-1 [email protected] http://www.debian.org/security/ Sebastien Delafond Sep 3, 2010 http://www.debian.org/security/faq - -...
DSA-2102-1 barnowl - arbitrary code execution
Bulletin has no description...
DSA-2049-1 barnowl - arbitrary code execution
Bulletin has no description...
Mandriva Update for drakxtools MDVA-2010:066 (drakxtools)
Check for the Version of drakxtools OpenVAS Vulnerability Test Mandriva Update for drakxtools MDVA-2010:066 drakxtools Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...
SLES9: Security update for Python
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: python-mpz python-tk python-curses python-demo python-doc-pdf python-gdbm python python-idle python-devel python-xml python-doc For more information, please...
SLES9: Security update for Python
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: python-doc-pdf python-tk python-gdbm python-idle python-xml python-devel python python-mpz python-demo python-doc python-curses For more information, please...
SLES9: Security update for Python
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: python-doc-pdf python-tk python-gdbm python-idle python-xml python-devel python python-mpz python-demo python-doc python-curses For more information, please...
SLES9: Security update for Python
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: python python-curses python-demo python-devel python-doc python-doc-pdf python-gdbm python-idle python-mpz python-tk python-xml For more information, please...