Lucene search
K

71 matches found

Prion
Prion
added 2018/06/01 6:29 p.m.17 views

Remote code execution

curses is bindings for the native curses library, a full featured console IO library. curses downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled...

9.3CVSS8AI score0.01682EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/06/01 6:0 p.m.30 views

CVE-2016-10615

curses is bindings for the native curses library, a full featured console IO library. curses downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled...

8.3AI score0.01682EPSS
Exploits0References1
CVE
CVE
added 2018/06/01 6:0 p.m.57 views

CVE-2016-10615

The CVE-2016-10615 issue affects the curses package, where the library downloads binary resources over HTTP. The underlying problem is insecure HTTP delivery, enabling a MitM attacker to swap the requested binary, potentially leading to remote code execution on the host. The connected advisories ...

9.3CVSS8.3AI score0.01682EPSS
Exploits0References1Affected Software1
Fedora
Fedora
added 2018/05/30 2:32 p.m.34 views

[SECURITY] Fedora 27 Update: ncurses-6.0-14.20170722.fc27

The curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses new curses library is a freely distributable replacement for the discontinued 4.4 BSD classic curses library. This package contains support utilities, including a...

1.4AI score
Exploits0
Kitploit
Kitploit
added 2018/05/21 1:30 p.m.36 views

Airpydump - Analyze Wireless Packets On The Fly. Currently Supporting Three Working Modes (Reader, Live, Stealth)

Analyze Wireless Packets on the fly. Currently supporting three working Modes Reader, Live, Stealth Description airpydump is a wireless packet analyzer, providing the interface most likely that of airodump-ng from aircrack suite. It currently provides three working modes which are Reader, Stealth...

7.1AI score
Exploits0References1
exploitpack
exploitpack
added 2017/01/16 12:0 a.m.9 views

iSelect v1.4 - Local Buffer Overflow

iSelect v1.4 - Local Buffer Overflow Exploit developed using Exploit Pack v7.01 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: iSelect Affected value: -k, --key=KEY Version: 1.4.0-2+b1 Tested and developed under: Kali Linux 2.0 x86 -...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/01/16 12:0 a.m.23 views

iSelect 1.4 Local Buffer Overflow

Exploit developed using Exploit Pack v7.01 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: iSelect Affected value: -k, --key=KEY Version: 1.4.0-2+b1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description:...

0.1AI score
Exploits0
Hacker One
Hacker One
added 2016/08/16 9:19 a.m.46 views

Internet Bug Bounty: stack buffer overflows in the curses module

I found two stack buffer overflows in the curses module. These vulnerabilities have been reported to the PSRT and were fixed here: https://hg.python.org/cpython/rev/d5f6bc45b376 https://hg.python.org/cpython/rev/85b35300f200 Below are copies of the mails I sent to the PSRT. They describe the...

7.5AI score
Exploits0
Prion
Prion
added 2014/12/03 9:59 p.m.14 views

Code injection

cantocurses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharacters in a URL in a feed...

7.5CVSS8.1AI score0.02846EPSS
Exploits1References6Affected Software1
UbuntuCve
UbuntuCve
added 2014/12/03 9:59 p.m.25 views

CVE-2013-7416

cantocurses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharacters in a URL in a feed...

7.5CVSS6.2AI score0.02846EPSS
Exploits1References2
NVD
NVD
added 2014/12/03 9:59 p.m.15 views

CVE-2013-7416

cantocurses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharacters in a URL in a feed...

7.5CVSS7.6AI score0.02846EPSS
Exploits1References6
CVE
CVE
added 2014/12/03 9:0 p.m.43 views

CVE-2013-7416

CVE-2013-7416 affects canto_curses/guibase.py in Canto Curses prior to 0.9.0. The issue allows a remote feed server to execute arbitrary commands via shell metacharacters in a URL contained in a feed. CVSS v2 base score is 7.5 (HIGH) with network access, low attack complexity, and no authenticati...

7.5CVSS7.8AI score0.02846EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2010/09/06 12:0 a.m.51 views

[SECURITY] [DSA-2102-1] New barnowl packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-2102-1 [email protected] http://www.debian.org/security/ Sebastien Delafond Sep 3, 2010 http://www.debian.org/security/faq - -...

7.5CVSS1.1AI score0.02935EPSS
Exploits0
OSV
OSV
added 2010/09/03 12:0 a.m.17 views

DSA-2102-1 barnowl - arbitrary code execution

Bulletin has no description...

7.5CVSS6.4AI score0.02935EPSS
Exploits0
OSV
OSV
added 2010/05/23 12:0 a.m.21 views

DSA-2049-1 barnowl - arbitrary code execution

Bulletin has no description...

7.5CVSS6.1AI score0.03809EPSS
Exploits0
OpenVAS
OpenVAS
added 2010/02/19 12:0 a.m.43 views

Mandriva Update for drakxtools MDVA-2010:066 (drakxtools)

Check for the Version of drakxtools OpenVAS Vulnerability Test Mandriva Update for drakxtools MDVA-2010:066 drakxtools Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

10CVSS0.0838EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.31 views

SLES9: Security update for Python

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: python-mpz python-tk python-curses python-demo python-doc-pdf python-gdbm python python-idle python-devel python-xml python-doc For more information, please...

5.8CVSS7AI score0.12488EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.19 views

SLES9: Security update for Python

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: python-doc-pdf python-tk python-gdbm python-idle python-xml python-devel python python-mpz python-demo python-doc python-curses For more information, please...

7.5CVSS9.8AI score0.04344EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.30 views

SLES9: Security update for Python

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: python-doc-pdf python-tk python-gdbm python-idle python-xml python-devel python python-mpz python-demo python-doc python-curses For more information, please...

9.7AI score
Exploits0References1
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.27 views

SLES9: Security update for Python

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: python python-curses python-demo python-devel python-doc python-doc-pdf python-gdbm python-idle python-mpz python-tk python-xml For more information, please...

9.3CVSS7.9AI score0.06292EPSS
Exploits8References1
Rows per page
Query Builder