Ubuntu: Security Advisory (USN-1979-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for txt2man USN-1979-1

Check for the Version of txt2man OpenVAS Vulnerability Test $Id: gbubuntuUSN19791.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for txt2man USN-1979-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...

Ubuntu 12.04 LTS / 12.10 / 13.04 : txt2man vulnerability (USN-1979-1)

Patrick J Cherry discovered that txt2man contained leftover debugging code that incorrectly created a temporary file. A local attacker could possibly use this issue to overwrite arbitrary files. In the default Ubuntu installation, this should be prevented by the Yama link restrictions. Note that...

USN-1979-1: txt2man vulnerability

Patrick J Cherry discovered that txt2man contained leftover debugging code that incorrectly created a temporary file. A local attacker could possibly use this issue to overwrite arbitrary files. In the default Ubuntu installation, this should be prevented by the Yama link restrictions...

Share KM 1.0.19 Denial Of Service

Advisory Information : ====================== Title : Share KM 1.0.19 - Remote Denial Of Service Advisory ID : Cr02013-001 Product : Share KM desktop setup file Vendor : SmartUX Vulnerable Versions : 1.0.19 and probably prior release Tested Version : 1.0.19 Tested On : Windows 7 Vulnerability Typ...

[ollydbg-binary-execution-visualizer] New Tool for Visualizing Binaries With Ollydbg and Graphvis

Sometimes crackme’s or something you might be reversing will constantly bug you due to the excessive usage of f7 & f8. It will be quiet neat if you can see how the application is executing visually and set your break points accordingly. Requirements: o Ollyscript plugin o Bunch of your favorite...

Design/Logic Flaw

Unspecified vulnerability in Citrix CloudPortal Services Manager aka Cortex 10.0 before Cumulative Update 3 has unknown impact and attack vectors, related to debugging messages, a different vulnerability than other CVEs listed in CTX137162...

CVE-2013-2937

Technical details are not publicly available in the provided documents. Monitor for updates.

Information disclosure

The BOTCHA Spam Prevention module 7.x-1.x before 7.x-1.6, 7.x-2.x before 7.x-2.1, and 7.x-3.x before 7.x-3.3 for Drupal, when the debugging level is set to 5 or 6, logs the content of submitted forms, which allows context-dependent users to obtain sensitive information such as usernames and...

SA-CONTRIB-2013-067 - BOTCHA - Information Disclosure (potential Privilege Escalation)

BOTCHA is a highly configurable non-CAPTCHA spam protection framework. The module includes a debug mode which logs the content of submitted forms including passwords and other sensitive information. An attacker who gains access to the log i.e. dblog or syslog depending on configuration could get...

Solving rendering performance puzzles

You're missing demos in this post because JavaScript or inline SVG isn't available. The Chrome team are often asked to show the process of debugging a performance issue, including how to select tools and interpret results. Well, I was recently hit by an issue that required a bit of digging, here'...

CentOS Update for sos CESA-2013:1121 centos5

Check for the Version of sos OpenVAS Vulnerability Test CentOS Update for sos CESA-2013:1121 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

CentOS 5 : sos (CESA-2013:1121)

An updated sos package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

RHEL 5 : sos (RHSA-2013:1121)

An updated sos package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Scientific Linux Security Update : sos on SL5.x (noarch) (20130730)

The sosreport utility collected the Kickstart configuration file '/root /anaconda-ks.cfg', but did not remove the root user's password from it before adding the file to the resulting archive of debugging information. An attacker able to access the archive could possibly use this flaw to obtain th...

Low: Red Hat Security Advisory: sos security update

An updated sos package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

OllyDbg / Immunity Debugger Crash

;Title : OllyDbg/Immunity Debugger - Crash POC ;Researcher : Souhail Hammou Dark-Puzzle ;Research Team : http://itsecurity.ma ;Facebook : http://www.facebook.com/dark.puzzle.sec ;Date : 29/07/2013 ;================================================================== .386 .model flat,stdcall option...

JDWP Arbitrary Java Code Execution Exploitation

This is a whitepaper discussing arbitrary java code execution leveraging the Java Debugging Wire Protocol JDWP. JDWP Arbitrary Java Code Execution Exploitation =============================================== Java Debugging Wire Protocol JDWP is the lowlevel protocol used for communication between...

JDWP Exploitation

JDWP Arbitrary Java Code Execution Exploitation =============================================== Java Debugging Wire Protocol JDWP is the lowlevel protocol used for communication between a debugger and a Java Virtual Machine JVM as outlined in the Java Platform Debugger Architecture. It is often...

SuSE 10 Security Update : ibutils (ZYPP Patch Number 8641)

Various tmp races in ibdiagnet of ibutils have been fixed that could have been used by local attackers on machines where infiband was debugged to gain privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...