mapr Information Disclosure

Hello, The mapr web frontend component creates an information disclosure vulnerability. During the setup of mapr the configure.sh script calls a function ConfigureWSRole: function ConfigureWSRole if $clientOnly -eq 0 -a $dontChangeSecurityPermissionsOn -eq 0 ; then ConfigureRunUserForWS fi This...

[SECURITY] Fedora 25 Update: ntp-4.2.6p5-44.fc25

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

[SECURITY] Fedora 25 Update: texlive-2016-33.20160520.fc25

The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...

CVE-2017-0022

creationtimestamp| type| source ---|---|--- 2017-03-28 07:37:51+00:00| exploited| https://t.me/webamoozir/1455 2017-05-22 14:59:20+00:00| seen| https://t.me/webamoozir/1833 2017-05-22 16:12:32+00:00| seen| MISP/59230dec-8928-4368-b287-57ab95ca48b7 2018-03-27 17:55:16+00:00| exploited|...

CVE-2017-2931

creationtimestamp| type| source ---|---|--- 2017-03-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41608 2025-08-31 03:01:29+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

Fedora 25 : knot / knot-resolver (2017-038e821698)

Knot Resolver 1.2.3 2017-02-23 ================================ Bugfixes -------- - Disable storing GLUE records into the cache even in the non-default QUERYPERMISSIVE mode - iterate: skip answer RRs that don't match the query - layer/iterate: some additional processing for referrals - lib/resolv...

CVE-2017-6465

creationtimestamp| type| source ---|---|--- 2017-03-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41511 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/ftpshell51pwdreply.rb 2025-10-23 21:12:58+00:00| see...

cics-user-brute NSE Script

CICS User ID brute forcing script for the CESL login screen. Script Arguments cics-user-brute.commands Commands in a semi-colon separated list needed to access CICS. Defaults to CICS. brute.credfile, brute.delay, brute.emptypass, brute.firstonly, brute.guesses, brute.mode, brute.passonly,...

CVE-2017-2986

creationtimestamp| type| source ---|---|--- 2017-02-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41423 2017-02-22 12:34:18+00:00| published-proof-of-concept| https://t.me/canyoupwnme/817...

CVE-2016-7288

creationtimestamp| type| source ---|---|--- 2017-02-14 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41357 2017-05-02 17:40:03+00:00| published-proof-of-concept| https://t.me/informationsecuritychannel/4664 2024-10-29 18:47:37+00:00| published-proof-of-concept|...

How to determine the version of Citrix license server installed

This article describes how to determine the version of the Citrix license server...

Faraday v2.3 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...

DNS Poisoning Attacks Made Easy: Judas DNS

DNS Poisoning Attacks Made Easy A DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation. Judas works by proxying all DNS queries to the legitimate nameservers for a domain. The magic comes with Judas’s rule configurations which allow you to...

Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers: GEF

Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers GEF is a kick-ass set of commands for X86, ARM, MIPS, PowerPC and SPARC to make GDB cool again for exploit dev. It is aimed to be used mostly by exploiters and reverse-engineers, to provides additional features to GDB usi...

CVE-2017-2353

creationtimestamp| type| source ---|---|--- 2017-01-26 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41164...

CVE-2017-2360

creationtimestamp| type| source ---|---|--- 2017-01-26 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41165...

Fedora 24 : gd (2017-2717b02630)

Version 2.2.4 - 2017-01-18 Security - gdImageCreate doesn't check for oversized images and as such is prone to DoS vulnerabilities. CVE-2016-9317 - double-free in gdImageWebPtr CVE-2016-6912 - potential unsigned underflow in gdinterpolation.c - DOS vulnerability in gdImageCreateFromGd2Ctx Fixed -...

Fedora 25 : gd (2017-bab5698540)

Version 2.2.4 - 2017-01-18 Security - gdImageCreate doesn't check for oversized images and as such is prone to DoS vulnerabilities. CVE-2016-9317 - double-free in gdImageWebPtr CVE-2016-6912 - potential unsigned underflow in gdinterpolation.c - DOS vulnerability in gdImageCreateFromGd2Ctx Fixed -...

JudasDNS - Nameserver DNS poisoning attacks made easy

A DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation. Judas works by proxying all DNS queries to the legitimate nameservers for a domain. The magic comes with Judas's rule configurations which allow you to change DNS responses depending on...

MC Documentation Creator SQL Injection Vulnerability

MC Documentation Creator is a PHP document creation script . A SQL injection vulnerability exists in MC Documentation Creator. Due to poor parameter filtering in this PHP script, an attacker can exploit the vulnerability to obtain sensitive data...