[SECURITY] Fedora 20 Update: texlive-2013-6.20131226_r32488.fc20

The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...

SUSE-SU-2015:0688-1 Security update for webkitgtk

This update fixes the following security issues: - Fix SSL connection issues with some websites after the POODLE vulnerability fix. - Fix a crash when loading flash plugins. - Fix build on GNU Hurd - Fix build on OS X. - Fix documentation of webkitprintoperationgetpagesetup. - Security fixes:...

[SECURITY] Fedora 22 Update: dokuwiki-0-0.24.20140929c.fc22

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

[SECURITY] Fedora 21 Update: dokuwiki-0-0.24.20140929c.fc21

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

[SECURITY] Fedora 20 Update: dokuwiki-0-0.24.20140929c.fc20

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

Multiple Cross-Site Scripting Vulnerabilities in Drupal Site Documentation Module

Drupal is a developmental CMF Content Management Framework written in the PHP language. Multiple cross-site scripting vulnerabilities exist in the Drupal Site Documentation module. Because the application fails to properly filter user-supplied input, an attacker could exploit the vulnerabilities ...

Java RMI Registry Interfaces Enumeration

This module gathers information from an RMI endpoint running an RMI registry interface. It enumerates the names bound in a registry and looks up each remote reference. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

SA-CONTRIB-2015-074 - Site Documentation - Cross Site Scripting (XSS)

Site Documentation module enables you to display detailed configuration information. The module doesn't sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must have a user with...

Maligno v2.0 - Metasploit Payload Server

Maligno is an open source penetration testing tool written in Python that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded prior to transmission. Maligno also comes with a client tool, which...

NSEarch - Nmap Script Engine Search

NSEarch is a tool that helps you find scripts that are used nmap NSE , can be searched using the name or category , it is also possible to see the documentation of the scripts found. USAGE: $ python nsearch.py Main Menu Initial Setup ================================================ | \ | |/ || | ...

[SECURITY] Fedora 21 Update: ntp-4.2.6p5-27.fc21

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

[SECURITY] Fedora 20 Update: ntp-4.2.6p5-20.fc20

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

Value 1 2 5 0 0 dollars to the Facebook album delete vulnerability-vulnerability warning-the black bar safety net

Overview: if your photo is deleted unknowingly, what will you do? Obviously, this problem is very annoying huh? This post is to say I found a vulnerability which allows a malicious user to delete Facebook on any album. Yes, any user, page, group, photo album can be deleted. The Graph API is the...

[SECURITY] Fedora 21 Update: postgresql-9.3.6-1.fc21

PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...

[SECURITY] Fedora 20 Update: mantis-1.2.19-1.fc20

Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis When t...

OWASP SSL audit: O-Saft

O-Saft is an easy to use tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. It’s designed to be used by penetration testers, security auditors or server administrators. The idea is to show the important...

kernel security and bug fix update

2.6.32-504.8.1 - crypto crc32c: Kill pointless CRYPTOCRC32CX8664 option Jarod Wilson 1175509 1036212 - crypto testmgr: add larger crc32c test vector to test FPU path in crc32cintel Jarod Wilson 1175509 1036212 - crypto tcrypt: Added speed test in tcrypt for crc32c Jarod Wilson 1175509 1036212 -...

[SECURITY] Fedora 21 Update: python-pillow-2.6.1-2.fc21

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are five subpackages: tk tk interface, qt PIL image wrapper for Qt , sane scanning...

Streisand

The Internet can be a little unfair. It’s way too easy for ISPs, telecoms, politicians, and corporations to block access to the sites and information that you care about. But breaking through these restrictions is tough . Or is it? Introducing Streisand A single command sets up a brand new server...

[ MDVSA-2015:025 ] mpfr

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:025 http://www.mandriva.com/en/support/security/ Package : mpfr Date : January 15, 2015 Affected: Business Server 1.0 Problem Description: Updated mpfr packages fix security vulnerability: A buffer overflow...