Kernel: ipsec: xfrm: use-after-free leading to potential privilege escalation

The Linux kernel is vulerable to a use-after-free flaw when Transformation User configuration interfaceCONFIGXFRMUSER compile-time configuration were enabled. This vulnerability occurs while closing a xfrm netlink socket in xfrmdumppolicydone. A user/process could abuse this flaw to potentially...

xdebug Unauthenticated OS Command Execution Exploit

This Metasploit module exploits a vulnerability in the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user. This module requires Metasploit: https://metasploit.com/download Current source:...

xdebug Unauthenticated OS Command Execution

Module exploits a vulnerability in the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user. This module requires Metasploit: https://metasploit.com/download Current source:...

Dr. Michio Kaku Paints Fascinating Picture of the Future at Qualys’ RSA Booth

Contact lenses that access the Internet literally at the blink of an eye. Toilets that detect cancer-indicating enzymes. Human settlements on Mars. Beaming one’s mind into outer space using lasers. Watching a video of your dreams after you wake up. Those were just a few of the mind-blowing...

Akamai 2018 Spring Release, In A Nutshell

Progressing Towards Our Future in The Cloud, Together As organizations continue to fuel and execute on their digital transformation ambitions, they're increasingly finding significant business agility and cost savings by adopting cloud, multi-cloud, or hybrid architectures. Availability, security...

gcc security, bug fix, and enhancement update

4.8.5-28.0.1 - Orabug: 27557686 Egeyar Bagcioglu - Introduce 'oraclerelease' into .spec file. Echo it to gcc/DEV-PHASE. 4.8.5-28 - Minor testsuite fixes to clean up test results 1469697 - retpoline support for spectre mitigation 1535655 4.8.5-27 - bump for rebuild with RELRO enabled even for...

PMS 0.42 Stack-Based Buffer Overflow Exploit

Exploit for linux platform in category dos / poc Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer local module Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is...

BSA-2018-559

Security Advisory ID : BSA-2018-559 Component : Apache HTTPD Revision : 2.0: Final Apache HTTP Server httpd modsession modulehas an improper input validation flaw in the way it handles HTTP session headers in some configurations. A remote attacker may influence their content by using a "Session"...

CVE-2018-0152

A vulnerability in the web-based user interface web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability exists because the affected software does not reset the privilege level for each web UI session. An...

CVE-2018-0160

A vulnerability in Simple Network Management Protocol SNMP subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper management of memory resources, referred to as a double free. An attacker...

CVE-2018-5454

Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime...

CVE-2018-6957

VMware Workstation 14.x before 14.1.1, 12.x and Fusion 10.x before 10.1.1 and 8.x contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled...

Philips Intellispace Portal Arbitrary Code Execution Vulnerability

The Philips Intellispace Portal processes clinical images from different modalities and enables advanced visualization of images.ISP systems are deployed in the healthcare and public health sectors. An arbitrary code execution vulnerability exists in Philips Intellispace Portal, which can be...

[SECURITY] [DSA 4121-1] gcc-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4121-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 22, 2018 https://www.debian.org/security/faq -...

CVE-2017-14993

OXID eShop Community Edition before 6.0.0 RC3 development, 4.10.x before 4.10.6 maintenance, and 4.9.x before 4.9.11 legacy, Enterprise Edition before 6.0.0 RC3 development, 5.2.x before 5.2.11 legacy, and 5.3.x before 5.3.6 maintenance, and Professional Edition before 6.0.0 RC3 development, 4.9....

Debian DSA-4117-1 : gcc-4.9 - security update

This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4117. The text itself i...

[SECURITY] [DSA 4117-1] gcc-4.9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4117-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 17, 2018 https://www.debian.org/security/faq -...

CVE-2016-6599

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service ConfigurationService on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the...

DEBIAN-CVE-2017-15094

An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or...

UBUNTU-CVE-2017-15094

An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or...