WordPress Vulnerability Scanner: vane

Vane is a GPL fork of the now non-free popular wordpress vulnerability scanner WPScan. Install Vane Prerequisites Windows not supported Ruby = 1.9 RubyGems Git Debian/Ubuntu sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev git clone...

Fork CMS 'loadForm()' Function Cross-Site Scripting Vulnerability

Fork CMS is a CMS system developed in PHP. A cross-site scripting vulnerability exists in the Fork CMS 'loadForm' function due to the program failing to properly filter user-supplied input. An attacker could use this vulnerability to execute arbitrary script code or steal cookie-based...

Fork CMS 3.8.3 Cross Site Scripting

Exploit Title: XSS Vulnerability in Fork CMS 3.8.3 Google Dork: N/A Date: 12/26/2014 Exploit Author: Le Ngoc phi [email protected] and ITAS Team www.itas.vn Vendor Homepage: http://www.fork-cms.com Software Link: http://www.fork-cms.com/blog/detail/fork-3.8.4-released Version: Fork 3.8.3 Tested on...

GLSA-201408-14 : stunnel: Information disclosure

The remote host is affected by the vulnerability described in GLSA-201408-14 stunnel: Information disclosure stunnel does not properly update the state of the pseudo-random generator after fork-threading which causes subsequent children with the same process ID to use the same entropy pool. ECDSA...

Oracle Linux 7 : kernel (ELSA-2014-0923)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0923 advisory. - net l2tpppp: fail when socket option level is not SOLPPPOL2TP Petr Matousek 1119465 1119466 CVE-2014-4943 Tenable has extracted the preceding...

Linux Kernel 3.2.0-23 (Ubuntu 12.04 x64) - ptracesysret Local Privilege Escalation

Linux Kernel 3.2.0-23 Ubuntu 12.04 x64 - ptracesysret Local Privilege Escalation / CVE-2014-4699 ptrace/sysret PoC by Vitaly Nikolenko [email protected] gcc -O2 pocv0.c This code is kernel specific. On Ubuntu 12.04.0 LTS 3.2.0-23-generic, the following will trigger the GP in sysret and overwrite...

Early Review of LibreSSL Finds Problematic PRNG

When the OpenBSD foundation sent LibreSSL out the door last weekend, it was with the full intention of getting some feedback and scrutiny in return, all in the name of making the crypto library stable and secure. What they likely didn’t expect were claims surfacing that LibreSSL shared some of th...

CVE-2014-4699

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service double...

DEBIAN-CVE-2014-4699

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service double...

Race condition

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service double...

kernel 2.2.x/2.4 .0-test1,SGI ProPack 1.2/1.3 Capabilities Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1322/info POSIX Capabilities have recently been implemented in the Linux kernel. These Capabilities are an additional form of privilege control to enable more specific control over what priviliged processes can do...

Mac OS X <= 10.2.4 DirectoryService (PATH) Local Root Exploit

No description provided by source. / OS X = 10.2.4 DirectoryService local root PATH exploit DirectoryService must be crashed prior to execution, per @stake advisory. If you discover how to crash DirectoryService e-mail me at [email protected] Neeko Oni -- Assuming DirectoryService has been...

Firefox 3.6.3 Fork Bomb DoS

No description provided by source. html script var a = 'javascript:htmlheadtitleDrIDE\s FireFox Fork Bomb!/title/headbody onunload=\javascript:window.openwindow.location;window.openwindow.location\ onload=\javascript:window.openwindow.location;window.openwindow.location\/body/html'; loop1;...

Linux Kernel 2.6.x 'fasync_helper()' Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37806/info Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complet...

Linux kernel <= 2.2.18 ptrace/execve Race Condition Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/2529/info The Linux kernel is the core of all distributions of the Linux Operating System. It was originally written by Linus Torvalds, and is maintained by a community of developers. A problem in the Linux Kernel could...

kernel 2.2.x/2.4 .0-test1,SGI ProPack 1.2/1.3 Capabilities Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1322/info POSIX Capabilities have recently been implemented in the Linux kernel. These Capabilities are an additional form of privilege control to enable more specific control over what priviliged processes can do...

CuteNews aj-fork 'path' Parameter Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32141/info CuteNews aj-fork is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability

No description provided by source. =========================================================================================================== DeltasecurityTEAM www.Deltasecurity.ir =========================================================================================================== Portal...

RedHat Linux 6.1 i386 Tmpwatch Recursive Write DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1664/info Any user with write access to /tmp or /var/tmp, can induce tmpwatch to cause Red Hat and others runnng tmpwatch from cron to stop responding, and possibly require a hard reboot. This is accomplished by creating ...

linux/x86 cp /bin/sh /tmp/katy ; chmod 4555 katy 126 bytes

No description provided by source. / Linux/x86 /bin/cp /bin/sh /tmp/katy ; chmod 4555 /tmp/sh using fork / include stdio.h char shellcode = \xeb\x5e\x5f\x31\xc0\x88\x47\x07\x88\x47\x0f\x88\x47\x19\x89\x7f \x1a\x8d\x77\x08\x89\x77\x1e\x31\xf6\x8d\x77\x10\x89\x77\x22\x89...