2384 matches found
Linear eMerge E3 Access Controller Command Injection
Nortek Linear eMerge E3 Unauthenticated Remote Root Code Execution Metasploit by Gjoko 'LiquidWorm' Krstic Affected version: 'Linear eMerge E3 Access Controller Command Injection', 'Description' = %q This module exploits a command injection vulnerability in the Linear eMerge E3 Access Controller...
The vulnerability of the NSS-LDAP operating system packages for Astra Linux and Debian GNU/Linux allows a hacker to obtain the server LDAP administrator password.
The vulnerability of the NSS-LDAP operating system packages for Astra Linux and Debian GNU/Linux is related to privilege management errors. Exploiting this vulnerability could allow a malicious individual to obtain the server LDAP administrator password...
SUSE SLED15 / SLES15 Security Update : gdb (SUSE-SU-2019:2913-1)
This update for gdb fixes the following issues : Update to gdb 8.3.1: jscECO-368 Security issues fixed : CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. Enable librpm for version librpm.so.3...
SUSE SLES12 Security Update : gdb (SUSE-SU-2019:2914-1)
This update for gdb fixes the following issues : Update to gdb 8.3.1: jscECO-368 Security issues fixed : CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. Enable librpm for version librpm.so.3...
SUSE SLED15 / SLES15 Security Update : gdb (SUSE-SU-2019:2902-1)
This update for gdb fixes the following issues : Update to gdb 8.3.1: jscECO-368 Security issues fixed : CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. Enable librpm for version librpm.so.3...
logrotten 3.15.1 - Privilege Escalation Exploit
Exploit Title: logrotten 3.15.1 - Privilege Escalation Exploit Author: Wolfgang Hotwagner Vendor Homepage: https://github.com/logrotate/logrotate Software Link: https://github.com/logrotate/logrotate/releases/tag/3.15.1 Version: all versions through 3.15.1 Tested on: Debian GNU/Linux 9.5 stretch...
[SECURITY] [DSA 4537-1] file-roller security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4537-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 28, 2019 https://www.debian.org/security/faq -...
Parrot Security 4.7 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind
Parrot is a GNU/Linux distribution based on Debian Testing and designed with Security, Development and Privacy in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own software or protect your privacy while...
The vulnerability of the IRC client Irssi for Debian GNU/Linux and Ubuntu systems, related to the use of memory after it is freed, allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the IRC client Irssi for Debian GNU/Linux and Ubuntu stems from the use of memory after it is freed during the disconnection of a node from the previously created network or between two nodes. Exploiting this vulnerability can allow a malicious actor to cause service failures...
Linux/x86 - execve(/bin/sh) using JMP-CALL-POP Shellcode (21 bytes)
/ ;Category: Shellcode ;Title: GNU/Linux x86 - execve /bin/sh using JMP-CALL-POP technique 21 bytes ;Author: kiriknik ;Date: 01/07/2019 ;Architecture: Linux x86 =========== Asm Source =========== global start section .text start: jmp short callshellcode shellcode: pop ebx xor eax,eax mov al, 11 i...
Netperf 2.6.0 - Stack-Based Buffer Overflow Exploit
Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: Netperf 2.6.0 s a benchmark tool than developed by Helett Packard that can be used to measure the performance of many different types of networking. It provides tests for both unidirectional troughput...
Exim 4.91 Local Privilege Escalation
!/bin/bash raptoreximwiz - "The Return of the WIZard" LPE exploit Copyright c 2019 Marco Ivaldi A flaw was found in Exim versions 4.87 to 4.91 inclusive. Improper validation of recipient address in delivermessage function in /src/deliver.c may lead to remote command execution. CVE-2019-10149 This...
Exim 4.87 - 4.91 - Local Privilege Escalation
!/bin/bash raptoreximwiz - "The Return of the WIZard" LPE exploit Copyright c 2019 Marco Ivaldi A flaw was found in Exim versions 4.87 to 4.91 inclusive. Improper validation of recipient address in delivermessage function in /src/deliver.c may lead to remote command execution. CVE-2019-10149 This...
Linux/x64 - Execve(/bin/sh) Shellcode (23 bytes)
/ ;Category: Shellcode ;Title: GNU/Linux x8664 - execve /bin/sh ;Author: rajvardhan ;Architecture: Linux x8664 ;Possibly The Smallest And Fully Reliable Shellcode =========== Asm Source =========== global start section .text start: xor rsi,rsi push rsi mov rdi,0x68732f2f6e69622f push rdi push rsp...
XOOPS CMS 2.5.9 SQL Injection Vulnerability
Exploit for php platform in category web applications + Sql Injection on XOOPS CMS v.2.5.9 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: https://xoops.org/ + Contact: email protected + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:gerarpdf.php...
XOOPS 2.5.9 - SQL Injection
XOOPS 2.5.9 - SQL Injection + Sql Injection on XOOPS CMS v.2.5.9 + Date: 12/05/2019 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: https://xoops.org/ + Contact: [email protected] + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:gerarpdf.php...
XOOPS CMS 2.5.9 SQL Injection
Sql Injection on XOOPS CMS v.2.5.9 + Date: 12/05/2019 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: https://xoops.org/ + Contact: [email protected] + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:gerarpdf.php inurl:modules // use your brain ; +...
XOOPS 2.5.9 - SQL Injection
Sql Injection on XOOPS CMS v.2.5.9 + Date: 12/05/2019 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: https://xoops.org/ + Contact: [email protected] + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:gerarpdf.php inurl:modules // use your brain ; +...
Extreme Sistemas CMS SQL Injection
Sql Injection on Extreme Sistemas CMS + Date: 08/05/2019 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.extremesistemas.com.br/criacao-de-sites + Contact: [email protected] + Tested on: Windows 7 and Gnu/Linux + Dork:...
Linux/x86 - execve /bin/sh Shellcode (20 bytes)
/ Linux/x86 - execve /bin/sh shellcode 20 bytes Author: Rajvardhan Tested on: i686 GNU/Linux Shellcode Length: 20 Disassembly of section .text: 08049000 : 8049000: 31 c9 xor %ecx,%ecx 8049002: 6a 0b push $0xb 8049004: 58 pop %eax 8049005: 51 push %ecx 8049006: 68 2f 2f 73 68 push $0x68732f2f...