Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the linux-image-2.6.26-1-s390 operating system package from Debian GNU/Linux may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the linux-headers-2.6.26-1-all-s390 package of the Debian GNU/Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

SQLite Tempdir Selection

KL-001-2016-003 : SQLite Tempdir Selection Vulnerability Title: SQLite Tempdir Selection Vulnerability Advisory ID: KL-001-2016-003 Publication Date: 2016.07.01 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt 1. Vulnerability Details Affected Vendor: SQLite/Hwa...

SQLite Tempdir Selection Vulnerability

Vulnerability Details Affected Vendor: SQLite/Hwaci Affected Product: SQLite Affected Version: All versions prior to 3.13.0 Platform: UNIX, GNU/Linux CWE Classification: CWE-379: Creation of Temporary File in Directory with Incorrect Permissions Impact: Data Leakage Attack vector: Local 2...

mDNSResponder contains multiple memory-based vulnerabilities

Overview mDNSResponder provides unicast and multicast mDNS services on UNIX-like operating systems such as OS X. mDNSResponder version 379.27 and above prior to version 625.41.2 is vulnerable to several buffer overflow vulnerabilities, as well as a null pointer dereference. Description CWE-120:...

Pythem - Python Network/Pentesting Tool

PytheM is a python network/pentesting tool. Same has been developed in the hope that it will be useful and i don't take responsabillity of any misapplication of it. Only for GNU/Linux OS. Installation $sudo git clone https://github.com/m4n3dw0lf/PytheM/ $cd PytheM $sudo pip install -r...

Linux/x86 - /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes)

/ Linux x86 /bin/nc -le /bin/sh -vp13337 shellcode56bytes Author: Author: sajith Tested on: i686 GNU/Linux Shellcode Length: 56 SLAE - 750 Disassembly of section .text: 08048060 : 8048060: 31 c0 xor eax,eax 8048062: 50 push eax 8048063: 68 33 33 33 37 push 0x37333333 8048068: 68 2d 76 70 31 push...

Yasr Screen Reader 0.6.9 - Local Buffer Overflow

''' Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: General-purpose console screen reader Version: 0.6.9-5 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: Yasr is a general-purpose console screen reader...

Yasr Screen Reader 0.6.9 - Local Buffer Overflow

Yasr Screen Reader 0.6.9 - Local Buffer Overflow ''' Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: General-purpose console screen reader Version: 0.6.9-5 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description:...

[SECURITY] Fedora 24 Update: torbrowser-launcher-0.2.4-1.fc24

Tor Browser Launcher is intended to make Tor Browser easier to install and use for GNU/Linux users. You install torbrowser-launcher from your distribution's package manager and it handles everything else: Downloads and installs the most recent version of Tor Browser in your lan guage and for your...

[SECURITY] Fedora 22 Update: torbrowser-launcher-0.2.4-1.fc22

Tor Browser Launcher is intended to make Tor Browser easier to install and use for GNU/Linux users. You install torbrowser-launcher from your distribution's package manager and it handles everything else: Downloads and installs the most recent version of Tor Browser in your lan guage and for your...

The vulnerabilities of Debian GNU/Linux and Ubuntu operating systems, along with the PostgreSQL database management system, allow attackers to enhance their privileges.

The vulnerability in the configuration of Debian GNU/Linux and Ubuntu operating systems, as well as PostgreSQL database management systems, is related to errors in restricting access to the GUCS component for PL/Java. Exploiting this vulnerability allows a malicious actor to increase their...

Adversary Resistant Computing Platform: SubgraphOS

Subgraph OS is an adversary resistant computing platform. The main purpose of Subgraph OS is to empower people to communicate, share, and collaborate without fear of surveillance and interference. What this means in practical terms is that users of Subgraph OS can safely perform their day-to-day...

IcedTea: Multiple vulnerabilities

Background IcedTea’s aim is to provide OpenJDK in a form suitable for easy configuration, compilation and distribution with the primary goal of allowing inclusion in GNU/Linux distributions. Description Various OpenJDK attack vectors in IcedTea, such as 2D, Corba, Hotspot, Libraries, and JAXP,...

ffmpeg and Libav cross-domain information disclosure vulnerability

Overview ffmpeg is a "cross-platform solution to record, convert and stream audio and video". ffmpeg is vulnerable to local file disclosure due to improper enforcement of domain restrictions when processing playlist files. Description CWE-201: Information Exposure Through Sent Data- CVE-2016-1897...

OpenSSH Client contains a client information leak vulnerability and buffer overflow

Overview OpenSSH client code versions 5.4 through 7.1p1 contains a client information leak vulnerability that could allow an OpenSSH client to leak information not limited to but including private keys, as well as a buffer overflow in certain non-default configurations. Description CWE-200:...

Dream Gallery 1.0 SQL Injection

Sql Injection on Dream Gallery v1.0 + Date: 10/01/2016 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://clareslab.com.br/ + Software Demo : http://clareslab.com.br/dream/ + Contact: [email protected] + Tested on: Windows 7 and Gnu/Linux + Dork:...

Phpsploit - Stealth Post-Exploitation Framework

PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalation purposes. Overview The obfuscated...

The vulnerabilities of Debian GNU/Linux operating systems, Ubuntu, office software packages such as LibreOffice and Apache OpenOffice, allow attackers to trigger service failures or execute arbitrary code.

The vulnerability of Debian GNU/Linux operating systems, Ubuntu, office software packages like LibreOffice and Apache OpenOffice is related to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to cause service failures or execute arbitrary code using specially...

The vulnerabilities of Debian GNU/Linux operating systems, Ubuntu, office software packages such as LibreOffice and Apache OpenOffice, allow attackers to trigger service failures or execute arbitrary code.

The vulnerability of the Debian GNU/Linux operating system, Ubuntu, and the office software packages LibreOffice and Apache OpenOffice is due to buffer overflow attacks. Exploiting this vulnerability allows an attacker to cause service failures or execute arbitrary code by accessing an nonexisten...