31 matches found
EUVD-2008-2312
Malware in sbrugna...
Debian: Security Advisory (DSA-1977-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2008-2316
Integer overflow in hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."...
SUSE: Security Advisory (SUSE-SU-2022:4274-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:4281-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Terramaster TOS 4.2.15 - Remote Code Execution Exploit
Exploit Title: Terramaster TOS 4.2.15 - Remote Code Execution RCE Unauthenticated Exploit Author: n0tme thatsn0tmysite Full Write-Up: https://thatsn0tmy.site/posts/2021/12/how-to-summon-rces/ Vendor Homepage: https://www.terra-master.com/ Version: TOS 4.2.X 4.2.15-2107141517 Tested on: 4.2.15,...
CMS Made Simple SQL Injection
!/usr/bin/env python Exploit Title: Unauthenticated SQL Injection on CMS Made Simple = 2.2.9 Date: 30-03-2019 Exploit Author: Daniele Scanu @ Certimeter Group Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms/ Version: = 2.2.9 Tested on:...
Dell-iDRAC-IPMI-1.5
Dell iDRAC IPMI v1.5 Implementation contains a flaw that is triggered as session IDs are assigned incrementally rather than randomly, and limit the overall pool. This may allow a remote attacker trivially predict session IDs, hijack a session, and inject arbitrary commands. from time import sleep...
Plogger 1.0-RC1 - (Authenticated) Arbitrary File Upload
!/usr/bin/env python Exploit Title: Plogger Authenticated Arbitrary File Upload Date: Feb 2014 Exploit Author: b0z Vendor Homepage: www.plogger.org Software Link: www.plogger.org/download Version: Plogger prior to 1.0-RC1 CVE : 2014-2223 import hashlib import os import zipfile import requests...
ValidationHash generation should use random.SystemRandom instead of random class
ValidationHash generation should use random.SystemRandom instead of the random.Random class when generating a random seed for new hash objects. code from random import Random .... class ValidationHashManager models.Manager : def generatemd5hash self, user, type, hashdata, seed : return md5...
Debian DSA-1977-1 : python2.4 python2.5 - several vulnerabilities
Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that the embedded Expat copy in the interpreter for the Python language, does not properly process malformed or crafted XML files. CVE-2009-3560 CVE-2009-3720 This vulnerability could allow an attacker to cause a denial of service while...
DSA-1977-1 python - several vulnerabilities
Bulletin has no description...
Mandriva Update for python MDVSA-2008:163 (python)
Check for the Version of python OpenVAS Vulnerability Test Mandriva Update for python MDVSA-2008:163 python Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Ubuntu Update for python2.4, python2.5 vulnerabilities USN-632-1
Ubuntu Update for Linux kernel vulnerabilities USN-632-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6321.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for python2.4, python2.5 vulnerabilities USN-632-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Ubuntu: Security Advisory (USN-632-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MySQL SHA1 Hash Brute Forcer
!/usr/bin/env python import sys try: import hashlib except ImportError: print ''' You need hashlib. Update your python to version 2.5\n''' sys.exit1 def license: '''Print the usage license to this software, yeah, it's the same as above''' print ''' %s - MySQL double SHA1 hash wordlist brute force...
FreeBSD : python -- multiple vulnerabilities (0dccaa28-7f3c-11dd-8de5-0030843d3802)
Secunia reports : Some vulnerabilities have been reported in Python, where some have unknown impact and others can potentially be exploited by malicious people to cause a DoS Denial of Service or to compromise a vulnerable system. Various integer overflow errors exist in core modules e.g...
Python <= 2.5.2 Multiple Vulnerabilities - Windows
Python is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...
Python < 2.5.2 Multiple Vulnerabilities - Linux
Python is prone to multiple vulnerabilities. This VT has been deprecated and replaced by various Local Security Checks LSC. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Python Multiple Vulnerabilities (Linux)
The host is installed Python, which is prone to multiple vulnerabilities. This NVT has been replaced by NVT gbCESA-20091176pythoncentos5i386.nasl OID:1.3.6.1.4.1.25623.1.0.880881, gbCESA-20091178pythoncentos3i386.nasl OID:1.3.6.1.4.1.25623.1.0.880715. OpenVAS Vulnerability Test $Id:...