Scientific Linux Security Update : python on SL6.x, SL7.x i386/x86_64 (20160818) (httpoxy)

Security Fixes : - It was discovered that the Python CGIHandler class did not properly protect against the HTTPPROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via ...

CentOS 6 / 7 : python (CESA-2016:1626) (httpoxy)

An update for python is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

CentOS Update for python CESA-2016:1626 centos7

Check the version of python SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882545";...

RedHat Update for python RHSA-2016:1626-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: python33-python security update

An update for python33-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

Moderate: Red Hat Security Advisory: rh-python34-python security update

An update for rh-python34-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Amazon Linux AMI : python26 / python27,python34 (ALAS-2016-724)

It was found that Python's httplib library used urllib, urllib2 and others did not properly check HTTP header input in HTTPConnection.putheader. An attacker could use this flow to inject additional headers in a Python application that allows user provided header name or values. CVE-2016-5699 It w...

Pineapple 2.3.0 Autopwn Script

I have wrote PoC half a year ago, because i needed to try it on my Chinese router, and it still works on freshly purchased pineapple devices. hello from Defcon ; And guys, it’s not a talk for the defcon, especially if you have done a botnet based on that shit… ; See ya tomorrow at WiFi village...

Apache 2.4.x mod_proxy 拒绝服务攻击 PoC

No description provided by source. Exploit Title: Apache 2.4.x modproxy Denial Of ServiceCVE-2014-0117 Date: 2014-07-20 Exploit Author: aisyhi Version: 0.1 Apache httpd 2.4.6 to 2.4.9 Tested on: Apache/2.4.7 CVE : CVE-2014-0117 import httplib import logging import time import socket import sys...

Advantech Studio 7.0 - SCADA/HMI Directory Traversal 0day

No description provided by source. Exploit Title: Advantech Studio v7.0 SCADA/HMI Directory Traversal 0-day Google Dork: N/A Date: 2012-12-03 Exploit Author: Nin3 Vendor Homepage: http://advantech.com.tw Version: 7.0 Build Number 0501.1111.0402.0000 Tested on: Windows CVE : N/A ''' Advantech Stud...

ReadyMedia - Remote Heap Buffer Overflow

ReadyMedia - Remote Heap Buffer Overflow source: https://www.securityfocus.com/bid/61282/info ReadyMedia is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempt...

nginx 1.3.9-1.4.0 DoS PoC

Exploit for linux platform in category dos / poc Exploit Title: nginx v1.3.9-1.4.0 DOS POC CVE-2013-2070 Google Dork: CVE-2013-2070 Date: 16.05.2013 Exploit Author: Mert SARICA - mert . sarica @ gmail . com - http://www.mertsarica.com Vendor Homepage: http://nginx.org/ Software Link:...

Nginx 1.3.9 / 1.4.0 Denial Of Service

Exploit Title: nginx v1.3.9-1.4.0 DOS POC CVE-2013-2028 Date: 16.05.2013 Exploit Author: Mert SARICA - mert . sarica @ gmail . com - http://www.mertsarica.com Vendor Homepage: http://nginx.org/ Software Link: http://nginx.org/download/nginx-1.4.0.tar.gz Version: 1.3.9-1.4.0 Tested on: Kali Linux ...

Limny 3.0.0 Local File Inclusion

------------------------------------------------------------------------ Software................Limny 3.0.0 Vulnerability...........Local File Inclusion Download................http://www.limny.org/ Release Date............1/24/2011 Tested On...............Windows Vista + XAMPP...

cP Creator 2.7.1 - SQL Injection

!/usr/bin/python cP Creator v2.7.1 Remote Sql Injection AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://IrCrash.com - Coming Soon Again My Official WebSite : http://R3dW0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Downlo...

Greenwood Content Manager 0.3.2 - Local File Inclusion

!usr/bin/python Greenwood Content Manager Remote Code Execution AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://ircrash.com My Official WebSite : http://r3dw0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download :...

munky-bliki lfi

!user/bin/python -- coding: cp1256 -- munky-bliki Lfi AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr Script Download :...

munkybliki-lfi.txt

!user/bin/python -- coding: cp1256 -- munky-bliki Lfi AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr Script Download :...

mitsu-pwnz.py.txt

""" usage: python pwnz.py 192.168.1.x on|off """ you can get BeautifulSoup from: http://www.crummy.com/software/BeautifulSoup/Download from BeautifulSoup import BeautifulSoup from httplib import HTTPConnection import sys ip = sys.argv1 template = '' % sys.argv2.upper def postdata: c =...

DeluxeBB 1.09 - Remote Admin Email Change

!/usr/bin/python -- coding: iso-8859-15 -- ''' | ' \ / \ / / \ ' \ | | | | / unbufferedquery"UPDATE ".$prefix."users SET email='$xemail', msn='$xmsn', icq='$xicq', ... WHERE username='$membercookie'"; So, editing cookie "membercookie" you can change remote user's email. Enjoy ;...