HTTPS Fetch, Reverse TCP Stager

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/linux/https/x86/meterpreter/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf payloadreversetcpuuid show options ...sho...

HTTPS Fetch, Linux Meterpreter Service, Reverse TCP Inline

Fetch and execute an x86 payload from an HTTPS server. Stub payload for interacting with a Meterpreter Service Module Options msf use payload/cmd/linux/https/x86/metsvcreversetcp msf payloadmetsvcreversetcp show actions ...actions... msf payloadmetsvcreversetcp set ACTION msf...

HTTPS Fetch, Linux Command Shell, Bind IPv6 TCP Stager with UUID Support (Linux x86)

Fetch and execute an x86 payload from an HTTPS server. Spawn a command shell staged. Listen for an IPv6 connection with UUID Support Linux x86 Module Options msf use payload/cmd/linux/https/x86/shell/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid...

HTTPS Fetch, Bind IPv6 TCP Stager with UUID Support (Linux x86)

Fetch and execute an x86 payload from an HTTPS server. Listen for an IPv6 connection with UUID Support Linux x86 Module Options msf use payload/cmd/linux/https/x86/meterpreter/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid set ACTION msf...

HTTPS Fetch, Linux Meterpreter Service, Bind TCP

Fetch and execute an x86 payload from an HTTPS server. Stub payload for interacting with a Meterpreter Service Module Options msf use payload/cmd/linux/https/x86/metsvcbindtcp msf payloadmetsvcbindtcp show actions ...actions... msf payloadmetsvcbindtcp set ACTION msf payloadmetsvcbindtcp show...

OWASP APIsec Top-10 2023 Is Here | API Security Newsletter

Welcome to our May API newsletter, recapping some of the events of last month. As the old proverb goes, April showers bring May flowers – and this means the bees at the Wallarm hive have been in full foraging mode and the honey is flowing: lots of updates & improvements to the platform, and much...

MGASA-2023-0196 Updated httpie packages fix security vulnerability

Cookie exposure to third parties CVE-2022-24737...

Ubuntu 16.04 ESM / 18.04 ESM : Requests vulnerability (USN-6155-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6155-2 advisory. USN-6155-1 fixed a vulnerability in Requests. This update provides the corresponding update for Ubuntu 16.04 ESM and 18.04 ESM. Tenable has extracted...

firefox security update

102.12.0-1.0.1 - Updated homepages to use https Orabug: 34648274 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.12.0-1 - Update to 102.12.0 build1...

CVE-2023-29178

A access of uninitialized pointer vulnerability CWE-824 in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests...

Null pointer dereference

A access of uninitialized pointer vulnerability CWE-824 in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests...

CVE-2023-29178

A access of uninitialized pointer vulnerability CWE-824 in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests...

CVE-2023-29178

A access of uninitialized pointer vulnerability CWE-824 in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests...

op-vlieland.nl Cross Site Scripting vulnerability OBB-3421757

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Public and free WiFi: Can I safely use it?

We've got into the habit of expecting internet access wherever we go. But data costs can be expensive, and out of your own home often the only WiFi available is public, passwordless and free. In security, we've been trained to carefully contemplate anything that's free, because, well, often when...

Protect

An access of uninitialized pointer vulnerability CWE-824 in FortiOS administrative interface API may allow an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests...

Fortinet Fortigate Access of uninitialized pointer in administrative interface API (FG-IR-23-095)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-095 advisory. - A access of uninitialized pointer vulnerability CWE-824 in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9...

curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection

curl 7.63.0 to and including 7.75.0 includes a vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived...

Fedora: Security Advisory for cpp-httplib (FEDORA-2023-0070b20b20)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: cpp-httplib-0.12.5-1.fc38

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include the httplib.h file in your code!...