Microsoft Azure Instance Metadata Enumeration (Unix)

Binary data enumeratemsazurevmnix.nbin...

Microsoft Azure Instance Metadata Enumeration (Windows)

Binary data enumeratemsazurevmwin.nbin...

CVE-2016-10174

creationtimestamp| type| source ---|---|--- 2017-03-24 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41719 2018-05-24 15:44:33+00:00| seen| MISP/5b06d57d-f2b8-4357-9038-45d39f590eb0 2018-05-29 15:50:33+00:00| seen|...

Fedora 25 : cloud-init (2017-837115524e)

This update fixes a systemd service ordering issue in cloud-init and backports a fix for a security issue in which instances run in EC2 write IAM instance profile credentials to disk. To work around the security issue without updating cloud-init, wait at least six hours between creating a bundle ...

Cisco Application-Hosting Framework Arbitrary File Creation Vulnerability

A vulnerability in the Cisco application-hosting framework CAF component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. SPDX-FileCopyrightText: 2017 Greenbone AG Some...

Cisco Application-Hosting Framework Directory Traversal Vulnerability

A vulnerability in the web framework code of the Cisco application-hosting framework CAF component of the Cisco IOx application environment could allow an unauthenticated, remote attacker to read any file from the CAF in the virtual instance running on the affected device. SPDX-FileCopyrightText:...

Cisco IOx Data in Motion Stack Overflow Vulnerability

A vulnerability in the Data-in-Motion DMo process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device...

CVE-2017-3851

A Directory Traversal vulnerability in the web framework code of the Cisco application-hosting framework CAF component of the Cisco IOx application environment could allow an unauthenticated, remote attacker to read any file from the CAF in the virtual instance running on the affected device. The...

CVE-2017-3852

A vulnerability in the Cisco application-hosting framework CAF component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input...

Cisco Application-Hosting Framework Arbitrary File Creation Vulnerability

A vulnerability in the Cisco application-hosting framework CAF component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input...

Launches Hosts in AWS

This module will attempt to launch an AWS instances hosts in EC2. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/aws/client' class MetasploitModule "Launches Hosts in AWS", 'Description'...

Error "License cannot be retrieved. Either the NetScaler..." When Adding NetScaler Instance to NetScaler MAS Inventory

When trying to add NetScaler instance to inventory it fails with the following error message: "Trying to connect to "IPoftheNetScaler" Error: License cannot be retrieved. Either the NetScaler is unresponsive or the login credentials are incorrect."...

Update rollup for the Single Instance Storage (SIS) component

Update rollup for the Single Instance Storage SIS component Symptoms This is a Single Instance Storage SIS update rollup for Windows Storage Server 2008 R2 and Windows Server 2008 R2. This update rollup resolves the following issues: Issue 1 After a file is truncated to empty size on a SIS volume...

GitLab: Every user can delete public deploy keys

Vulnerability details A GitLab instance can have public deploy keys that project admins can use for their project. An attacker can delete these public keys used by other users to deploy code. Impact Deleting these shared deploy keys may stop users to deploy their code. Proof of concept Make sure...

CVE-2015-8817

QEMU aka Quick Emulator built to use 'addressspacetranslate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pcidmaread/write calls. Affects QEMU versions = 1.6.0 and = 2.3.1. A privileged user inside guest could use this flaw to cra...

PVS fails to connect to database after sql server mirroring failover

SqlException on db open, number = 53, msg = A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections...

X (Formerly Twitter): Sub Domain Takeover at mk.prd.vine.co

Hey It looks like the EC2 Instance at mk.prd.vine.co has been stopped and now it has been assigned to someone else Proof of Concept 1. http://mk.prd.vine.co/ few days back didn't have port 443 open but now it does have an open port 443 Response 400 Bad Request 400 Bad Request awselb/2.0 So it loo...

Design/Logic Flaw

Use-after-free vulnerability in the vmxnet3iobar0write function in hw/net/vmxnet3.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service QEMU instance crash by leveraging failure to check if the device is active...

CVE-2016-6833

Use-after-free vulnerability in the vmxnet3iobar0write function in hw/net/vmxnet3.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service QEMU instance crash by leveraging failure to check if the device is active...

CVE-2016-4625

creationtimestamp| type| source ---|---|--- 2016-10-31 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40669 2016-10-31 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40653...