182 matches found
Splunk 7.0.1 - Information Disclosure
Splunk 7.0.1 - Information Disclosure Exploit Title: Splunk 7.0.1 - Information Disclosure Date: 2018-05-23 Exploit Author: KoF2002 Vendor Homepage: https://www.splunk.com/ Version: 6.2.3 - 7.01 MAYBE ALL VERSION AFFECTED Tested on: Linux OS CVE : CVE-2018-11409 Splunk through 6.2.3 7.0.1 allows...
Splunk < 7.0.1 - Information Disclosure
Exploit Title: Splunk 7.0.1 - Information Disclosure Date: 2018-05-23 Exploit Author: KoF2002 Vendor Homepage: https://www.splunk.com/ Version: 6.2.3 - 7.01 MAYBE ALL VERSION AFFECTED Tested on: Linux OS CVE : CVE-2018-11409 Splunk through 6.2.3 7.0.1 allows information disclosure by appending...
CVE-2016-10609
chromedriver126 is chromedriver version 1.26 for linux OS. chromedriver126 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacke...
Remote code execution
chromedriver126 is chromedriver version 1.26 for linux OS. chromedriver126 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacke...
CVE-2016-10609
The CVE-2016-10609 entry refers to chromedriver126 (Chromedriver 1.26 for Linux) that downloads binary resources over HTTP, creating a MITM risk. In adversarial network positions, an attacker could intercept the HTTP response and swap the binary with malware, potentially causing remote code execu...
CVE-2018-0279
A vulnerability in the Secure Copy Protocol SCP server of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation of...
EMC RecoverPoint 4.3 - Admin CLI Command Injection Vulnerability
Exploit for windows platform in category local exploits Exploit Title: EMC RecoverPoint 4.3 - Admin CLI Command Injection Version: RecoverPoint prior to 5.1.1 RecoverPoint for VMs prior to 5.0.1.3 Date: 2018-05-11 Exploit Author: Paul Taylor Github: https://github.com/bao7uo Tested on: RecoverPoi...
Microsoft built its own custom Linux OS to secure IoT devices
Finally, it's happening. Microsoft has built its own custom Linux kernel to power "Azure Sphere," a newly launched technology that aims to better secure billions of "Internet of things" devices by combining the custom Linux kernel with new chip design, and its cloud security service. Project Azur...
CVE-2018-0141
A vulnerability in Cisco Prime Collaboration Provisioning PCP Software 11.6 could allow an unauthenticated, local attacker to log in to the underlying Linux operating system. The vulnerability is due to a hard-coded account password on the system. An attacker could exploit this vulnerability by...
Hackers Exploite Tegra Chipset Flaw to Run Linux OS on Nintendo Switch
By Waqas The exploit is unpatched putting Nintendo Switch devices at risk. This is a post from HackRead.com Read the original post: Hackers Exploite Tegra Chipset Flaw to Run Linux OS on Nintendo Switch...
chakra: Heap-double-free in void Memory::SmallHeapBlockT<SmallAllocationBlockAttributes>::SweepObjects<
Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=5709198886174720 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Heap-double-free Crash Address: 0x61500002e100 Crash State: void...
Actiontec C1000A Modem - Backdoor Account
Actiontec C1000A Modem - Backdoor Account Exploit Title: Actiontec C1000A backdoor account Google Dork: NA Date: 11/04/2017 Exploit Author: Joseph McDonagh Vendor Homepage: https://actiontecsupport.zendesk.com/hc/en-us Software Link: N/A Hardware Version: Firmware CAC003-31.30L.86 Tested on: Linu...
Yuki Chan - Automate Pentest Tool
The Yuki Chan is an Automated Penetration Testing tool this tool will auditing all standard security test method for you. WARNING I highly recommend using this tool by using Kali Linux OS By using this tool it means you agree with terms, conditions, and risks By using this tool you agree that 1...
CVE-2016-10308
Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded Linux OS on the...
Command injection
Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded Linux OS on the...
CVE-2016-10308
CVE-2016-10308 affects Siklu EtherHaul radios running versions prior to 3.7.1 and 6.x prior to 6.9.0. The vulnerability stems from a built-in, hidden root account with an unchangeable password shared across all devices. This account allows access to the embedded Linux OS via both SSH and the devi...
Generate Backdoor With msfvenom: TheFatRat
Generate Backdoor With msfvenom A tool to generate backdoor with msfvenom easily a part from metasploit framework. This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac. The malware, created with this tool also have an ability to...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
DracOS - Lightweight and Powerful Penetration Testing OS
Dracos Linux www.dracos-linux.org is the Linux operating system from Indonesian , open source is built based on the Linux From Scratch under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testin...
Cisco Firepower Threat Management Console Remote Command Execution Leading to Root Access
Vulnerability Details Affected Vendor: Cisco Affected Product: Firepower Threat Management Console Affected Version: Cisco Fire Linux OS 6.0.1 build 37/build 1213 Platform: Embedded Linux CWE Classification: CWE-434: Unrestricted Upload of File with Dangerous Type, CWE-94: Improper Control of...