Android security development of ZIP file directory traversal-vulnerability warning-the black bar safety net

ZIP compressed package file to allow the presence of“../”string, an attacker can carefully construct the ZIP file, use multiple“../”thereby changing the ZIP package to a file in the storage position, the cover to replace the application the original file. If the overwritten file is available. so...

CVE-2016-1543

The RPC API in the RSCD agent in BMC BladeLogic Server Automation BSA 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure...

CVE-2016-0211

IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service daemon crash via a crafted DRDA message...

BMC Software BladeLogic Server Automation Suite RSCD Agent Password Reset Vulnerability

BMC Software BladeLogic Server Automation Suite is a solution for managing the lifecycle of servers and applications from BMC Software, USA. A password reset vulnerability exists in the RSCD Agent of the BMC Software BladeLogic Server Automation Suite for Linux and Unix platforms. A remote attack...

flash-plugin: multiple code execution issues fixed in APSB16-08

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a deni...

Amanda 3.3.1 - Local Privilege Escalation

/ AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup solution that allows the IT administrator to set up a single master backup server to back up multiple hosts over network to tape drives/changers or disks or optical media. Amanda uses native utilities and formats e.g. du...

Operating System (OS) Detection (Telnet)

Telnet banner based Operating System OS detection. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH SPDX-FileCopyrightText: Reworked, improved and extended detection code and pattern since 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

GNU Binutils Detection (Linux/Unix SSH Login)

Detects the installed version of GNU Binutils. The script tries to enumerate the installed Binutils versions from various previously found binaries included in this suite. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

GNU Assembler Detection (Linux/Unix SSH Login)

Detects the installed version of GNU Assembler. The script logs in via ssh, searches for executable SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Multiple IBM DB2 Product File Disclosure Vulnerabilities

IBM DB2 is a set of relational database management system developed by IBM in the United States, and its main operating environments are UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, and Windows server versions. A file disclosure vulnerability exists in IBM DB2 versio...

CentOS Update for cups CESA-2015:1123 centos6

Check the version of cups SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882202";...

[SECURITY] Fedora 21 Update: putty-0.64-1.fc21

Putty is a SSH, Telnet & Rlogin client - this time for Linux...

CVE-2014-6154

Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a .. dot dot in a U...

Bash Environment Variable Handling Shell Command Injection Via CUPS

Added: 11/05/2014 CVE: CVE-2014-6271 BID: 70103 OSVDB: 112004 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. CUPS is printing software for UNIX-like systems that allows a computer to act as a print server. Problem The Bash shell executes command...

GNU Bash Environment Variable Handling RCE Vulnerability (Shellshock, Linux/Unix SSH Login, CVE-2014-7169) - Active Check

GNU Bash is prone to a remote command execution RCE vulnerability dubbed Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

GNU Bash Environment Variable Handling RCE Vulnerability (Shellshock, Linux/Unix SSH Login, CVE-2014-7187) - Active Check

GNU Bash is prone to a remote command execution RCE vulnerability dubbed Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

GNU Bash Environment Variable Handling RCE Vulnerability (Shellshock, Linux/Unix SSH Login, CVE-2014-7186) - Active Check

GNU Bash is prone to a remote command execution RCE vulnerability dubbed Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

NRPE <= 2.15 - Remote Command Execution

============================================= - Release date: 17.04.2014 - Discovered by: Dawid Golunski - Severity: High ============================================= I. VULNERABILITY ------------------------- NRPE - Nagios Remote Plugin Executor = 2.15 Remote Command Execution II. BACKGROUND...

NRPE 2.15 - Remote Command Execution

NRPE 2.15 - Remote Command Execution ============================================= - Release date: 17.04.2014 - Discovered by: Dawid Golunski - Severity: High ============================================= I. VULNERABILITY ------------------------- NRPE - Nagios Remote Plugin Executor = 2.15 Remot...

Nagios Remote Plugin Executor 2.15 Remote Command Execution

============================================= - Release date: 17.04.2014 - Discovered by: Dawid Golunski - Severity: High ============================================= I. VULNERABILITY ------------------------- NRPE - Nagios Remote Plugin Executor = 2.15 Remote Command Execution II. BACKGROUND...