54 matches found
CVE-2019-10783
All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input...
CVE-2019-10783
All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input...
Command injection
All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input...
CVE-2019-10783
The CVE-2019-10783 entry concerns the npm package lsof. Affected versions include 0.0.4 and all later releases, with vulnerability arising from every exported method invoking exec to parse user input, enabling Command Injection. An in-depth Snyk advisory provides a PoC demonstrating exploitation ...
CVE-2019-10783
All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input...
Command Injection
Overview lsof is a lsof processor for node. Affected versions of this package are vulnerable to Command Injection. Multiple areas of the package is vulnerable to command injection. Every exported method used by the packages uses the exec function to parse user input. PoC by JHU System Security La...
Fenrir - Simple Bash IOC Scanner
Fenrir is a simple IOC scanner bash script. It allows scanning Linux/Unix/OSX systems for the following Indicators of Compromise IOCs: Hashes MD5, SHA1 and SHA256 using md5sum, sha1sum, sha -a 256 File Names string - checked for substring of the full path, e.g. "temp/p.exe" in "/var/temp/p.exe"...
Security update for hostinfo, supportutils (important)
openSUSE Security Update: Security update for hostinfo, supportutils Announcement ID: openSUSE-SU-2019:1351-1 Rating: important References: 1054979 1099498 1115245 1117751 1117776 1118460 1118462 1118463 1125623 1125666 Cross-References: CVE-2018-19636 CVE-2018-19637 CVE-2018-19638 CVE-2018-19639...
Monero: Excessive Resource Usage
Summary: Unbounded resource usage due to open one file descriptor per connection, Python script below is effectively a threadbomb on the destination and uses all available memory on the server, clients not sending anything are never terminated. Steps To Reproduce: Up our daemon % monerod Check if...
openSUSE Security Update : libzypp / zypper (openSUSE-2019-685)
This update for libzypp, zypper, libsolv provides the following fixes : Security fixes in libzypp : - CVE-2018-7685: PackageProvider: Validate RPMs before caching bsc1091624, bsc1088705 - CVE-2017-9269: Be sure bad packages do not stay in the cache bsc1045735 Changes in libzypp : - Update to...
openSUSE: Security Advisory for supportutils (openSUSE-SU-2019:0293-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : libzypp, zypper (SUSE-SU-2018:2690-1)
This update for libzypp, zypper, libsolv provides the following fixes : Security fixes in libzypp : CVE-2018-7685: PackageProvider: Validate RPMs before caching bsc1091624, bsc1088705 CVE-2017-9269: Be sure bad packages do not stay in the cache bsc1045735 Changes in libzypp: Update to version...
openSUSE Security Update : libzypp / zypper (openSUSE-2018-1054)
This update for libzypp, zypper fixes the following issues : Update libzypp to version 16.17.20 : Security issues fixed : - PackageProvider: Validate delta rpms before caching bsc1091624, bsc1088705, CVE-2018-7685 - PackageProvider: Validate downloaded rpm package signatures before caching...
SUSE SLED12 / SLES12 Security Update : libzypp, zypper (SUSE-SU-2018:2814-1)
This update for libzypp, zypper fixes the following issues : Update libzypp to version 16.17.20 : Security issues fixed : PackageProvider: Validate deta rpms before caching bsc1091624, bsc1088705, CVE-2018-7685 PackageProvider: Validate downloaded rpm package signatures before caching bsc1091624,...
Security update for libzypp, zypper (important)
This update for libzypp, zypper, libsolv provides the following fixes: Security fixes in libzypp: - CVE-2018-7685: PackageProvider: Validate RPMs before caching bsc1091624, bsc1088705 - CVE-2017-9269: Be sure bad packages do not stay in the cache bsc1045735 Changes in libzypp: - Update to version...
Security update for libzypp (important)
The Software Update Stack was updated to receive fixes and enhancements. libzypp: - CVE-2017-7435, CVE-2017-7436, CVE-2017-9269: Fix GPG check workflows, mainly for unsigned repositories and packages. bsc1045735, bsc1038984 - Fix gpg-pubkey release creation time computation. bsc1036659 - Update...
SUSE SLED12 / SLES12 Security Update : libzypp (SUSE-SU-2017:2264-1)
The Software Update Stack was updated to receive fixes and enhancements. libzypp : - CVE-2017-7435, CVE-2017-7436, CVE-2017-9269: Fix GPG check workflows, mainly for unsigned repositories and packages. bsc1045735, bsc1038984 - Fix gpg-pubkey release creation time computation. bsc1036659 - Update...
SUSE-SU-2017:2264-1 Security update for libzypp
The Software Update Stack was updated to receive fixes and enhancements. libzypp: - CVE-2017-7435, CVE-2017-7436, CVE-2017-9269: Fix GPG check workflows, mainly for unsigned repositories and packages. bsc1045735, bsc1038984 - Fix gpg-pubkey release creation time computation. bsc1036659 - Update...
Debian Linux 2.0/2.0 r5,FreeBSD <= 3.2,OpenBSD 2.4,RedHat Linux 5.2 i386,S.u.S.E. Linux <= 6.1 Lsof Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/496/info Lsof is an open file management utility included with many linux distributions. When run setuid root or setgid kmem, it is subject to a buffer overflow that can lead to regular users gaining root priveleges. /...
Successful Shell Attack Detected - Linux 'lsof' command
Binary data 6142.prm...