3290 matches found
Fedora Update for libguestfs FEDORA-2013-19452
Check for the Version of libguestfs OpenVAS Vulnerability Test Fedora Update for libguestfs FEDORA-2013-19452 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Fedora Update for libguestfs FEDORA-2013-19492
Check for the Version of libguestfs OpenVAS Vulnerability Test Fedora Update for libguestfs FEDORA-2013-19492 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
[SECURITY] Fedora 19 Update: libguestfs-1.22.7-1.fc19
Libguestfs is a library for accessing and modifying guest disk images. Amongst the things this is good for: making batch configuration changes to guests, getting disk used/free statistics see also: virt-df, migrating between virtualization systems see also: virt-p2v, performing partial backups,...
[Syhunt Sandcat Browser v4.1] A Penetration-oriented browser (extented to Web Application Assessment)
Sandcat Browser 4 brings unique features that are useful for pen-testers and web developers. Sandcat is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua programming language to provide extensions and scripting support. Features Live HTTP Headers —...
Windows Command Shell, Reverse TCP (via Lua)
Creates an interactive shell via Lua This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 224 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def initializeinfo ...
Unix Command Shell, Reverse TCP (via Lua)
Creates an interactive shell via Lua This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 224 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def initializeinfo ...
Windows Command Shell, Bind TCP (via Lua)
Listen for a connection and spawn a command shell via Lua This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 218 include Msf::Payload::Single include Msf::Sessions::CommandShellOption...
Unix Command Shell, Bind TCP (via Lua)
Listen for a connection and spawn a command shell via Lua This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 218 include Msf::Payload::Single include Msf::Sessions::CommandShellOption...
NetEase Lua-Programming Language for iOS任意文件上传漏洞
NetEase Lua-Programming Language for iOS是一款ios perl应用,允许用户学习,运行,共享perl脚本 NetEase Lua-Programming Language for iOS HTTP服务器文件上传实现存在安全漏洞,允许远程攻击者利用漏洞上传任意文件并执行 0 NetEase Ruby Programming Language for iOS 1.6 厂商解决方案 目前没有详细解决方案提供:...
Lua-Programming Language 1.6 File Upload
TITLE: Unauthenticated Remote File Upload via HTTP for lua-Programming language 1.6 on iOS Date: 8/1/2013 Author: Larry W. Cashdollar, @larry0 Download: https://itunes.apple.com/us/app/lua-programming-language/id505972017?mt=8&ls=1 http://www.tayutec.com/indexen.html Description: "Please download...
Fedora 18 : mediawiki-1.19.5-1.fc18 (2013-6171)
An internal review discovered that specially crafted Lua function names could lead to XSS. https://bugzilla.wikimedia.org/showbug.cgi?id=46084 Daniel Franke reported that during SVG parsing, MediaWiki failed to prevent XML external entity XXE processing. This could lead to local file disclosure, ...
Fedora 19 : mediawiki-1.20.4-1.fc19 (2013-5874)
An internal review discovered that specially crafted Lua function names could lead to XSS. https://bugzilla.wikimedia.org/showbug.cgi?id=46084 - Daniel Franke reported that during SVG parsing, MediaWiki failed to prevent XML external entity XXE processing. This could lead to local file...
Nmap NSE 6.01: smb-psexec
Implements remote process execution similar to the Sysinternals' psexec tool, allowing a user to run a series of programs on a remote machine and read the output. This is great for gathering information about servers, running the same tool on a range of system, or even installing a backdoor on a...
Mandriva Linux Security Advisory : wireshark (MDVSA-2011:138)
This advisory updates wireshark to the latest version 1.6.2, fixing several security issues : The prototreeadditem function in Wireshark 1.6.1, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service infinite loop via vectors involving a...
Setuid Nmap Exploit
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...
Setuid Nmap Exploit
Nmap's man page mentions that "Nmap should never be installed with special privileges e.g. suid root for security reasons.." and specifically avoids making any of its binaries setuid during installation. Nevertheless, administrators sometimes feel the need to do insecure things. This module abuse...
Snack Attack: Analyzing Flame's Replication Pattern
The Flame malware uses several methods to replicate itself. The most interesting one is the use of the Microsoft Windows Update service. This is implemented in Flame’s “SNACK”, “MUNCH” and “GADGET” modules. Being parts of Flame, these modules are easily reconfigurable. The behavior of these modul...
Wireshark Code Execution and Denial of Service Vulnerabilities - Mac OS X
Wireshark is prone to code execution and denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Wireshark Code Execution and Denial of Service Vulnerabilities (Mac OS X)
This host is installed with Wireshark and is prone to code execution and denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkcodeexecndosvulnmacosx.nasl 5988 2017-04-20 09:02:29Z teissa $ Wireshark Code Execution and Denial of Service Vulnerabilities Mac OS X Authors:...
Sandcat Browser 2.0 Released - Penetration Testing Oriented Browser
Sandcat Browser 2.0 Released, Penetration Testing Oriented Browser Sandcat Browser version 2.0 includes several user interface and experience improvements, an improved extension system, RudraScript support and new extensions. What is Sandcat Browser? The fastest web browser combined with the...