CVE-2015-3248

openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable permissions for /var/lib/openhpi directory, which allows local users, when quotas are not properly setup, to fill the filesystem hosting /var/lib and cause a denial of service disk consumption...

EvilAbigail - Automated Linux Evil Maid Attack

Automated Linux evil maid attack Scenario Laptop left turned off with FDE turned on Attacker boots from USB/CD/Network Script executes and backdoors initrd User returns to laptop, boots as normal Backdoored initrd loads: Debian/Ubuntu/Kali .so file into /sbin/init on boot, dropping a shell...

openSUSE Security Update : mbedtls (openSUSE-2016-903)

This mbedtls update to version 1.3.17 fixes the following issues : Security issues fixed : - Fix missing padding length check in mbedtlsrsarsaespkcs1v15decrypt required by PKCS1 v2.2 - Fix a potential integer underflow to buffer overread in mbedtlsrsarsaesoaepdecrypt. It is not triggerable remote...

CVE-2014-9799

The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an integer-overflow protectio...

Integer overflow

The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an integer-overflow protectio...

git fixup: --amend for older commits

Everyone knows and loves to use git commit --amend to change the latest commit. But what if you want to correct a older commit? The flow in that case involves an interactive rebase with a edit step. But that's kludgy. Here's an alias that using a couple of nifty git features makes it one command...

iSQL 1.0 - isql_main.c Buffer Overflow (PoC)

Exploit for linux platform in category dos / poc !/bin/ruby Exploit Title: iSQLRL 1.0 - Buffer Overflowisqlmain.c Date: 2016-06-13 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: https://github.com/roselone/iSQL Software Link:...

OS X Install.framework suid root Runner Binary Privilege Escalation Vulnerability

Exploit for macOS platform in category local exploits Source: https://code.google.com/p/google-security-research/issues/detail?id=478 The Install.framework runner suid root binary does not correctly account for the fact that Distributed Objects can be connected to by multiple clients at the same...

automake security update

CentOS Errata and Security Advisory CESA-2014:1243 An updated automake package that fixes one security issue is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which...

RHEL 5 : automake (RHSA-2014:1243)

The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2014:1243 advisory. Automake is a tool for automatically generating Makefile.in files compliant with the GNU Coding Standards. It was found that the distcheck rule in...

No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow

No description provided by source. !/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the most used Dynamic DNS provider...

openSUSE Security Update : miniupnpc (openSUSE-SU-2014:0815-1)

miniupnpc was updated to 1.9 to fix a potential buffer overrun in miniwget.c CVE-2014-3985. Besides that the following issues were fixed : - added argument remoteHost to UPNPGetSpecificPortMappingEntry - increment APIVERSION to 10 - --help and -h arguments in upnpc.c - define MAXHOSTNAMELEN if no...

[THC-Hydra v7.6] Fast Parallel Network Logon Cracker

Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast. Features IPv6 Support Graphic User Interface Internationalized support RFC 4013 HTTP proxy support SOCKS proxy support The tool suppor...

[Tundeep v0.2a] Layer 2 VPN/Injection tool

Tundeep is a layer 2 VPN/injection tool that resides almost entirely in user space on the victim aside from the pcap requirement. This can be handled via a silent install however. The tool will build on Linux and Windows victims. Windows compilation is achieved using Cygwin. The attacker must be ...

[Aircrack-ng 1.2 Beta 1] 802.11 WEP and WPA-PSK keys cracking tool

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared ...

No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow

No-IP Dynamic Update Client DUC 2.1.9 - Local IP Address Stack Overflow !/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the...

No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow

!/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the most used Dynamic DNS provider worldwide, their Dynamic Update Client D...

No-IP Dynamic Update Client 2.1.9 Stack Overflow

!/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the most used Dynamic DNS provider worldwide, their Dynamic Update Client D...

RHEL 6 : automake (RHSA-2013:0526)

An updated automake package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

[SECURITY] Fedora 17 Update: automake-1.11.6-1.fc17

Automake is a tool for automatically generating Makefile.in' files compliant with the GNU Coding Standards. You should install Automake if you are developing software and would like to use its ability to automatically generate GNU standard Makefiles...