SUID3NUM - A Script Which Utilizes Python'S Built-In Modules To Find SUID Bins, Separate Default Bins From Custom Bins, Cross-Match Those With Bins In GTFO Bin's Repository & Auto-Exploit Those

A standalone python script which utilizes python's built-in modules to find SUID bins, separate default bins from custom bins, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! Description A standalone script supporting both python2 & python3 to find out...

Node.js third-party modules: [git-lib] RCE via insecure command formatting

I would like to report a RCE issue in the git-lib module. It allows to execute arbitrary commands remotely inside the victim's PC Module module name: git-lib version: 1.6.0 npm page: https://www.npmjs.com/package/git-lib Module Description A library that contains different methods to be consumed ...

Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise

A critical Linux bug has been discovered that could allow attackers to fully compromise vulnerable machines. A fix has been proposed but has not yet been incorporated into the Linux kernel. The flaw CVE-2019-17666, which was classified as critical in severity, exists in the “rtlwifi” driver, whic...

Exploit for Improper Handling of Exceptional Conditions in Sudo_Project Sudo

Sudo-Security-Bypass-CVE-2019-14287 ==========================...

Debian: Security Advisory (DLA-1964-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1964-1] sudo security update

Package : sudo Version : 1.8.10p3-1+deb8u6 CVE ID : CVE-2019-14287 Debian Bug : 942322 In sudo, a program that provides limited super user privileges to specific users, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can caus...

CVE-2019-14287

CVE-2019-14287 affects sudo before 1.8.28. An attacker with a Runas ALL sudoer account can bypass policy blacklists and session PAM modules and cause incorrect logging by invoking sudo with a crafted user ID (example: sudo -u $((0xffffffff))). This corresponds to a local privilege-escalation flaw...

CVE-2019-14287

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "su...

Node.js third-party modules: Stored XSS (Hexo-admin plugin)

I would like to report Stored XSS in Hexo-admin It allows The Post editor functionality in the hexo-admin plugin 3.9.0 for Node.js is vulnerable to stored XSS via the content of a post. Module module name: Hexo-admin version: 3.9.0 npm page: https://www.npmjs.com/package/hexo-admin Module...

UBUNTU-CVE-2019-14287

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "su...

ALPINE-CVE-2019-14846

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible...

DEBIAN-CVE-2019-14846

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible...

PYSEC-2019-4

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible...

PYSEC-2019-74

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2019-14846

Ansible was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process...

ERC.Net – A Toolset for Analyzing Windows Application Crashes

ERC.Net is a collection of tools designed to assist in analyzing and debugging Windows application crashes in order to identify potential security vulnerabilities. Supporting both 64 and 32 bit applications, ERC.Net has many use cases including parsing Windows file headers, identifying compile-ti...

Rebel-Framework - Advanced And Easy To Use Penetration Testing Framework

Automate the automation START git clone https://github.com/rebellionil/rebel-framework.git cd rebel-framework bash setup.sh bash rebel.sh MODULES SCREENSHOTS DEMOS !https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsE...

UPDATE: Covenant v0.3.2

PenTestIT RSS Feed A few weeks ago an update – Covenant v0.3.2 was released. There was a brief mention about Covenant in my post titled – List of Open Source C2 Post-Exploitation Frameworks. This updated version includes new persistence modules - PersistWMI, PersistAutorun, PersistStartup, a...

CVE-2019-6655

On versions 13.0.0-13.1.0.1, 12.1.0-12.1.4.1, 11.6.1-11.6.4, and 11.5.1-11.5.9, BIG-IP platforms where AVR, ASM, APM, PEM, AFM, and/or AAM is provisioned may leak sensitive data...