CVE-2018-20752

An issue was discovered in Recon-ng before 4.9.5. Lack of validation in the modules/reporting/csv.py file allows CSV injection. More specifically, when a Twitter user possesses an Excel macro for a username, it will not be properly sanitized when exported to a CSV file. This can result in remote...

Security Bulletin: Vulnerabilities in OpenSSL affect Upward Integration Modules (UIM) (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Upward Integration Modules UIM. Upward Integration Modules UIM has addressed the applicableCVEs and included the SSL 3.0 Fallback...

Security Bulletin: Vulnerability in SSLv3 affects IBM BNT Uplink Ethernet Switch Modules for IBM BladeCenter (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM BNT Uplink Ethernet Switch Modules for IBM BladeCenter. Vulnerability Details Summary SSLv3 contains a vulnerability that has been referred...

CIRTKit - Tools For The Computer Incident Response Team

One DFIR console to rule them all. Built on top of theViper Framework Documentation Please see the wiki for more information about CIRTKit and documentation Roadmap Future integrations Bit9 Palo Alto Networks EnCase/FTK Future modules Packet Analysis possibly Dshell Javascript...

Sn0Int - Semi-automatic OSINT Framework And Package Manager

sn0int is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. sn0int is enumerating attack surface by semi-automatically processing public information and mapping the result...

Improper Restriction of XML External Entity Reference in org.springframework.integration:spring-integration-ws and org.springframework.integration:spring-integration-xml

Spring Integration spring-integration-xml and spring-integration-ws modules, versions 4.3.18, 5.0.10, 5.1.1, and older unsupported versions, were susceptible to XML External Entity Injection XXE when receiving XML data from untrusted sources...

Nuuo Central Management Server Authenticated Arbitrary File Download

The Nuuo Central Management Server allows an authenticated user to download files from the installation folder. This functionality can be abused to obtain administrative credentials, the SQL Server database password and arbitrary files off the system with directory traversal. The module will...

Commix v2.7 - Automated All-in-One OS Command Injection And Exploitation Tool

Commix short for command injection exploiter is an automated tool written by Anastasios Stasinopoulos @ancst that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related...

Shed - .NET Runtime Inspector

Shed is an application that allow to inspect the .NET runtime of a program in order to extract useful information. It can be used to inspect malicious applications in order to have a first general overview of which information are stored once that the malware is executed. Shed is able to: Inject ...

Arbitrary Code Execution

openstack-puppet-modules is vulnerable to arbitrary code execution. A known default password is configured in the pcsd daemon, allowing an attacker to gain access to the daemon and execute arbitrary shell commands as root...

Remote Code Execution (RCE)

Django is vulnerable to remote code execution. The django.core.urlresolvers.reverse function allows remote attackers to use a view that constructs URLs to input a "dotted Python path" to import and execute Python modules...

Arbitrary Code Execution

abrt is vulnerable to arbitrary code execution. The /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache tool does not sufficiently sanitize its environment variables, allowing arbitrary Python modules to be loaded and run from non-standard directories such as /tmp. A local attacker is able t...

PHP 5.6.x < 5.6.26 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.26. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in ext/standard/varunserializer.re when destroying deserialized objects due to improper validation of user-supplied input...

Linux: Mounting of vfat filesystems

Older Windows systems and portable USB drives or flash modules use the FAT filesystem. The vfat module supports FAT12, FAT16 and FAT32. Linux kernel modules which implement filesystems that are not needed by the local system should be disabled. Note: This script looks for entry...

Fedora 28 : knot-resolver (2018-c894f896fd)

Knot Resolver 2.4.0 2018-07-03 ================================ Incompatible changes -------------------- - minimal libknot version is now 2.6.7 to pull in latest fixes 366 Security -------- - fix a rare case of zones incorrectly dowgraded to insecure status !576 New features ------------ - TLS...

SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2018:1183-1)

This update for nodejs6 fixes the following issues : - Fix some node-gyp permissions - New upstream LTS release 6.14.1 : - Security fixes : + CVE-2018-7160: Fix for inspector DNS rebinding vulnerability bsc1087463 + CVE-2018-7158: Fix for 'path' module regular expression denial of service...

[SECURITY] Fedora 28 Update: ansible-2.7.5-1.fc28

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

PSF-2018-6 pickle.load denial of service

Modules/pickle.c in Python before 3.7.1 has an integer overflow via a large LONGBINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundreds of gigabytes of...

CVE-2018-1000873

Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service DoS. This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the...

Input validation

Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service DoS. This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the...