openssh: Privilege separation weakness related to PAM support

A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users...

CANToolz aka YACHT (Yet Another Car Hacking Tool) - Framework for Black-Box CAN Network Analysis

CANToolz is a framework for analysing CAN networks and devices. This tool based on different modules which can be assembled in pipe together and can be used by security researchers and automotive/OEM security testers for black-box analysis and etc. You can use this software for ECU discovery, MIT...

IDS IPS Testing Framework: pytbull

pytbull is an Intrusion Detection/Prevention System IDS/IPS Testing Framework for Snort, Suricata and any IDS/IPS that generates an alert file. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to...

Oracle: Security Advisory (ELSA-2016-3551)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2016-3554)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 24 Update: ansible-2.0.2.0-1.fc24

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

SUSE SLED12 Security Update : python-tornado (SUSE-SU-2016:1195-1)

The python-tornado module was updated to version 4.2.1, which brings several fixes, enhancements and new features. The following security issues have been fixed : - A path traversal vulnerability in StaticFileHandler, in which files whose names started with the staticpath directory but were not...

Important: php56, php55

Issue Overview: The following security-related issues were resolved: Buffer over-write in finfoopen with malformed magic file CVE-2015-8865 Signedness vulnerability causing heap overflow in libgd CVE-2016-3074 Integer overflow in phprawurlencode CVE-2016-4070 Format string vulnerability in...

[SECURITY] Fedora 23 Update: ansible-2.0.2.0-1.fc23

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 22 Update: ansible-2.0.2.0-1.fc22

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

Weeman v1.7 - HTTP Server for Phishing

HTTP server for phishing in python. and framework Usually you will want to run Weeman with DNS spoof attack. see dsniff, ettercap. Press 1.7 - is out 25-03-2016 Added profiles Weeman framework 0.1 is out !!! Added command line options. Beautifulsoup dependency removed. Weeman will do the followin...

[SECURITY] Fedora 23 Update: ansible1.9-1.9.6-1.fc23

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 22 Update: ansible1.9-1.9.6-1.fc22

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

C/C++ Offline Compiler and C For OS - Persistent Cross-Site Scripting

Exploit for iOS platform in category web applications Document Title: =============== C & C++ for OS - Filter Bypass & Persistent Vulnerability Product & Service Introduction: =============================== This is an ios c app,you can learn,run,share c code. The software is a offline compiler f...

Electron may insecurely load Node modules

Overview Electron fails to restrict the path for loading Node modules, which may lead to execution of arbitrary JavaScript. Electron is a software framework for developing cross-platformm desktop applications with web technologies, such as HTML, CSS, JavaScript with Chromium and Node.js. Electron...

JVN#00324715: Electron may insecurely load Node modules

Electron is a software framework for developing cross-platformm desktop applications with web technologies, such as HTML, CSS, JavaScript with Chromium and Node.js. Electron is used in applications such as Atom editor, Microsoft Visual Studio Code, etc.. Electron contains a flaw where the search...

IPv6 Validation Toolkit

The IPv6 framework is a robust set of modules and plugins that allow a user to audit an IPv6 enabled network. The built-in modules support enumeration of IPv6 features such as ICMPv6 and Multicast Listener Discovery MLD. In addition, the framework also supports enumeration of Upper Layer Protocol...

Black-Box CAN Network Analysis Framework: CANToolz

CANToolz is a framework forCANbus network and device analysis. This tool consist of various different modules which can be piped together and used by security researchers and automotive/OEM security testers for black-box analysis of any CANbus system. You can use this software for ECU discovery,...

Asbru Web Content Management System 9.2.7 - Multiple Vulnerabilities

Asbru Web Content Management System 9.2.7 - Multiple Vulnerabilities Asbru Web Content Management System v9.2.7 Multiple Vulnerabilities Vendor: Asbru Ltd. Product web page: http://www.asbrusoft.com Affected version: 9.2.7 Summary: Ready to use, full-featured, database-driven web content...

Oracle: Security Advisory (ELSA-2016-3528)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...