CentOS 7 : autofs (CESA-2015:2417)

Updated autofs packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

Oracle: Security Advisory (ELSA-2015-3101)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

python, tkinter security update

CentOS Errata and Security Advisory CESA-2015:2101 Updated python packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common...

Siemens SIMATIC Communicator Module Information Disclosure Vulnerability

Siemens SIMATIC CP 343-1/TIM 3V-IE/TIM 4R-IE/CP 443-1 are communicator modules. Siemens SIMATIC CP 343-1 Advanced devices prior to version 3.0.44, CP 343-1 Lean, CP 343-1, TIM 3V-IE, TIM 3V-IE Advanced, TIM 3V-IE DNP3, TIM 4R-IE, TIM 4R-IE DNP3, CP 443-1 , CP 443-1 Advanced A security vulnerabili...

REXT - Router Exploitation Toolkit

Small toolkit for easy creation and usage of various python scripts that work with embedded devices. core - contains most of toolkits basic functions databases - contains databases, like default credentials etc. interface - contains code that is being used for the creation and manipulation with...

Design/Logic Flaw

The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux RHEL 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted 1 multiboot or 2 multiboot2 module in the configuration file or physically proximate attacke...

SUSE SLED12 / SLES12 Security Update : dracut (SUSE-SU-2015:2065-1)

The dracut package was updated to fix the following security and non-security issues : - CVE-2015-0794: Use mktemp instead of hard-coded filenames, possible vulnerability bsc935338. - Always install mdraid modules bsc935993. - Add notice when dracut failed to install modules bsc952491. - Always...

Novell openSUSE dracut Package Symbolic Link Vulnerability

Novell openSUSE is a set of free Linux-based operating systems from the American company Novell. A security vulnerability in the modules.d/90crypt/module-setup.sh file in Novell openSUSE's dracut allows a local attacker to corrupt system files via a symbolic link attack in /tmp/dracutblockuuid.ma...

SUSE-SU-2015:2065-1 Security update for dracut

The dracut package was updated to fix the following security and non-security issues: - CVE-2015-0794: Use mktemp instead of hardcoded filenames, possible vulnerability bsc935338. - Always install mdraid modules bsc935993. - Add notice when dracut failed to install modules bsc952491. - Always...

RHEL 7 : kernel (RHSA-2015:2152)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:2152 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's file...

kernel: crypto api unprivileged arbitrary module load via request_module()

A flaw was found in the way the Linux kernel's Crypto subsystem handled automatic loading of kernel modules. A local user could use this flaw to load any installed kernel module, and thus increase the attack surface of the running kernel...

openssh: Privilege separation weakness related to PAM support

A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users...

openSUSE Security Update : dracut (openSUSE-2015-765)

The dracut package was updated to fix the following security and non security issues : - CVE-2015-0794: Use mktemp instead of hardcoded filenames, possible vulnerability bnc935338. - Always install mdraid modules boo935993. - Add notice when dracut failed to install modules bsc952491. %NASLMINLEV...

CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

Oracle: Security Advisory (ELSA-2015-3098)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Kerberos vulnerabilities (USN-2810-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2810-1 advisory. It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause...

Email Reconnaissance Tool: SimplyEmail

This tool was based off the work of theHarvester and kind of a port of the functionality. This was just an expansion of what was used to build theHarvester and will incorporate his work but allow users to easily build Modules for the Framework. Current Platforms Supported: Kali Linux 2.0 A few...

Oracle: Security Advisory (ELSA-2015-3092)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES11 Security Update : apache2 (SUSE-SU-2015:1885-2)

Apache was updated to fix one security vulnerability and two bugs. Following security issue was fixed. - Fix the chunked transfer coding implementation in the Apache bsc938728, CVE-2015-3183 Bugs fixed : - add SSLSessionTickets directive bsc941676 - hardcode modules %files bsc444878 - only enable...

List Rsync Modules

An rsync module is essentially a directory share. These modules can optionally be protected by a password. This module connects to and negotiates with an rsync server, lists the available modules and, optionally, determines if the module requires a password to access. This module requires...