McAfee SiteAdvisor 3.7.2 - Firefox Use-After-Free (PoC)

McAfee SiteAdvisor 3.7.2 - Firefox Use-After-Free PoC McAfee SiteAdvisor 3.7.2 for firefox Use After Free Poc / Title: McAfee SiteAdvisor 3.7.2 firefox Use After Free Author: Marcin Ressel Twitter: https://twitter.com/mressel NPMcFFPlg32.dll McAfee SiteAdvisor 3.7.2 Tested on: Windows 8.1 x64 and...

[SECURITY] Fedora 22 Update: pam-1.1.8-19.fc22

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

Just-Metadata - Tool that Gathers and Analyzes Metadata about IP Addresses

Just-Metadata is a tool that can be used to gather intelligence information passively about a large number of IP addresses, and attempt to extrapolate relationships that might not otherwise be seen. Just-Metadata has "gather" modules which are used to gather metadata about IPs loaded into the...

rext

Router Exploitation Toolkit - REXT =============================...

CVE-2015-4064

The CVE-2015-4064 entry corresponds to the WordPress Landing Pages plugin (

CVE-2015-2694

MIT Kerberos 5 (krb5) 1.12.x and 1.13.x prior to 1.13.2 are vulnerable due to the kdcpreauth modules (OTP and PKINIT) not tracking client validation, enabling a remote attacker to bypass requires_preauth by submitting zero bytes or an arbitrary realm name. This can lead to obtaining a ciphertext ...

SUSE SLES11 Security Update : glibc (SUSE-SU-2015:0164-1)

glibc has been updated to fix one security issue and several bugs : Security issue fixed : - Fix crashes on invalid input in IBM gconv modules CVE-2014-6040, CVE-2012-6656 - Fixed a stack overflow during hosts parsing CVE-2013-4357 Bugs fixed : - don't touch user-controlled stdio locks in forked...

SUSE SLES11 Security Update : glibc (SUSE-SU-2014:1129-1)

This glibc update fixes a critical privilege escalation problem and two additional issues : - bnc892073: An off-by-one error leading to a heap-based buffer overflow was found in gconvtranslitfind. An exploit that targets the problem is publicly available. CVE-2014-5119 - bnc836746: Avoid race...

SUSE SLES10 Security Update : glibc (SUSE-SU-2015:0170-1)

glibc has been updated to fix security issues : - Fix crashes on invalid input in IBM gconv modules CVE-2014-6040, CVE-2012-6656, bsc894553, bsc894556, GLIBC BZ 17325, GLIBC BZ 14134 - Fixed a stack overflow during hosts parsing CVE-2013-4357 - Copy filename argument in posixspawnfileactionsaddop...

SUSE SLES10 Security Update : glibc (SUSE-SU-2014:1128-1)

This glibc update fixes a critical privilege escalation problem and the following security and non-security issues : - bnc892073: An off-by-one error leading to a heap-based buffer overflow was found in gconvtranslitfind. An exploit that targets the problem is publicly available. CVE-2014-5119 -...

CVE-2015-3631

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

CVE-2015-3631

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

CVE-2015-3631

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

Design/Logic Flaw

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

CVE-2015-3631

Docker Engine prior to 1.6.1 is affected by a local-privilege-escalation vulnerability where a container image can cause volumes to override files under /proc, allowing an attacker to set arbitrary Linux Security Modules (LSM) and docker_t policies. The issue arises when /proc files can be overri...

CVE-2015-3631

Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...

VideoCharge Vanilla 3.16.4.06 - Local Buffer Overflow

VideoCharge Vanilla 3.16.4.06 - Local Buffer Overflow !/usr/bin/python Exploit Title: VideoCharge v3.16.4.06 Date: 10/May/2015 Author: @evilcomrade IRC freenode: vulnhub or offsec or corelan email: kwiha2003 at yahoo dot com Version: 3.16.4.06 Tested on: Win XP3 Software link:...

Amazon Linux AMI : docker (ALAS-2015-522)

The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege escalation. CVE-2015-3627 Libcontainer versi...

docker: multiple issues

CVE-2015-3627 privilege escalation The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege...

PT-2015-6251 · Docker +2 · Docker Engine +3

Name of the Vulnerable Software and Affected Versions: Docker Engine versions prior to 1.6.1 Description: The issue allows local users to set arbitrary Linux Security Modules LSM and docker t policies via an image that allows volumes to override files in /proc. This can be achieved by exploiting...