505 matches found
CVE-2013-2159
Monkey HTTP Daemon: broken user name authentication...
CVE-2013-2183
Monkey HTTP Daemon has local security bypass...
CVE-2013-2183
Monkey HTTP Daemon has local security bypass...
Security feature bypass
Monkey HTTP Daemon has local security bypass...
CVE-2013-2159
Monkey HTTP Daemon: broken user name authentication...
CVE-2013-2183
Technical details about CVE-2013-2183 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.
CVE-2013-2183
Monkey HTTP Daemon has local security bypass...
CVE-2013-2159
Monkey HTTP Daemon: broken user name authentication...
CVE-2013-2159
CVE-2013-2159 affects Monkey HTTP Daemon with a broken user name authentication mechanism. The NVD notes a CVSSv2 base score of 7.5 (HIGH) and CVSSv3.1 base score of 9.8 (CRITICAL), indicating high impact on confidentiality, integrity, and availability. Connected records reaffirm the same issue, ...
UPDATE: Infection Monkey 1.6.3
PenTestIT RSS Feed Some days ago, Infection Monkey 1.6.3 was released. The first post about this tool can be found in a post titled the List of Adversary Emulation Tools. This is a small bugfix release, mostly around integration and packaging. It contains two user facing changes as well. What is...
Path Traversal in Action View
File Content Disclosure in Action View Impact ------ There is a possible file content disclosure vulnerability in Action View. Specially crafted accept headers in combination with calls to render file: can cause arbitrary files on the target server to be rendered, disclosing the file contents. Th...
Denial of Service Vulnerability in Action View
Denial of Service Vulnerability in Action View Impact ------ Specially crafted accept headers can cause the Action View template location code to consume 100% CPU, causing the server unable to process requests. This impacts all Rails applications that render views. All users running an affected...
GHSA-M63J-WH5W-C252 Denial of Service Vulnerability in Action View
Denial of Service Vulnerability in Action View Impact ------ Specially crafted accept headers can cause the Action View template location code to consume 100% CPU, causing the server unable to process requests. This impacts all Rails applications that render views. All users running an affected...
Denial of Service Vulnerability in Action View
There is a potential denial of service vulnerability in actionview. This vulnerability has been assigned the CVE identifier CVE-2019-5419. Impact ------ Specially crafted accept headers can cause the Action View template location code to consume 100% CPU, causing the server unable to process...
UPDATE: Infection Monkey 1.6.1
PenTestIT RSS Feed I'm sure you must have read my previous post title the List of Adversary Emulation Tools. In that post, I briefly mentioned about the Guardicore Infection Monkey. Good news now is that it has been updated! We now have Infection Monkey 1.6.1. An important change about this versi...
Infection Monkey v1.6 - An Automated Pentest Tool
The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self-propagate across a data center and reports success to a centralized Monkey Island server. The Infection Monkey i...
Possible XSS vulnerability in Rack
There is a possible vulnerability in Rack. This vulnerability has been assigned the CVE identifier CVE-2018-16471. Versions Affected: All. Not affected: None. Fixed Versions: 2.0.6, 1.6.11 Impact ------ There is a possible XSS vulnerability in Rack. Carefully crafted requests can impact the data...
Security Monkey - Tool To Monitors Your AWS And GCP Accounts For Policy Changes And Alerts On Insecure Configurations
Security Monkey monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. Support is available for OpenStack public and private clouds. Security Monkey can also watch and monitor your GitHub organizations, teams, and repositories. It provides a single UI to brow...
Infection Monkey - An Automated Pentest Tool
The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server. The Infection Monkey i...
Joomla! Releases Security Update
Joomla! has released version 3.8.0 of its Content Management System CMS software to address a vulnerability. A remote attacker could exploit this vulnerability to obtain access to sensitive information. US-CERT encourages users and administrators to review the Joomla! Security Release and apply t...