Security update for the Linux Kernel (important)

The openSUSE Leap 42.2 kernel was updated to 4.4.92 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13080: Wi-Fi Protected Access WPA and WPA2 allowed reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker...

UBUNTU-CVE-2013-7377

The codem-transcode module before 0.5.0 for Node.js, when ffprobe is enabled, allows remote attackers to execute arbitrary commands via a POST request to /probe...

CVE-2014-0997

WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle...

Design/Logic Flaw

WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle...

Capturing, Analyzing and Responding to Cyber Attacks: cyberprobe

The Cyberprobe project is an open-source distributed architecture for real-time monitoring of networks against attack. The software consists of two components: a probe, which collects data packets and forwards it over a network in standard streaming protocols. a monitor, which receives the stream...

niushop_b2c Pay.php has xml entity injection vulnerability

Niushop open source mall National first commercial free four-in-one completely open source 100% open source The country's first set of B2B2C multi-user mall + micro letter micro-distribution + e-commerce platform investment operation + iOS, Android multi-platform client PHP open source e-commerce...

SCOM "StoreFront Store Service Probe Status" failure on credentials

When the store is configured with “Trusted Domains Only”, alerts may be logged in the Operation manager console stating that the Storefront Store Service Probe failed withError description: "Could not get credentials" More information can be obtain about the authentication attempt by enabling...

probeSniffer - A Tool for Sniffing Unencrypted Wireless Probe Requests from Devices

| | \ / | \ / / | | | | |/ | \ | o | D | | o / | || || | / | D | /| /| O | | \ | | || || | | || | / | | | | | O | / \ | | || || | | | \ | | | . | | | \ | | || || | | | | | . \ || |||/|||||||| || |||| v2.1 by David SchĂźtz @xdavidhu A tool for sniffing unencrypted wireless probe requests...

XSS'OR - Hack with JavaScript

XSS'OR is a free online tool for hacking with JavaScript. It contains three major modules: 1. Encode/Decode The Encode/Decode module, including: front-end encryption and decryption; code compression, decompression, beautification, the implementation of testing; character set conversion, hash...

Module to Probe Different Data Points in a CAN Packet

Scans between two CAN IDs and writes data at each byte position. It will either write a set byte value Default 0xFF or iterate through all possible values of that byte position takes much longer. Does not check for responses and is basically a simple blind fuzzer. This module requires Metasploit:...

CVE-2017-6614

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access...

Design/Logic Flaw

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access...

CVE-2017-6614

Cisco FindIT Network Probe Software 1.0.0 is affected by CVE-2017-6614 due to missing RBAC for file-download requests in its web UI. An authenticated, remote attacker could send a crafted HTTP request to download and view arbitrary system files using the affected software. Exploitation details an...

CVE-2017-6614

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access...

Cisco FindIT Network Probe Information Disclosure Vulnerability

Cisco FindIT is the United States Cisco Cisco company introduced a set of network management software. An information disclosure vulnerability exists in the Cisco FindIT network probe. An attacker could exploit this vulnerability to obtain sensitive information on the target system...

Cisco FindIT Network Probe Information Disclosure Vulnerability

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access control RB...

Helpful SR CLI commands

Probe the SR: xe sr-probe type=lvmohba device-config:device=/dev/disk/by-id/scsi- xe sr-probe type=lvmoiscsi device-config:target= device-config:targetIQN= xe sr-probe type=nfs device-config:server= device-config:serverpath=/path/to/export Introduce the existing SR to XenServer: xe sr-introduce...

WIFI Client Detection - Identify People By Assigning A Name To A Device Performing A Wireless Probe Request

WIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request. Download WIFI Client Detection...

CVE-2016-10002

Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to prob...

Real Time Network Monitoring: Cyberprobe

Real Time Network Monitoring Cyberprobe is a distrbuted architecture for real-time monitoring of networks against attack. The software consists of a number of components, including: a probe, which collects data packets and forwards it over a network in standard streaming protocols. a monitor, whi...