592 matches found
Server-Side Request Forgery (SSRF)
App Studio millicore is vulnerable to server-side request forgery SSRF attacks. An attacker could exploit a flaw in the externalrequest api call. This allows an attacker to probe the network internal resources, and access restricted endpoints which leads to a disclosure of information...
systemd-journald Memory Corruption / Information Leak Vulnerability
This is a thorough analysis of how Qualys approached exploiting three vulnerabilities in systemd-journald. Although they have not released formal exploits yet, they detail in here is useful in understanding the flaws. Qualys Security Advisory System Down: A systemd-journald exploit...
glusterfs: Information Exposure in posix_get_file_contents function in posix-helpers.c
An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file...
Siemens Automation License Manager Information Disclosure Vulnerability
Siemens Automation License Manager is a Siemens system for processing remote and local licenses for HMI, SCADA and industrial products. An information disclosure vulnerability exists in Siemens Automation License Manager version 5 prior to 5.3.4.4, which can be exploited by sending specially...
gcc security, bug fix, and enhancement update
4.8.5-28.0.1 - Orabug: 27557686 Egeyar Bagcioglu - Introduce 'oraclerelease' into .spec file. Echo it to gcc/DEV-PHASE. 4.8.5-28 - Minor testsuite fixes to clean up test results 1469697 - retpoline support for spectre mitigation 1535655 4.8.5-27 - bump for rebuild with RELRO enabled even for...
xml entity injection vulnerability in CLTPHP version 5.5.3
CLTPHP is a content management system developed in ThinkPHP with the Layui framework in the backend. CLTPHP version 5.5.3 has an XML entity injection vulnerability in the program implementation, which can be exploited by attackers to read arbitrary files, execute system commands, probe intranet...
Server side request forgery (ssrf)
The externalrequest api call in App Studio millicore allows server side request forgery SSRF. An attacker could use this flaw to probe the network internal resources, and access restricted endpoints...
phpbb server-side request forgery vulnerability
phpBB is phpBB group developed a set of open-source use of PHP language development of Web forum software . The software has support for multiple languages , support for multiple databases and customized layout and so on. phpBB server-side request forgery vulnerability exists. Attackers can use...
How to resolve "Failed to probe partitions from virtual disk" error while importing an OS Layer
When importing an OS layer, you get this error: Failed to attach the disk /mnt/repository/Unidesk/OsImport Disks/Windows 10.vhd. Failed to probe partitions from virtual disk This is most often seen when importing a XenServer Windows 10 Gold VM that was exported as an OVF. However, it could happen...
Error: "StoreFront Store Service Probe Failed" While Using Citrix SCOM Management Pack for StoreFront
While using the Citrix SCOM Management Pack for StoreFront MPSF, you might come across an error, StoreFront Store Service Probe failed, that triggers an alert in the SCOM Console. Let’s troubleshoot and understand the possible causes and solutions for this error. Possible reasons for this issue...
Information Exposure in JUnit Report Macro
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-52112. panel The JUnit Report Macro throws different error messages for the url parameter code:java file:///no/file/herecode...
CVE-2016-8495
An improper certificate validation vulnerability in Fortinet FortiManager 5.0.6 through 5.2.7 and 5.4.0 through 5.4.1 allows remote attacker to spoof a trusted entity by using a man-in-the-middle MITM attack via the Fortisandbox devices probing feature...
SSRF Vulnerability in OpenSNS Social System
OpenSNS is a lightweight social user-centered framework based on OneThink for ... An SSRF vulnerability exists in /Public/js.php in OpenSNS Social System due to the program failing to adequately filter data. An attacker is allowed to exploit the vulnerability to probe intranet information...
Linux/x86-64 - Subtle Probing Reverse Shell, Timer, Burst, Password, Multi-Terminal Shellcode (84, 1
include include //| //| Exploit Title: linux x8664 Subtle Probing Reverse Shell, Timer, Burst, Password, multi-Terminal 84, 122, 172 bytes //| Date: 07/20/2016 //| Exploit Author: CripSlick //| Tested on: Kali 2.0 Linux x8664 //| Version: No program being used or exploited; I only relied syscalls...
Linux/x86-64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password Shellcode (172
include include // Exploit Title: Continuously-Probing Reverse Shell via Socket + port-range + password 172 bytes // Date: 07/10/2016 // Exploit Author: CripSlick // Tested on: Kali 2.0 // Version: No program being used or exploited; I only relied on syscalls...
FreeBSD : openssh -- command injection when X11Forwarding is enabled (e4644df8-e7da-11e5-829d-c80aa9043978)
The OpenSSH project reports : Missing sanitisation of untrusted input allows an authenticated user who is able to request X11 forwarding to inject commands to xauth1. Injection of xauth commands grants the ability to read arbitrary files under the authenticated user's privilege, Other xauth...
openssh -- command injection when X11Forwarding is enabled
The OpenSSH project reports: Missing sanitisation of untrusted input allows an authenticated user who is able to request X11 forwarding to inject commands to xauth1. Injection of xauth commands grants the ability to read arbitrary files under the authenticated user's privilege, Other xauth comman...
Ethernet MAC Addresses
This plugin gathers MAC addresses discovered from both remote probing of the host e.g. SNMP and Netbios and from running local checks e.g. ifconfig. It then consolidates the MAC addresses into a single, unique, and uniform list. TRUSTED...
kernel security, bug fix, and enhancement update
2.6.32-573 - security selinux: dont waste ebitmap space when importing NetLabel categories Paul Moore 1130197 - x86 Revert Add driver auto probing for x86 features v4 Prarit Bhargava 1231280 - net bridge: netfilter: dont call iptables on vlan packets if sysctl is off Florian Westphal 1236551 - ne...
UDP Empty Prober
Detect UDP services that reply to empty probes This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'UDP Empty Prober', 'Description' = 'Detect UDP services that reply to empty probes', 'Author' = 'J...