DumpsterFire Toolset: Security Incidents In A Box

The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support a...

Debian DLA-1135-1 : db security update

It was found that the Berkeley DB reads DBCONFIG from the current working directory, leading to information leak by tricking privileged processes into reading arbitrary files. For Debian 7 'Wheezy', these problems have been fixed in version 5.1.29-5+deb7u1. We recommend that you upgrade your db...

Debian DLA-1136-1 : db4.8 security update

It was found that the Berkeley DB reads DBCONFIG from the current working directory, leading to information leak by tricking privileged processes into reading arbitrary files. For Debian 7 'Wheezy', these problems have been fixed in version 4.8.30-12+deb7u1. We recommend that you upgrade your db4...

CVE-2017-15537

The x86/fpu Floating Point Unit subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace or rtsigreturn system call, allowing local users to read...

Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.4.6 security update

An update is now available for Red Hat JBoss BPM Suite. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

NET Debugger & Assembly Editor: dnSpy

dnSpy is a tool to reverse engineer .NET assemblies. It includes a decompiler, a debugger and an assembly editor and more and can be easily extended by writing your own extension. It uses dnlib to read and write assemblies so it can handle obfuscated assemblies eg. malware without crashing...

CVE-2017-11063

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur...

CVE-2017-11063

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur...

P3Scan Design Vulnerabilities

P3Scan is a proxy server for email that scans for worms, Trojans and other malicious emails. A security vulnerability exists in daemon in P3Scan 3.0rc1 and earlier versions, which stems from the creation of the p3scan.pid file after the program has downgraded an account to non-root privileges. A...

Huawei FusionCompute Denial of Service Vulnerability

Huawei FusionCompute is an enterprise-grade, open server virtualization solution from Huawei, China, based on the Xen open source design. The solution provides automation, advanced integration and management capabilities for virtualized data centers. A denial of service vulnerability exists in...

CVE-2016-5868

drivers/net/ethernet/msm/rndisipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process...

The vulnerability of the rzpnk.sys driver, a IOCTL handler for configuring a cloud-based system, allows a hacker to open a descriptor for arbitrary processes.

The vulnerability of the rzpnk.sys driver, a IOCTL handler for configuring a cloud-based system, is related to deficiencies in access control for the ZwOpenProcess procedure. Exploiting this vulnerability allows a malicious actor to open a descriptor for an arbitrary process remotely...

CVE-2017-14681

The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...

Command injection

The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...

CVE-2017-14681

The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...

CVE-2017-14681

Removed by vendor...

Kannel Privilege Escalation Vulnerability

Kannel is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kannel:kannel"; if...

CVE-2017-14609

The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...

CVE-2017-14610

bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root scrip...

CVE-2017-14609

The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...