Go Programming Language SSH Detection

The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

[SECURITY] Fedora 22 Update: perl-5.20.3-329.fc22

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

[SECURITY] Fedora 23 Update: gummi-0.6.6-1.fc23

Gummi is a LaTeX editor written in the C programming language using the GTK+ interface toolkit. It was designed with simplicity and the novice user in mind, but also offers features that speak to the more advanced user...

[SECURITY] Fedora 22 Update: gummi-0.6.6-1.fc22

Gummi is a LaTeX editor written in the C programming language using the GTK+ interface toolkit. It was designed with simplicity and the novice user in mind, but also offers features that speak to the more advanced user...

RabbitMQ: /api/... XSS vulnerability

A cross-site scripting vulnerability was discovered in RabbitMQ, which allowed using api/ path info to inject and receive data. A remote attacker could use this flaw to create an "/api/..." URL, forcing a server error that resulted in the server returning an HTML page with embedded text from the...

RabbitMQ: /api/... XSS vulnerability

A cross-site scripting vulnerability was discovered in RabbitMQ, which allowed using api/ path info to inject and receive data. A remote attacker could use this flaw to create an "/api/..." URL, forcing a server error that resulted in the server returning an HTML page with embedded text from the...

[SECURITY] Fedora 23 Update: perl-5.22.1-351.fc23

Perl is a high-level programming language with roots in C, sed, awk and she ll scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

DropBearSSHD 2015.71 - Command Injection

Exploit for linux platform in category remote exploits VuNote ============ Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3116 Version: 0.2 Date: Mar 3rd, 2016 Tag: dropbearsshd xauth command injection may lead to forced-command bypass Overview -------- Name: dropbear...

Quick Tftp Server Pro 2.3 - Read Mode Denial of Service

Exploit for windows platform in category dos / poc Exploit Title: Quick Tftp Server Pro 2.3 TFTP mode Remote Overflow DoS Date: 21/01/2016 Exploit Author: Guillaume Kaddouch Twitter: @gkweb76 Blog: https://networkfilter.blogspot.com GitHub: https://github.com/gkweb76/exploits Vendor Homepage:...

FCKeditor upload vulnerability summary-vulnerability warning-the black bar safety net

0x01 FCKeditor profile FCKeditor is a specialized use on a web page belonging to the open source WYSIWYG text editor. It logs in lightweight, does not require complicated installation steps can be used. It can be PHP, JavaScript, ASP, ASP.NET and ColdFusion, Java, and ABAP and other different...

eBay Vulnerability Opens Users Up to Phishing, Data Theft

Researchers are warning that some visitors to eBay.com could be tricked into opening a page on the site that could expose them to phishing attacks and data theft. The vulnerability exists in the site’s online sales platform, according to Roman Zaikin, a researcher with Check Point. With it, an...

FreeBSD -- Linux compatibility layer issetugid(2) system call

Problem Description: A programming error in the Linux compatibility layer could cause the issetugid2 system call to return incorrect information. Impact: If an application relies on output of the issetugid2 system call and that information is incorrect, this could lead to a privilege escalation...

server: build config to a strategy that isn't allowed by policy

An authorization flaw was discovered in Kubernetes; the API server did not properly check user permissions when handling certain build-configuration strategies. A remote attacker could create build configurations with strategies that violate policy. Although the attacker could not launch the buil...

glibc catopen() Unbounded Stack Allocations

glibc catopen Multiple unbounded stack allocations URL: https://cxsecurity.com/issue/WLB-2016010149 --------------------------------------- PoC: include include include int main char buff; buff=malloc11111111; memsetbuff,'A',11111110; buff11111110='\0'; catopenbuff, NLCATLOCALE; return 0;...

Unspecified Vulnerability in Oracle Database XML Developer's Kit for C Component

Oracle Database is a large database of commercial nature. An unspecified security vulnerability exists in the Oracle Database XML Developer's Kit for C component, which could be exploited by remote attackers to conduct denial-of-service attacks...

xWPE 1.5.30a-2.1 - Local Buffer Overflow

Exploit Author: Juan Sacco - http://www.exploitpack.com Program: xwpe - Windows Editor v1.5.30a-2.1 Description: Programming environment and editor for console and X11 Tested and developed on: Kali Linux 2.0 x86 - https://www.kali.org Description: xwpe v1.5.30a-2.1 and prior is prone to a...

xWPE 1.5.30a-2.1 - Local Buffer Overflow

Exploit for linux platform in category local exploits Program: xwpe - Windows Editor v1.5.30a-2.1 Description: Programming environment and editor for console and X11 Tested and developed on: Kali Linux 2.0 x86 - https://www.kali.org Description: xwpe v1.5.30a-2.1 and prior is prone to a stack-bas...

Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 8 Update 71, 7 Update 95, or 6 Update 111. It is, therefore, affected by security vulnerabilities in the following components : - 2D - AWT - JAXP - JMX - Libraries - Networking - Security...

[SECURITY] Fedora 23 Update: golang-1.5.3-1.fc23

The Go Programming Language...

Next Hacker to Organize Biggest Java Programming Competition In Germany

Great news for Hackers and Bug-hunters who enjoy Programming and playing around with Software. A worldwide group of like-minded computer programmers is hosting The Next Hacker IPPC event on the 26th and 27th of February in Berlin, Germany, where participants can meet hackers and programmers from...