python27:2.7 security and bug fix update

An update is available for python-pymongo, python2-rpm-macros, python-docutils, pytest, python-psycopg2, python-PyMySQL, python-lxml, PyYAML, python-pytest-mock, python-attrs, python-jinja2, python-docs, python-mock, python-ipaddress, python-funcsigs, python-py, python-chardet, python-markupsafe,...

SUID3NUM - A Script Which Utilizes Python'S Built-In Modules To Find SUID Bins, Separate Default Bins From Custom Bins, Cross-Match Those With Bins In GTFO Bin's Repository & Auto-Exploit Those

A standalone python script which utilizes python's built-in modules to find SUID bins, separate default bins from custom bins, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! Description A standalone script supporting both python2 & python3 to find out...

Machinae v1.4.8 - Security Intelligence Collector

Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes, and SSL fingerprints. It was inspired by Automater, another excellent tool for collecting information. The Machinae...

python27:2.7 security update

An update is available for python2-rpm-macros, python-docutils, pytest, python-psycopg2, python-PyMySQL, python-lxml, PyYAML, python-pytest-mock, python-attrs, python-jinja2, python-mock, python-ipaddress, python-funcsigs, python-py, python-chardet, python-markupsafe, python-pluggy,...

Debian DLA-1717-1 : rdflib security update

The CLI tools in python-rdflib-tools can load python modules found in the current directory. This happens because 'python -m' appends the current directory in the python path. For Debian 8 'Jessie', this problem has been fixed in version 4.1.2-3+deb8u1. We recommend that you upgrade your rdflib...

[SECURITY] [DLA 1717-1] rdflib security update

Package : rdflib Version : 4.1.2-3+deb8u1 CVE ID : CVE-2019-7653 Debian Bug : 921751 The CLI tools in python-rdflib-tools can load python modules found in the current directory. This happens because "python -m" appends the current directory in the python path. For Debian 8 "Jessie", this problem...

Fibratus - Tool For Exploration And Tracing Of The Windows Kernel

Fibratus is a tool which is able to capture the most of the Windows kernel activity - process/thread creation and termination, context switches, file system I/O, registry, network activity, DLL loading/unloading and much more. The kernel events can be easily streamed to a number of output sinks...

CVE-2019-7653

The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts...

Remote Code Execution (RCE)

Django is vulnerable to remote code execution. The django.core.urlresolvers.reverse function allows remote attackers to use a view that constructs URLs to input a "dotted Python path" to import and execute Python modules...

Arbitrary Code Execution

abrt is vulnerable to arbitrary code execution. The /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache tool does not sufficiently sanitize its environment variables, allowing arbitrary Python modules to be loaded and run from non-standard directories such as /tmp. A local attacker is able t...

Oracle Solaris Critical Patch Update : apr2018_SRU11_3_29_5_0

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Python modules. The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low...

CVE-2018-2753

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Python modules. The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...

CVE-2018-2753

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Python modules. The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...

Design/Logic Flaw

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Python modules. The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...

CVE-2018-2753

CVE-2018-2753 affects Oracle Solaris (Solaris component of Oracle Sun Systems Products Suite), specifically the Python modules subcomponent in Solaris 11.3. The root cause is a vulnerability in the Python modules that allows a low-privileged, logon-attached attacker to compromise Solaris, with us...

Oracle Sun Solaris has an unspecified vulnerability (CNVD-2018-09049)

Oracle Sun Solaris is a Unix operating system originally developed by Sun Microsystems. An unspecified vulnerability exists in the Python modules component of Oracle Sun Solaris. An attacker could exploit this vulnerability to compromise confidentiality and integrity...

Automated Mass Exploiter: AutoSploit

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets are collected automatically as well by employing the Shodan.io API. The program allows the user to enter their platform specific search query such as; Apache , IIS , etc, upon which a list of...

PiDense - Monitor Illegal Wireless Network Activities (Fake Access Points)

Monitor illegal wireless network activities. Similar SSID broadcasts Same SSID broadcasts Calculates unencrypted wireless networks density Watches SSID broadcasts at the blacklist. Capabilities Now Calculates Unencrypted wireless network density Finds same ssid, different encryption Working...

DDEtect - Simple DDE Object Detector

Written by Amit Serper, @0xAmit DDEtector is a simple DDE object detector written in python Currently supports only word DOCX and legacy DOC files Prints the contents of the DDE payloads Note: In some cases DDEtect won't print the entire DDE payload. I'm working on writing a better matching...

changeme - A Default Credential Scanner

A default credential scanner. About Getting default credentials added to commercial scanners is often difficult and slow. changeme is designed to be simple to add new credentials without having to write any code or modules. changeme keeps credential data separate from code. All credentials are...