NETGEAR WNR2000v5 - Remote Code Execution

NETGEAR WNR2000v5 - Remote Code Execution Remote code execution in NETGEAR WNR2000v5 - by Pedro Ribeiro [email protected] / Agile Information Security Released on 20/12/2016 NOTE: this exploit is "alpha" quality and has been deprecated. Please see the modules accepted into the Metasploit framework...

openssl: Crash in ssleay_rand_bytes due to locking regression

A regression was found in the ssleayrandbytes function in the versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7. This regression could cause a multi-threaded application to crash...

ipmi-brute NSE Script

Performs brute force password auditing against IPMI RPC server. Script Arguments brute.credfile, brute.delay, brute.emptypass, brute.firstonly, brute.guesses, brute.mode, brute.passonly, brute.retries, brute.start, brute.threads, brute.unique, brute.useraspass See the documentation for the brute...

lib32-expat: multiple issues

CVE-2012-6702 predictable random numbers It was found that when calling XMLParse ahead of rand, it causes the pseudo random generator to generate non-random predictable numbers. - CVE-2016-5300 denial of service It was found that original fix for CVE-2012-0876 used too little entropy for the hash...

Oracle Linux 6 / 7 : openssl (ELSA-2015-2617)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2617 advisory. - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - rac...

openssl security update

1.0.1e-51.1 - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint 1.0.1e-51 - fix the CVE-2015-1791 fix broken server side renegotiation 1.0.1e-50 - improved fi...

OpenSSL 'ssleay_rand_bytes()' function denial of service vulnerability

OpenSSL is an open source implementation of SSL for strong encryption of network communications, and is now widely used in a variety of network applications. A security vulnerability in OpenSSL in Red Hat allows a remote attacker to send special data to a target multithreaded reference that uses...

openssl: Crash in ssleay_rand_bytes due to locking regression

A regression was found in the ssleayrandbytes function in the versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7. This regression could cause a multi-threaded application to crash...

Blue Coat Systems K9 Web Protection 32.36 Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24373/info K9 Web Protection is prone to a buffer-overflow vulnerability because it fails to perform sufficient boundary checks on user-supplied data before copying it to a buffer. An attacker could leverage this issue to...

MGASA-2014-0144 Updated stunnel package fixes security vulnerability

A flaw was found in the way stunnel, a socket wrapper which can provide SSL support to ordinary applications, performed reinitialization of PRNG after fork. When accepting a new connection, the server forks and the child process handles the request. The RANDbytes function of openssl doesn't reset...

CVE-2011-4327

ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call...

Fedora 19 : perl-Crypt-DSA-1.17-10.fc19 (2013-15786)

As taught by the '09 Debian PGP disaster relating to DSA, the randomness source is extremely important. On systems without /dev/random, Crypt::DSA falls back to using Data::Random. Data::Random uses rand, about which the perldoc says 'rand is not cryptographically secure. You should not rely on i...

Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure

According to its banner, the version of OpenSSH running on the remote host is earlier than 5.8p2. Such versions may be affected by a local information disclosure vulnerability that could allow the contents of the host's private key to be accessible by locally tracing the execution of the...

Revised: Portable OpenSSH security advisory: portable-keysign-rand-helper.adv

OpenSSH Security Advisory: portable-keysign-rand-helper.adv This document may be found at: http://www.openssh.com/txt/portable-keysign-rand-helper.adv 1. Vulnerability Portable OpenSSH's ssh-keysign utility may allow unauthorised local access to host keys on platforms if ssh-rand-helper is used. ...

EggAvatar for vBulletin 3.8.x - SQL Injection

!/usr/bin/env perl use LWP::UserAgent; sub banner print "\n"; print " DSecurity \n"; print "\n"; print " Email:dsecurity.vnatgmail.com \n"; print "\n"; if@ARGVnew; $ua-agent"DSecurity"; $ua-cookiejar; sub login@ my $username=shift; my $password=shift; my $req = HTTP::Request-newPOST =...

Design/Logic Flaw

Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote attackers to defeat protection mechanisms based on randomization by predicting a return value, as demonstrated by the authid protection mechanism...

CVE-2010-4728

The CVE affects Zikula

CVE-2010-4728

Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote attackers to defeat protection mechanisms based on randomization by predicting a return value, as demonstrated by the authid protection mechanism...

http-methods NSE Script

Finds out what options are supported by an HTTP server by sending an OPTIONS request. Lists potentially risky methods. It tests those methods not mentioned in the OPTIONS headers individually and sees if they are implemented. Any output other than 501/405 suggests that the method is if not in the...

IBM DB2 Multiple Unspecified Vulnerabilities (Windows)

The host is installed with IBM DB2 and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodibmdb2multunspecifiedvulnwin.nasl 5055 2017-01-20 14:08:39Z teissa $ IBM DB2 Multiple Unspecified Vulnerabilities Windows Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod,...