4945 matches found
Open Source Vulnerability Assessment and Management: Archery
Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. Archery uses popular opensource tools to perform comprehensive scaning for web application and network. It also performs web application dynamic...
CVE-2017-8013
EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. Affected accounts are: "Apollo System Test", "emc.dpa.agent.logon" and "emc.dpa.metrics.logon". An attacker with knowledge of the password...
Distributed YARA Malware Scanning System: KLara project
Klara project is aimed at helping Threat Intelligence researchers hunt for new malware using Yara . In order to hunt efficiently for malware, one needs a large collection of samples to search over. Researchers usually need to fire a Yara rule over a collection / set of malicious files and then ge...
GitStack Unauthenticated REST API Requests
This modules exploits unauthenticated REST API requests in GitStack through v2.3.10. The module supports requests for listing users of the application and listing available repositories. Additionally, the module can create a user and add the user to the application's repositories. This module has...
CVE-2018-7272
ForgeRock AM before 5.5.0 exposes SSOToken IDs in REST API URLs, allowing attackers with access to logs to extract sensitive information. The root cause is including SSOToken identifiers in URLs, which can be retrieved from log files and reveal token values. Impact is limited to information discl...
CVE-2018-7272
The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part of the URL, which allows attackers to obtain sensitive information by finding an ID value in a log file...
HP iLO 4 1.00-2.50 Authentication Bypass Administrator Account Creation
This module exploits an authentication bypass in HP iLO 4 1.00 to 2.50, triggered by a buffer overflow in the Connection HTTP header handling by the web server. Exploiting this vulnerability gives full access to the REST API, allowing arbitrary accounts creation. This module requires Metasploit:...
Design/Logic Flaw
OpenFlow Plugin and OpenDayLight Controller versions Nitrogen, Carbon, Boron, Robert Varga, Anil Vishnoi contain a flaw when multiple 'expired' flows take up the memory resource of CONFIG DATASTORE which leads to CONTROLLER shutdown. If multiple different flows with 'idle-timeout' and...
CVE-2017-1000411
OpenFlow Plugin and OpenDayLight Controller versions Nitrogen, Carbon, Boron, Robert Varga, Anil Vishnoi contain a flaw when multiple 'expired' flows take up the memory resource of CONFIG DATASTORE which leads to CONTROLLER shutdown. If multiple different flows with 'idle-timeout' and...
Kenna Security: Analyzing Vulnerability Scan data
I've been following Kenna Security before 2015 Risk I/O for a pretty long time. Mainly, because they do the things I do on a daily basis: analyse various vulnerability scan results and feeds, and prioritize detected vulnerabilities for further mitigation. The only difference is that my scripts an...
Confluence REST API for reading and updating wiki pages
In previous posts I wrote how to automate the work with Atlassian Jira, including automated ticket labeling. Now let's try to use REST API of another popular Atlassian product - Confluence wiki engine. What you may want to automate in Confluence? Obviously, it may be useful to read the pages that...
Grab: Unrestricted access to Eureka server on ██████
Hi Grab Security Team, First of all, best wishes for 2018, empty of bugs if possible ;- Summary: I found that the following endpoint is hosting Netflix Eureka Server █████ and that even if some URLs are requiring authentication 401 code for some of thems like /metrics for example, it is still...
Archery - Open Source Vulnerability Assessment And Management Helps Developers And Pentesters To Perform Scans And Manage Vulnerabilities
Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. Archery uses popular opensource tools to perform comprehensive scaning for web application and network. It also performs web application dynamic...
Avatar Rest API URL return avatar uploaded by user
h3. Summary When the user run REST API URL https://jira.atlassian.com/rest/api/latest/user/avatars?username="username"|https://jira.atlassian.com/rest/api/latest/user/avatars?username=%22username%22 the result will include system avatar and avatar uploaded by that user. For example,...
Tuleap 9.6 Second-Order PHP Object Injection Exploit
This Metasploit module exploits a Second-Order PHP Object Injection vulnerability in Tuleap 'Tuleap 9.6 Second-Order PHP Object Injection', 'Description' = %q This module exploits a Second-Order PHP Object Injection vulnerability in Tuleap = 9.6 which could be abused by authenticated users to...
Tuleap 9.6 Second-Order PHP Object Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tuleap 9.6 Second-Order PHP Object Injection', 'Description' = %q This module exploits a Second-Order PHP Object Injection vulnerability in Tulea...
Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tuleap 9.6 Second-Order PHP Object Injection', 'Description' = %q This module exploits a Second-Order PHP Object Injection vulnerability in Tulea...
Tiredful API - An intentionally designed broken web application based on REST API
Tiredful API is intentionally designed broken app. The aim of this web app is to teach developers, QA or security professionals about flaws present in webservices REST API due to insecure coding practice. Who can use Tiredful API? Web developers Web Pentesters Security Professionals Student What ...
RHEL 7 : org.ovirt.engine-root (RHSA-2017:3427)
An update for org.ovirt.engine-root is now available for Red Hat Virtualization Manager version 4.1. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Low: Red Hat Security Advisory: org.ovirt.engine-root security, bug fix, and enhancement update
An update for org.ovirt.engine-root is now available for Red Hat Virtualization Manager version 4.1. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...