CVE-2026-5463

Command injection vulnerability in console.runmodulewithoutput in pymetasploit3 through version 1.0.6 allows attackers to inject newline characters into module options such as RHOSTS. This breaks the intended command structure and causes the Metasploit console to execute additional unintended...

CVE-1999-0547

An SSH server allows authentication through the .rhosts file...

EUVD-1999-0538

Malware in sbrugna...

Fedora: Security Advisory for rsh (FEDORA-2022-6748ae617b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: rsh-0.17-101.fc36

The rsh package contains a set of programs which allow users to run commands on remote machines, login to other machines and copy files between machines rsh, rlogin and rcp. All three of these commands use rhosts style authentication. This package contains the clients needed for all of these...

Easier URI Targeting With Metasploit Framework

Over the past year and a half, Metasploit Framework’s core engineering team in Belfast has made significant improvements to usability, discoverability, and the general quality of life for the global community of Framework users. A few of the enhancements we’ve worked on in MSF 6 include: A handy...

Ubiquiti Configuration Importer

This module imports an Ubiquiti device configuration. The db file within the .unf backup is the data file for Unifi. This module can take either the db file or .unf. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

LLMNR Query

This module sends LLMNR queries, which are really just normal UDP DNS queries done usually over multicast on a different port, 5355. Targets other than the default RHOSTS' 224.0.0.252 should not respond but may anyway. This module requires Metasploit: https://metasploit.com/download Current sourc...

Powershell Remoting Remote Command Execution

This module uses Powershell Remoting TCP 47001 to inject payloads on target machines. If RHOSTS are specified, it will try to resolve the IPs to hostnames, otherwise use a HOSTFILE to supply a list of known hostnames. This module requires Metasploit: https://metasploit.com/download Current source...

Solaris 10 (libnspr) - Arbitrary File Creation Local Root Exploit

No description provided by source. !/bin/sh $Id: raptorlibnspr,v 1.1 2006/10/13 19:12:12 raptor Exp $ raptorlibnspr - Solaris 10 libnspr oldschool local root Copyright c 2006 Marco Ivaldi [email protected] Local exploitation of a design error vulnerability in version 4.6.1 of NSPR, as includ...

HP-UX rlpdaemon Local .rhosts Append

!/opt/perl5/bin/perl -w HP-UX rlpdaemon local exploit Bulletin HPSBUX0111-176 November 2001 For use only on machines where you have legitimate root. This attempts to add junk including "localhost +" to /.rhosts. Obvious variants could include /etc/passwd. use IO::Socket; $PORT = 9000; pick...

FTP Server Root Directory .rhosts File Present

There exists a vulnerability in the FTP server which may indicate that a remote FTP user attempted to manipulate a .rhosts file. If an attacker is able to write to .rhosts in a user's home directory, they may be able to compromise the FTP server...

Debian Security Advisory DSA 086-1 (ssh-nonfree, ssh-socks)

The remote host is missing an update to ssh-nonfree, ssh-socks announced via advisory DSA 086-1. OpenVAS Vulnerability Test $Id: deb0861.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 086-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Analysis of Linux Backdoor techniques and practices-the vulnerability of early warning-the black bar safety net

| | Page 1 of: analysis of the Linux Backdoor technique and practice methods --- | --- The back door introduction The intruder complete control of the system, to facilitate the next time you enter and use a technology. Generally by modifying system configuration files and installation of...

Hack advanced skills Linux back door technology and practice-vulnerability warning-the black bar safety net

The back door introduction The intruder complete control of the system, to facilitate the next time you enter and use a technology. Generally by modifying system configuration files and installation of third-party back-door tool to achieve. Has a hidden, can bypass the system log, not easy to be...

Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation (1)

Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation 1 source: https://www.securityfocus.com/bid/20471/info The Netscape Portable Runtime API running on Sun Solaris 10 operating system is prone to a local privilege-escalation vulnerability. A successful exploit of this iss...

CentOS 3 : rsh (CESA-2005:074)

Updated rsh packages that fix various bugs and a theoretical security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The rsh package contains a set of programs that allow users to run commands on remote machines, login to...

Low: Red Hat Security Advisory: rsh security update

Updated rsh packages that fix a theoretical security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The rsh package contains a set of programs that allow users to run commands on remote machines, login to other machines, and...

Low: Red Hat Security Advisory: rsh security update

Updated rsh packages that fix various bugs and a theoretical security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The rsh package contains a set of programs that allow users to run commands on remote machines, login to...

FTP Server root Directory .rhosts File Present

The remote anonymous FTP server has a .rhosts file set in its home directory. An attacker may use it to determine the trust relationships between this server and other hosts on the network. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11566; scriptversion"$Revision:...