USN-7117-3 needrestart regression

USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem for LXC containers. We apologize for the inconvenience. Original advisory details: Qualys discovered that needrestart passed unsanitized data to a library...

SUSE CVE-2024-48992

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable...

needrestart 权限许可和访问控制问题漏洞

needrestart is a tool by liske personal developer for checking which daemons need to be restarted after an upgrade. A security vulnerability exists in versions prior to needrestart 3.8, which stems from a vulnerability that allows a local attacker to run the Ruby interpreter by tricking needresta...

idb - Tool to simplify some common tasks for iOS pentesting and research

idb is a tool to simplify some common tasks for iOS pentesting and research. Originally there was a command line version of the tool, but it is no longer under development so you should get the GUI version. Installation idb has some prerequisites. As it turns out, things like ruby and Qt are...

Automating Phishing Activities: PhishLulz

Automating Phishing Activities PhishLulz is a Ruby toolset aimed at automating Phishing activities When you start a phishing campaign, a dedicated Amazon EC2 Debian 7 instance is spawned. The VM comes with various open source tools that have been glued together. The two main components are:...

Puppet < 2.7.26 / 3.6.2 and Enterprise 2.8.x < 2.8.7 Multiple Vulnerabilities

According to its self-reported version number, the Puppet install on the remote host is affected by multiple vulnerabilities : - A privilege escalation vulnerability related to input validation and paths exists in the bundled Ruby environment. An attacker could trick a privileged user into...