Broadcom: Heap overflow in "wl_run_escan" when handling WLC_GET_VALID_CHANNELS ioctl results(CVE-2017-0568)

Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. On Android devices, the "bcmdhd" driver is use...

Scan Information

Provides scan information and statistics of plugins run. No source data...

Scan aborted after too many timeouts

The scanner aborted the scan due to the number of consecutive timeouts received from the web application, to prevent this latter to be completely unresponsive and unable to process normal requests. No source data...

HTML Object

The scanner detected one or more HTML object tags. This tag is used to embed multimedia like audio, video, Java applets, ActiveX, PDF and Flash in HTML pages. No source data...

Web Application Sitemap

Publishes the sitemap of the web application as seen by the scan. The list of all URLs that have been detected during the scan are available as an attachment. For each URL in the sitemap, the following information is provided: - The first time the URL is detected - The logic used to detect the UR...

Helpful SR CLI commands

Probe the SR: xe sr-probe type=lvmohba device-config:device=/dev/disk/by-id/scsi- xe sr-probe type=lvmoiscsi device-config:target= device-config:targetIQN= xe sr-probe type=nfs device-config:server= device-config:serverpath=/path/to/export Introduce the existing SR to XenServer: xe sr-introduce...

inquisitor - OSINT Gathering Tool for Companies and Organizations

Inquisitor is a simple for gathering information on companies and organizations through the use of Open Source Intelligence OSINT sources. The key features of Inquisitor include: 1. The ability to cascade the ownership label of an asset e.g. if a Registrant Name is known to belong to the target...

A Red Teamer’s guide to pivoting

A Red Teamer’s guide to pivoting A Red Teamer's guide to pivoting Penetration testers often traverse logical network boundaries in order to gain access to client’s critical infrastracture. Common scenarios include developing the attack into the internal network after successful perimeter breach o...

McAfee Security Scan Plus File Execution Vulnerability - Windows

McAfee Security Scan Plus is prone to file execution vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

McAfee Security Scan Plus Privilege Escalation Vulnerability - Windows

McAfee Security Scan Plus is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Intel Security McAfee Security Scan Plus Detection (Windows SMB Login)

SMB login-based detection of Intel Security McAfee Security Scan Plus. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

McAfee Security Scan Plus Arbitrary Command Execution Vulnerability - Windows

McAfee Security Scan Plus is prone to an arbitrary command execution vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-7200

An SSRF issue was discovered in OpenStack Glance before Newton. The 'copyfrom' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to...

YARA File Scan (Linux)

Binary data linuxyarafilescan.nbin...

YARA Memory Scan (Linux)

Binary data linuxyaramemscan.nbin...

Tracking software versions using Nessus and Splunk

Let's say you have already exported scan results from Nessus or Tenable SecurityCenter to Splunk using HTTP event connector, or in some other way. And you see that some critical software vulnerability was published. For example, this month Jira critical vulnerability. How to find out, do we have...

McAfee Security Scan Plus (SSP) Elevation of Privilege Vulnerability

Intel Security McAfeeSecurity ScanPlus SSP is a free set of diagnostic tools from Intel Corporation formerly McAfee, Inc.. The product proactively checks for up-to-date antivirus, firewall, and Web security software in your computer so that you always know if your computer is secure so that it is...

McAfee Security Scan Plus (SSP) Arbitrary Command Execution Vulnerability

Intel Security McAfee Security ScanPlus SSP is a free set of diagnostic tools from Intel Corporation formerly McAfee, Inc.. The product proactively checks for up-to-date antivirus, firewall, and Web security software in your computer so that you always know if your computer is secure so that it i...

CVE-2016-8023

Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie...

CVE-2016-8025

SQL injection vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request parameter...