McAfee Virus Scan Enterprise Password Hashes Dump

This module extracts the password hash from McAfee Virus Scan Enterprise VSE used to lock down the user interface. Hashcat supports cracking this type of hash using hash type sha1$salt.unicode$pass -m 140 and a hex salt --hex-salt of 01000f000d003300 unicode "\x01\x0f\x0d\x33". A dynamic format i...

Updated privoxy package fixes security vulnerabilities

Updated privoxy packages fix security issues: A memory leak occurred in privoxy 3.0.21 compiled with IPv6 support when rejecting client connections due to the socket limit being reached. CID 66382 A use-after-free bug was found in privoxy 3.0.21 and two additional potential use-after-free issues...

ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling

Exploit for php platform in category web applications Title: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities Author: Adler Freiheit Discovered: 11 June 2014 Updated: 11 December 2014 Published: 11 December 2014 Vendor: Montala Limited Vendor url:...

ResourceSpace 6.4.5976 - Cross-Site Scripting / SQL Injection / Insecure Cookie Handling

​Title: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities Author: Adler Freiheit Discovered: 11 June 2014 Updated: 11 December 2014 Published: 11 December 2014 Vendor: Montala Limited Vendor url: www.resourcespace.org Software: ResourceSpace Digital Asset...

DEBIAN-CVE-2014-8504

Stack-based buffer overflow in the srecscan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted file...

DEBIAN-CVE-2014-8503

Stack-based buffer overflow in the ihexscan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted ihex file...

DEBIAN-CVE-2014-8484

The srecscan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service out-of-bounds read via a small S-record...

UBUNTU-CVE-2014-8484

The srecscan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service out-of-bounds read via a small S-record...

UBUNTU-CVE-2014-8504

Stack-based buffer overflow in the srecscan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted file...

UBUNTU-CVE-2014-8503

Stack-based buffer overflow in the ihexscan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted ihex file...

targets-ipv6-wordlist NSE Script

Adds IPv6 addresses to the scan queue using a wordlist of hexadecimal "words" that form addresses in a given subnet. Script Arguments targets-ipv6-wordlist.nsegments Number User can indicate exactly how big the word must be on Segments of 16 bits. targets-ipv6-wordlist.fillright With this argumen...

targets-ipv6-map4to6 NSE Script

This script runs in the pre-scanning phase to map IPv4 addresses onto IPv6 networks and add them to the scan queue. The technique is more general than what is technically termed "IPv4-mapped IPv6 addresses." The lower 4 bytes of the IPv6 network address are replaced with the 4 bytes of IPv4...

ZMap 1.2.1 - The Internet Scanner

ZMap is an open-source network scanner that enables researchers to easily perform Internet-wide network studies. With a single machine and a well provisioned network uplink, ZMap is capable of performing a complete scan of the IPv4 address space in under 45 minutes, approaching the theoretical...

Zarp - Local Network Attack Framework

Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once,...

OpenMRS < 2.2

Binary data 8572.prm...

Wordfence 5.2.3 - Multiple Vulnerabilities

The Wordfence Security – Firewall & Malware Scan WordPress plugin was affected by a Multiple Vulnerabilities security vulnerability...

Hackers Using 'Shellshock' Bash Vulnerability to Launch Botnet Attacks

Researchers on Thursday discovered a critical remotely exploitable vulnerability in the widely used command-line shell GNU Bourne Again Shell Bash, dubbed "Shellshock" which affects most of the Linux distributions and servers worldwide, and may already have been exploited in the wild to take over...

Gnu Bash 4.3 CGI Scan Remote Command Injection

!/usr/bin/env python http connection import urllib2 Args management import optparse Error managemen import sys banner = """ | .-----.--.--. | .---.-.-----| |--. |. || | | | |. 1 | | --| | |. | |||| |. |.|||| |: 1 | |: 1 \ |::.. . | |::.. . / -------' -------' | Y | | | | | | | | | ||| | |. l |. 1...

Wordfence 5.2.4 - IPTraf.php URI Request Stored XSS

The Wordfence Security – Firewall & Malware Scan WordPress plugin was affected by an IPTraf.php URI Request Stored XSS security vulnerability...

CVE-2014-5931

The Stop & Shop SCAN IT! Mobile aka com.modivmedia.scanitss application 7.21.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...