Spraygen - Password List Generator For Password Spraying

Password list generator for password spraying - prebaked with goodies Version 1.4 Generates permutations of Months, Seasons, Years, Sports Teams NFL, NBA, MLB, NHL, Sports Scores, "Password", and even Iterable Keyspaces of a specified size. All permutations are generated with common attributes...

PYSEC-2021-129

The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with...

Web Cache Poisoning

Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...

samba: smb client vulnerable to filenames containing path separators

A flaw was found in the samba client where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working...

CentOS 7 : samba (RHSA-2020:1084)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1084 advisory. - A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set i...

Decimal symbol and digit grouping symbol are incorrect for the Swiss language locale in Windows

Decimal symbol and digit grouping symbol are incorrect for the Swiss language locale in Windows This article describes an issue in which the separator symbols for Swiss numbers are displayed incorrectly in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows RT, Windows 8, and Windows...

RHEL 7 : samba (RHSA-2020:1084)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1084 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

samba: smb client vulnerable to filenames containing path separators

A flaw was found in the samba client where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working...

samba: smb client vulnerable to filenames containing path separators

A flaw was found in the samba client where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working...

Token-Reverser - Word List Generator To Crack Security Tokens

Word list generator to crack security tokens. Example use case 1. You are testing reset password function 2. Reset password token was sent to your email box e.g. 582431d4c7b57cb4a3570041ffeb7e10 3. You suppose, it is a md5 hash of the data you provided during registration process 4. You remember...

Directory traversal

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...

OPENSUSE-SU-2019:2458-1 Security update for samba

This update for samba fixes the following issues: Security issues fixed: - CVE-2019-14847: User with 'get changes' permission can crash AD DC LDAP server via dirsync bsc1154598. - CVE-2019-10218: Client code can return filenames containing path separators bsc1144902. - CVE-2019-14833: Fixed Accen...

Security update for samba (important)

openSUSE Security Update: Security update for samba Announcement ID: openSUSE-SU-2019:2458-1 Rating: important References: 1125601 1127153 1130245 1134452 1144902 1154289 1154598 Cross-References: CVE-2019-10218 CVE-2019-14833 CVE-2019-14847 Affected Products: openSUSE Leap 15.0 An update that...

Ubuntu 16.04 LTS / 18.04 LTS : Samba vulnerabilities (USN-4167-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4167-1 advisory. Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a...

Ubuntu: Security Advisory (USN-4167-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4167-2: Samba vulnerabilities

USN-4167-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecti...

USN-4167-1: Samba vulnerabilities

Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. CVE-2019-10218 Simon...

Unspecified vulnerability in Samba (CNVD-2019-39841)

Samba is a set of free software from the Samba team that enables UNIX series operating systems to connect to the SMB/CIFS network protocol of Microsoft Windows operating systems. The program supports sharing printers, transferring data files to each other, and so on. A security vulnerability exis...

Client code can return filenames containing

Description Samba client code libsmbclient returns server-supplied filenames to calling code without checking for pathname separators such as "/" or "../" in the server returned names. A malicious server can craft a pathname containing separators and return this to client code, causing the client...

Decamelize Denial of Service Vulnerability

Decamelize is a tool that converts camelized strings to lowercase using custom separators. A security vulnerability exists in Decamelize. An attacker could exploit this vulnerability to cause a denial of service...