7920 matches found
Egress-Assess - Tool used to Test Egress Data Detection Capabilities
Egress-Assess is a tool used to test egress data detection capabilities. Setup To setup, run the included setup script, or perform the following: 1. Install pyftpdlib 2. Generate a server certificate and store it as "server.pem" on the same level as Egress-Assess. This can be done with the...
CVE-2015-3164
The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket...
SQLMap Web Front End
PHP Front end to work with the SQLMAP JSON API Server sqlmapapi.py to allow for a Web GUI to drive near full functionality of SQLMAP! Windows 2003 Server, IIS/6.0 + ASP + MS-SQL 2005 SQLMap Web GUI Requirements: Linux, Apache, PHP check your favorite distro’s wiki or forum pages, or use google PH...
hostapd and wpa_supplicant denial of service vulnerabilities (CNVD-2015-03932)
hostapd is a daemon that implements a wireless access point AP and authentication server. wpasupplicant is a daemon that runs in the background, developed by software developer Jouni Malinen and other contributors, and is primarily used to support the WEP, WPA/WPA2 and WAPI wireless protocols and...
Cisco Nexus and MDS NX-OS Denial of Service Vulnerabilities
Cisco NX-OS on Nexus 4000 devices, etc. and MDS 9000 devices is the United States Cisco Cisco company's set of operating system running in the Nexus 4000 and other series of switch equipment and MDS 9000 series of fiber optic switch equipment. A security vulnerability exists in the implementation...
DEBIAN-CVE-2015-4163
GNTTABOPswapgrantref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service NULL pointer dereference via a hypercall without a GNTTABOPsetuptable or GNTTABOPsetversion...
Code injection
The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service device reload by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505...
CVE-2015-0771
The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service device reload by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505...
USN-2628-1 strongswan vulnerability
Alexander E. Patrakov discovered that strongSwan incorrectly handled certain IKEv2 setups. A malicious server could possibly use this issue to obtain user credentials...
General Purpose Fuzzing: Honggfuzz
Honggfuzz is a general-purpose fuzzing tool. Given a starting corpus of test files, Hongfuzz supplies and modifies input to a test program and utilize the ptrace API / POSIX signal interface to detect and log crashes. Features Easy setup : No complicated configuration files or setup necessary —...
CVE-2015-2124
Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors...
CVE-2015-2124
Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors...
CVE-2015-2124
Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Core 4.3 and 4.4 allows local users to bypass intended access restrictions and gain privileges via unknown vectors...
ResourceSpace Native PHP File Inclusion Vulnerability
ResourceSpace is an open source digital asset management solution. ResourceSpace has a local PHP file inclusion vulnerability. Due to the "defaultlanguage" HTTP GET parameter received from the user to include PHP files using the "include" PHP function before the "/pages/setup.php" script lack of...
HP Easy Setup Wizard privilege escalation
No description provided...
UBUNTU-CVE-2015-4141
The WPS UPnP function in hostapd, when using WPS AP, and wpasupplicant, when using WPS external registrar ER, 0.7.0 through 2.4 allows remote attackers to cause a denial of service crash via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow...
CVE-2015-3902
Multiple cross-site request forgery CSRF vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configurati...
DEBIAN-CVE-2015-3902
Multiple cross-site request forgery CSRF vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configurati...
UBUNTU-CVE-2015-3902
Multiple cross-site request forgery CSRF vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configurati...
CVE-2015-3902
CVE-2015-3902 is a CSRF/XSRF vulnerability in the phpMyAdmin setup process. The issue affects PHPMyAdmin releases up to 4.0.x < 4.0.10.10, 4.2.x < 4.2.13.3, 4.3.x < 4.3.13.1, and 4.4.x