Fedora 27 : fedpkg / rpkg (2017-9cac2b8b4a)

Update - Fixed chain-build - Remove hard dependency of bash-completion from fedpkg rpkg - Ignore TestModulesCli if openidc-client is unavailable cqi - Port mbs-build to rpkg mprahl - Add .vscode to .gitignore mprahl - Fix TestPatch.testrediff in order to run with old version of mock cqi - Allow t...

ILIAS CMS 5.2.3 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Cross Site Scripting in ILIAS CMS 5.2.3 Date: Apr 24, 2017 Software Link: https://www.ilias.de Exploit Author: Florian Kunushevci Contact: https://facebook.com/florianx00 CVE: CVE-2018-5688 Category: webapps 1. Description ILIAS...

Design/Logic Flaw

ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component...

CVE-2018-5688

ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component...

CVE-2018-5688

ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component...

CVE-2018-5688

ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component...

RHEL 6 : rhevm-setup-plugins (RHSA-2018:0052) (Spectre)

An update for rhevm-setup-plugins is now available for RHEV Manager version 3.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 7 : rhevm-setup-plugins (RHSA-2018:0051) (Spectre)

An update for rhevm-setup-plugins is now available for RHEV Engine version 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

(RHSA-2018:0052) Important: rhevm-setup-plugins security, bug fix, and enhancement update

The rhevm-setup-plugins package adds functionality exclusive only to Red Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configuration of the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to the knowledgebase...

(RHSA-2018:0051) Important: rhevm-setup-plugins security, bug fix, and enhancement update

The rhevm-setup-plugins package adds functionality exclusive only to Red Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configuration of the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to the knowledgebase...

Relayer - SMB Relay Attack Script

Relayer is an SMB relay Attack Script that automates all the necessary steps to scan for systems with SMB signing disabled and relaying authentication request to these systems with the objective of gaining a shell. Great when performing Penetration testing. Relayer makes use of Unicorn from...

XenDesktop Setup Wizard completes without error, but there's no VM has been created in Hyper-V SCVMM

XenDesktop Setup Wizard completes without error, but no VM has been created in Hyper-V SCVMM. And there's noparticular error messages from CDF trace either...

jenkins -- Two startup race conditions

The Jenkins project reports: A race condition during Jenkins startup could result in the wrong order of execution of commands during initialization. On Jenkins 2.81 and newer, including LTS 2.89.1, this could in rare cases we estimate less than 20% of new instances result in failure to initialize...

How to configure Monitor to check services status of RADIUS servers ?

Configure Monitor for RADIUS server...

CVE-2017-16690

A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs like DWMAPI.dll located in your Syswow64 / System32 folder from the folder the executable is in a...

Fedora 26 : 2:docker (2017-3976710f1e)

Resolves: 1510351 - CVE-2017-14992 built docker @projectatomic/docker-1.13.1 commit 584d391 built docker-novolume-plugin commit 385ec70 built rhel-push-plugin commit af9107b built docker-lvm-plugin commit 8647404 built docker-runc @projectatomic/docker-1.13.1 commit 1c91122 built docker-container...

Oracle Linux 7 : postgresql (ELSA-2017-3402)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3402 advisory. 9.2.23-3 - setup: keep PGSETUP variables after switching to not-privileged user 9.2.23-2 - fix CVE-2017-12172 Tenable has extracted the preceding...

difuze - Fuzzer for Linux Kernel Drivers

Fuzzer for Linux Kernel Drivers Tested on Ubuntu = 14.04.5 LTS As explained in our paper, There are two main components of difuze: Interface Recovery and Fuzzing Engine 1. Interface Recovery The Interface recovery mechanism is based on LLVM analysis passes. Every step of interface recovery are...

PT-2017-3822 · Libtiff +5 · Libtiff +5

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.0.9 Description: The issue is related to a heap-based buffer overflow in the TIFFSetupStrips function of the LibTIFF library. This can be exploited by a remote attacker using a specially crafted TIFF file, potentially leadin...

Command Execution Vulnerability in the pelco Sarix Enhanced Dot1xSetupController.php File

pelco Sarix Enhanced is a webcam. A command execution vulnerability exists in the pelco Sarix Enhanced Dot1xSetupController.php file. The vulnerability is caused due to the program failing to properly perform validity checks when processing user-submitted data, allowing an attacker who has been...