650 matches found
SQLite3 3.8.6 - Controlled Memory Corruption (PoC)
SQLite3 3.8.6 - Controlled Memory Corruption PoC Exploit Title: SQLite3 controlled memory corruption PoC 0day Date: date Exploit Author: Andras Kabai Vendor Homepage: http://www.sqlite.org/ Software Link: http://www.sqlite.org/download.html Version: 3.8.6, 3.8.8.3 Tested on: Ubuntu 14.10, 64 bit...
OWASP iOSForensic - Tool to help in forensics analysis on iOS
OWASP iOSForensic is a python tool to help in forensics analysis on iOS. It get files, logs, extract sqlite3 databases and uncompress .plist files in xml. OWASP iOSForensic provides: Application's files Conversion of .plist files in XML Extract all databases Conversion of binary cookies...
Mandriva Linux Security Advisory : nspr (MDVSA-2014:125)
A vulnerability has been discovered and corrected in nspr : Mozilla Netscape Portable Runtime NSPR before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write via vectors involving the sprintf and console functions CVE-2014-1545. The updated ns...
ATSEngine credential disclosure vulnerability
Any user can download a .db configuration file without authenticating first. The .db file contains the credentials to the administrative web interface. ?php $url = getURL; if $url !== NULL $database = @filegetcontents$url . '/db/database.db'; if $database !== FALSE fileputcontents'tmp.db',...
Mandriva Linux Security Advisory : nss (MDVSA-2013:257)
A vulnerability has been discovered and corrected in mozilla NSS : Mozilla Network Security Services NSS before 3.15.2 does not ensure that data structures are initialized before read operations, which allow remote attackers to cause a denial of service or possibly have unspecified other impact v...
Mandriva Linux Security Advisory : nss (MDVSA-2013:050)
Google reported to Mozilla that TURKTRUST, a certificate authority in Mozillas root program, had mis-issued two intermediate certificates to customers. The issue was not specific to Firefox but there was evidence that one of the certificates was used for man-in-the-middle MITM traffic management ...
Multi Gather Skype User Data Enumeration
This module will enumerate Skype account settings, contact list, call history, chat logs, file transfer history, and voicemail logs, saving all the data to CSV files for analysis. This module requires Metasploit: https://metasploit.com/download Current source:...
WAFP : Web Application Finger Printer Tool
WAFP : Web Application Finger Printer Tool WAFP is a Web Application Finger Printer written in ruby using a SQLite3 DB. WAFP fetches the files given by the Finger Prints from a webserver andchecks if the checksums of those files are matching to the given checksums from theFinger Prints. This way ...
CVE-2011-0995
The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise SLE 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...
CVE-2011-0995
The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise SLE 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...
Code injection
The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise SLE 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...
CVE-2011-0995
The CVE-2011-0995 issue affects the sqlite3-ruby gem in the rubygem-sqlite3 package for SUSE Linux Enterprise (SLE) 11 SP1. Vulnerable: sqlite3-ruby before 1.2.4-0.5.1; cause: weak permissions on unspecified files. Impact: local users can gain privileges via unknown vectors. Remediation: upgrade ...
CVE-2011-0995
The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise SLE 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...
CVE-2011-0995
The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise SLE 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...
rubygem-sqlite3 gem uses weak file permissions
The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise SLE 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...
Mandriva Update for tcl-sqlite3 MDVA-2011:019 (tcl-sqlite3)
Check for the Version of tcl-sqlite3 OpenVAS Vulnerability Test Mandriva Update for tcl-sqlite3 MDVA-2011:019 tcl-sqlite3 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Mandriva Update for tcl-sqlite3 MDVA-2011:019 (tcl-sqlite3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
MDVA-2011:019 : tcl-sqlite3
The TCL extension for sqlite3 was not provided with the the MDVSA-2011:079 advisory. This advisory addresses the problem and provides the missing packages. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on...
Mandriva Update for firefox MDVSA-2011:079 (firefox)
Check for the Version of firefox OpenVAS Vulnerability Test Mandriva Update for firefox MDVSA-2011:079 firefox Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Mandriva Linux Security Advisory : firefox (MDVSA-2011:079)
Chris Evans of the Chrome Security Team reported that the XSLT generate-id function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while...