Security fix for the ALT Linux 7 package kernel-image-std-def version 1:3.14.58-alt0.M70P.2

Jan. 19, 2016 Anton V. Boyarshinov 1:3.14.58-alt0.M70P.2 - CVE-2016-0728 fixed...

imap-ntlm-info NSE Script

This script enumerates information from remote IMAP services with NTLM authentication enabled. Sending an IMAP NTLM authentication request with null credentials will cause the remote service to respond with a NTLMSSP message disclosing information to include NetBIOS, DNS, and OS build version...

openSUSE Security Update : gcc48 (openSUSE-2015-723)

This update for GCC 4.8 provides the following fixes : - Fix C++11 std::randomdevice short read issue that could lead to predictable randomness. CVE-2015-5276, bsc945842 - Fix linker segmentation fault when building SLOF on ppc64le. bsc949000 - Fix noinstrumentfunction attribute handling on PPC64...

MGASA-2015-0449 Updated gcc packages fix security vulnerability

It was discovered that the std::randomdevice class in libstdc++ would not properly detect short reads and could return predictable values if applications used it to obtain randomness from a blocking source such as /dev/random. CVE-2015-5276...

Updated gcc packages fix security vulnerability

It was discovered that the std::randomdevice class in libstdc++ would not properly detect short reads and could return predictable values if applications used it to obtain randomness from a blocking source such as /dev/random. CVE-2015-5276...

CVE-2015-5276

The std::randomdevice class in libstdc++ in the GNU Compiler Collection aka GCC before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors...

SUSE SLED12 / SLES12 Security Update : gcc48 (SUSE-SU-2015:1833-1)

This update for GCC 4.8 provides the following fixes : - Fix C++11 std::randomdevice short read issue that could lead to predictable randomness. CVE-2015-5276, bsc945842 - Fix linker segmentation fault when building SLOF on ppc64le. bsc949000 - Fix noinstrumentfunction attribute handling on PPC64...

PacketTrap TFTPD 2.2.5459.0 - Remote Denial of Service Exploit

No description provided by source. !/usr/bin/perl Jeremy Brown [email protected]/jbrownsec.blogspot.com PacketTrap TFTPD DoS latest 2.2.5459.0 tested -- www.packettrap.com Must have Net::TFTP installed easy to install, 'cpan' then 'install Net::TFTP' ; A product of tftpfuzz.pl coming soon use...

Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit

No description provided by source. !/usr/bin/perl Subdreamer 2.2.1 command exec exploit @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ supported targets: without forum integration with phpBB2 integration with ipb2 integration with vbulletin2 integration...

CuteNews <= 1.4.1 (categories.mdu) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl cijfer-cnxpl - CuteNews =1.4.1 Remote Command Execution Copyright c 2005 cijfer [email protected] All rights reserved. 1. example cijfer@kalma:/research$ ./cijfer-cnxpl.pl -h www.xxxx.org -d /news [email protected] /$ id;uname -a uid=48apache...

Novell Iprint LPD Remote Code Execution Vulnerability

No description provided by source. !/usr/bin/perl Source: http://www.protekresearchlab.com/index.php?option=comcontent&view=article&id=21&Itemid=21 use Getopt::Std; use IO::Socket::INET; $SIGINT = \ my $host = '10.102.3.79'; my $port = 515; my $proto = 'tcp'; my $sockType = SOCKSTREAM; my $timeou...

Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10446/info Firebird is reported prone to a remote buffer-overrun vulnerability. The issue occurs because the application fails to perform sufficient boundary checks when the database server is handling database names. A...

Aborior Encore Web Forum Remote Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10040/info Encore Web Forum is reported prone to an issue that may allow a remote user to execute arbitrary commands on a system implementing the forum software. This issue is due to the application's failure to properly...

joomsport pro and std

joomsport, pro 3.1.1 and std 2.0 , Directory Traversal developers release statement Security notes put in product description and put release notes on our site for both products http://joomsport.com/downloads/components.html?lang=en - Here is the link for standard updated release...

CVE-2012-0883

envvars aka envvars-std in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl...

CVE-2012-0883

envvars aka envvars-std in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl...

CVE-2012-0883

envvars aka envvars-std in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl...

mPDF <= 5.3 file disclosure and fix-vulnerability warning-the black bar safety net

Title: mPDF = 5.3 File Disclosure Author: ZadYree Download address: http://www.mpdf1.com/mpdf/download Affected versions: 5.3 and prior Test platform: multiple !/ usr/bin/perl-U =head1 TITLE mPDF = 5.3 File Disclosure Exploit 0day =head2 SYNOPSIS -- examples/showcode.php --...

Novell Iprint LPD Remote Code Execution

!/usr/bin/perl Source: http://www.protekresearchlab.com/index.php?option=comcontent&view=article&id=21&Itemid=21 use Getopt::Std; use IO::Socket::INET; $SIGINT = \ my $host = '10.102.3.79'; my $port = 515; my $proto = 'tcp'; my $sockType = SOCKSTREAM; my $timeout = 1; my %opt; my $optstring =...

Sysax Multi Server (SFTP module) Multiple Commands DoS Vulnerabilities

Exploit for windows platform in category dos / poc ====================================================================== Sysax Multi Server SFTP module Multiple Commands DoS Vulnerabilities ====================================================================== Title: Sysax Multi ServerSFTP modul...