Nested groups with uppercase letters cannot be removed from Confluence, after having been synced initially

h3. Summary Nested groups with uppercase letters cannot be removed from Confluence, after having been synced initially. If you synchronize nested groups with upper case letters into Confluence from Crowd / LDAP, and then update the external directory to remove the child groups, the groups will no...

Nested groups with uppercase letters cannot be removed from Confluence, after having been synced initially

h3. Summary Nested groups with uppercase letters cannot be removed from Confluence, after having been synced initially. If you synchronize nested groups with upper case letters into Confluence from Crowd / LDAP, and then update the external directory to remove the child groups, the groups will no...

Jackpotting Attacks Against US ATMs

Brian Krebs is reporting sophisticated jackpotting attacks against US ATMs. The attacker gains physical access to the ATM, plants malware using specialized electronics, and then later returns and forces the machine to dispense all the cash it has inside. The Secret Service alert explains that the...

Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH)

Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow SEH Exploit Title: Sync Breeze Enterprise v10.4.18 Server - Unauthenticated Remote Buffer Overflow SEH Date: 29/01/2018 Exploit Author: Daniel Teixeira Vendor Homepage: http://www.syncbreeze.com Software Link:...

Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH) Exploit

Exploit for windows platform in category remote exploits Exploit Title: Sync Breeze Enterprise v10.4.18 Server - Unauthenticated Remote Buffer Overflow SEH Exploit Author: Daniel Teixeira Vendor Homepage: http://www.syncbreeze.com Software Link:...

Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH)

Exploit Title: Sync Breeze Enterprise v10.4.18 Server - Unauthenticated Remote Buffer Overflow SEH Date: 29/01/2018 Exploit Author: Daniel Teixeira Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.4.18.exe Version: 10.4.18 Tested on:...

Multiple Products Web Server Component Privilege Gain Vulnerability

Dup Scout Enterprise is a file wiping tool.Disk Savvy Enterprise is a hard disk space analysis tool.Sync Breeze Enterprise is a file synchronization tool.Disk Pulse Enterprise is a disk inspection tool. A security vulnerability exists in the web server component of multiple products that stems fr...

kernel security and bug fix update

2.6.32-696.20.1.OL6 - Update genkey bug 25599697 2.6.32-696.20.1 - x86 kaiser/efi: unbreak tboot Waiman Long 1519799 1519802 CVE-2017-5754 - x86 pti/mm: Fix trampoline stack problem with XEN PV Waiman Long 1519799 1519802 CVE-2017-5754 - x86 pti/mm: Fix XEN PV boot failure Waiman Long 1519799...

Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow Exploit

Exploit for windows platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow', 'Description' = %q This...

CVE-2017-13696

A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful...

Buffer overflow

A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful...

CVE-2017-13696

CVE-2017-13696 describes a buffer overflow in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16, triggered by crafting a malicious GET request. The flaw arises from improper handling/sanitization ...

CVE-2017-13696

A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful...

Sync Breeze Enterprise 9.5.16 Import Command Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow', 'Description' = %q This module exploits a buffer overflow in Sync Breeze...

Sync Breeze Enterprise 9.5.16 - 'Import Command' Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow', 'Description' = %q This module exploits a buffer overflow in Sync Breeze...

Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow

This module exploits a buffer overflow in Sync Breeze Enterprise 9.5.16 by using the import command option to import a specially crafted xml file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

CVE-2017-13184

In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...

CVE-2017-15664

In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9121...

CVE-2017-15664

In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9121...

CVE-2017-15664

In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9121...