openssl: ASN.1 BIO handling of large amounts of data

A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO OpenSSL's I/O abstraction inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data...

FileBuster - An Extremely Fast And Flexible Web Fuzzer

An extremely fast and flexible web fuzzer. Why another fuzzer? My main motivation was to write a script that would allow me to fuzz a website based on a dictionary but that allowed me to filter words on that dictionary based on regex patterns. This necessity came from the frustration of trying to...

Extremely Fast Flexible Web Fuzzer: Filebuster

Extremely Fast Flexible Web Fuzzer Filebuster was built based on one of the fastest HTTP classes in the world of PERL – Furl::HTTP. Also the thread modelling is a bit optimized to run as fast as possible. Features It packs a ton of features like: The already mentioned Regex patterns Supports...

Linux/x86 - Netcat (-e option disabled) Reverse Shell Shellcode (180 bytes)

Linux/x86 - Netcat -e option disabled Reverse Shell Shellcode 180 bytes. Shellcode exploit for Linx86 platform / ;author: Filippo "zinzloun" Bersani ;date: 05/12/2016 ;version: 1.0 ;X86 Assembly/NASM Syntax ;tested on: Linux OpenSuse001 2.6.34-12-desktop 32bit ; Linux ubuntu 3.13.0-100-generic...

shopify-scripts: Invalid handling of zero-length heredoc identifiers leads to infinite loop in the sandbox

Introduction ============ Certain invalid Ruby programs which should normally raise a syntax error are able to cause an infinite loop in MRuby's parser which makes the mruby-engine sandbox and consequently the MRI process it is running in unresponsive to SIGTERM. The process begins looping foreve...

USN-3139-1 vim vulnerability

Florian Larysch discovered that the Vim text editor did not properly validate values for the 'filetype', 'syntax', and 'keymap' options. An attacker could trick a user into opening a file with specially crafted modelines and possibly execute arbitrary code with the user's privileges...

Ubuntu 14.04 LTS / 16.04 LTS : Vim vulnerability (USN-3139-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3139-1 advisory. Florian Larysch discovered that the Vim text editor did not properly validate values for the 'filetype', 'syntax', and 'keymap' options. An attacker...

Ubuntu: Security Advisory (USN-3139-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux/x86 - Egg-hunter Shellcode (31 bytes)

Linux/x86 - Egg-hunter Shellcode 31 bytes. Shellcode exploit for Linx86 platform / ;author: Filippo "zinzloun" Bersani ;date: 28/11/2016 ;version: 1.0 ;X86 Assembly/NASM Syntax ;tested on: Linux OpenSuse001 2.6.34-12-desktop 32bit ; Linux ubuntu 3.13.0-100-generic 147precise1-Ubuntu 32bit ; Linux...

Vim Input Validation Vulnerability

Vim is an open-source, configurable text editor for creating and changing any type of text, which can be used on most UNIX systems and Apple OS X. It can be used to create and change any type of text. A security vulnerability in versions prior to Vim patch 8.0.0056 stems from the program's failur...

ALPINE-CVE-2016-1248

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened...

DEBIAN-CVE-2016-1248

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened...

CVE-2016-1248

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened...

UBUNTU-CVE-2016-1248

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened...

DSA-3722-1 vim - security update

Bulletin has no description...

DLA-718-1 vim - security update

Bulletin has no description...

PT-2016-4670 · Vim +5 · Vim +5

Name of the Vulnerable Software and Affected Versions: vim versions prior to 8.0.0056 Description: The issue arises from improper validation of values for the filetype, syntax, and keymap options. This can lead to the execution of arbitrary code when a file with a specially crafted modeline is...

Bypassing Ebay XSS Protection to launch XSS by Nirmal Dahal

This is a small proof of concept regarding “Reflective Cross-Site Scripting R-XSS ” which I had found on Ebay. I am not an active participant in bug bounty programs, but one day I had finished all my office works so I was surfing on Facebook and received a message from my brother, Samir, asking f...

Interactive Disassembler: Plasma

Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code. PLASMA is an interactive disassembler. It can generate a more readable assembly pseudo code with colored syntax. You can write scripts with the available Python api. The project is still in big...

glob parser write/read out of bounds

The curl tool's "globbing" feature allows a user to specify a numerical range through which curl iterates. It is typically specified as 1-5, specifying the first and the last numbers in the range. Or with a-z, using letters. 1. The curl code for parsing the second unsigned number did not check fo...