unzip: out-of-bounds read/write in test_compr_eb() in extract.c

A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip's '-t' option...

unzip: CRC32 verification heap-based buffer overread (oCERT-2014-011)

A buffer overflow flaw was found in the way unzip computed the CRC32 checksum of certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option...

XDcms订餐网站系统单店版注入(demo测试)

简要描述： rt 详细说明： 黑盒demo测试 首先注册一个用户，然后修改用户资料 http://dd.xdcms.cn/index.php?m=member&f=edit 修改完成之后，下单点餐。 然后报错了。二次注入 由于demo有安全狗，就没用深入测试了。 漏洞证明：...

Oracle Linux 6 / 7 : freetype (ELSA-2015-0696)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0696 advisory. - Fixes CVE-2014-9657 - Check minimum size of recordsize. - Fixes CVE-2014-9658 - Use correct value for minimum table length test. - Fixes...

Wireless Toolsuite: WRAITH

Wireless reconnaissance, collection and exploitation toolsuite Attack vectors, rogue devices, interfering networks are best visualized and identified over time. Current tools i.e. Kismet, Aircrack-ng and Wireshark are excellent tools but none are completely suitable for collecting and analyzing t...

Maligno v2.0 - Metasploit Payload Server

Maligno is an open source penetration testing tool written in Python that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded prior to transmission. Maligno also comes with a client tool, which...

How to Simulate Veeam Backup & Replication Disk I/O

Purpose This article provides examples of using common workload simulators diskspd and fio to simulate Veeam Backup & Replication disk I/O. Do Not Send Test Output Files to Veeam Support The write test output files testfile.dat do not contain diagnostic data. As such, please do not attach them to...

Using scrapy crawl sebug vulnerability database-vulnerability warning-the black bar safety net

! Due to the project need to grab the sebug of the vulnerability database content, using the scrapy framework simple has written a gripping sebug the crawler, and stored in a database, mysql or mongodb, here to mysql, for example. About scrapy Scrapy, Python, development of a quick,high-level...

Rowhammer - NaCl Sandbox Escape

Sources: http://googleprojectzero.blogspot.ca/2015/03/exploiting-dram-rowhammer-bug-to-gain.html https://code.google.com/p/google-security-research/issues/detail?id=284 Full PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/36311.tar.gz This is a proof-of-conce...

XYCMS管理咨询公司建站系统存在默认数据库下载和存储型XSS

简要描述： XYCMS管理咨询公司建站系统存在默认数据库下载和存储型XSS 详细说明： XYCMS管理咨询公司建站系统存在默认数据库下载和存储型XSS。 源码地址：http://down.chinaz.com/soft/29472.htm 一是存在存储型XSS，发生在在线应聘处，可插入XSS代码，漏洞文件：Careersyp.asp 可谷歌搜索：inurl:Careersyp.asp 实例如下：http://www.gaonengkedi.com/Careersyp.asp?id=4 http://njqygl.com/Careersyp.asp?id=1...

[SECURITY] Fedora 20 Update: rubygem-actionpack-4.0.0-5.fc20

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser...

Exploiting XXE Vulnerabilities in OXML Documents - Part 1

OXML is a common document format; think docx Microsoft Word Document, pptx Microsoft Powerpoint, xlsx Excel Spreadsheet, etc. An OXML document is a zip file containing XML files and any media files. When the document is rendered, the rendering library unzips the document and then parses the...

Wechat red casual collar(fortune to become rich Ben well-off, daily rate million is not a dream)-vulnerability warning-the black bar safety net

Team the little friends always make me red packets to them, sent thousands of block is also not satisfied with it! Find a loophole to give them red envelopes! Their manual testing. A minute collar the 2 0 0 block of red envelopes, but also fairly good. Estimated write into the program a day a few...

phpBugTracker 1.6.0 CSRF / XSS / SQL Injection

Advisory: Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities in phpBugTracker v.1.6.0 Advisory ID: SROEADV-2015-16 Author: Steffen Rösemann Affected Software: phpBugTracker v.1.6.0 Vendor URL: https://github.com/a-v-k/phpBugTracker Vendor Status: patched CVE-ID: will asked to be...

SAP Afaria - Stored XSS

Application: SAP Afaria 7 Vendor URL: http://www.sap.com Bugs: XSS Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Security Note 2152669 Authors: Dmitry Chastukhin ERPScan Vulnerability information Class: XML External Entity CWE-79 Impact: Store...

齐博CMS博客系统注入（可更新数据库,demo测试）

简要描述： 不知道 详细说明： 漏洞文件 ../blog/template/space/file/viewmusic.php function getviewmusic global $db,$uid,$pre,$id,$timestamp,$BM; $db-query"UPDATE $BMmusicsong SET hits=hits+1,lastview='$timestamp' WHERE id='$id'"; $rsdb=$db-getone"SELECT FROM $BMmusicsong WHERE id='$id'"; $rsdbposttime=date"Y-m-d...

[SECURITY] Fedora 21 Update: rubygem-actionpack-4.1.5-2.fc21

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser...

AppUse - Android Pentest Platform Unified Standalone Environment

AppUse Virtual Machine, developed by AppSec Labs, is a unique and free system, a platform for mobile application security testing in the android environment, and it includes unique custom-made tools. Faster & More Powerful The system is a blessing to security teams, who from now on can easily...

Kali Linux 1.1.0 - The Best Penetration Testing Distribution

After almost two years of public development and another year behind the scenes, we are proud to announce our first point release of Kali Linux – version 1.1.0. This release brings with it a mix of unprecedented hardware support as well as rock solid stability. For us, this is a real milestone as...

Kali Linux

Kali Linux Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers. Kali Linux is preinstalled with over 300...