CVE-2016-6338

The CVE-2016-6338 issue affects ovirt-engine-webadmin (used by Red Hat Enterprise Virtualization Manager, RHEV-M, and RHEV-M 4.0). Root cause: webadmin session timeouts not properly enforced, enabling bypass via UI-driven actions that trigger repeating queries. Impact: potential session hijack/by...

PT-2017-8968 · Red Hat · Red Hat Enterprise Virtualization Manager

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization Manager RHEV-M version 4.0 Description: The issue allows physically proximate attackers to bypass a webadmin session timeout restriction. This is achieved via vectors related to UI selections, which trigger...

Upload and Execute

Push a file and execute it. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Upload and Execute', 'Description' = %qPush a file and execute it., 'Author' = 'egypt', 'License' = MSFLICENSE,...

CVE-2016-8712

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds...

PT-2017-9755 · Moxa · Moxa Awk-3131A Wireless Ap

Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A Wireless AP version 1.1 Description: An exploitable nonce reuse vulnerability exists in the Web Application functionality. The device uses one nonce for all session authentication requests and only changes the nonce if the web...

netattack - Scan and Attack Wireless Networks

The netattack.py is a python script that allows you to scan your local area for WiFi Networks and perform deauthentification attacks. The effectiveness and power of this script highly depends on your wireless card. USAGE EASY SCANNING FOR WIFI NETWORKS python netattack.py -scan -mon This example...

Denial Of Service (DoS)

hapi is vulnerable to denial of service DoS attacks. A malicious user can send a malicious accept-encoding header to the system that causes the library to crash or the client to hang until the timeout period is reached...

Web Application Sitemap

Publishes the sitemap of the web application as seen by the scan. The list of all URLs that have been detected during the scan are available as an attachment. For each URL in the sitemap, the following information is provided: - The first time the URL is detected - The logic used to detect the UR...

Android System Setting and Bluetooth Connection Denial of Service Vulnerabilities

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. A denial of service vulnerability exists in Android System Setting and Bluetooth Connection. The vulnerability is caused by the system-level Intent mechanism...

kernel: Stack corruption while reading /proc/keys when gcc stack protector is enabled

It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks...

SUSE SLED12 / SLES12 Security Update : open-vm-tools (SUSE-SU-2017:0701-1)

This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs and security issues : - New vmware-namespace-cmd command line utility - GTK3 support - Common Agent Framework CAF - Guest authentication with xmlsec1 - Sub-command to push updated network information to the host on demand ...

broadcast-ospf2-discover NSE Script

Discover IPv4 networks using Open Shortest Path First version 2OSPFv2 protocol. The script works by listening for OSPF Hello packets from the 224.0.0.5 multicast address. The script then replies and attempts to create a neighbor relationship, in order to discover network database. If no interface...

Error 1053: The service did not respond to the start or control request in a timely fashion.

Challenge A Veeam-related service fails to start with the following error: Error 1053: The service did not respond to the start or control request in a timely fashion. Cause This error is a generic Windows service error and could be caused by a variety reasons, some of which are discussed in the...

The vulnerability of the iOS operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Local Authentication component in the iOS operating system is related to security configuration errors. Exploiting this vulnerability can allow an attacker, operating locally, to compromise the confidentiality, integrity, and accessibility of protected information by...

F5 BIG-IP Information Disclosure Vulnerability

F5 BIG-IP is an all-in-one network device from F5 USA that integrates network traffic management, application security management, load balancing and other functions. An information disclosure vulnerability exists in F5 BIG-IP versions 12.0.0 and 11.5.0 through 11.6.1 where a REST request timeout...

openSUSE Security Update : open-vm-tools (openSUSE-2017-276)

This update for open-vm-tools fixes the following issues : - Updated to 10.1.0 stable release boo1011057 + vmware-namespace-cmd command line utility. + gtk3 support + Common Agent Framework CAF + guest authentication with xmlsec1 + FreeBSD support + sub-command to push updated network information...

Disk Savvy Enterprise - GET Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'DiskSavvy Enterprise GET Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability ...

DiskBoss Enterprise GET Buffer Overflow Exploit

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of DiskBoss Enterprise v7.5.12 and v7.4.28, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested...

DiskBoss Enterprise GET Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskBoss Enterprise v7.5.12, v7.4.28, and v8.2.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on...

Product update: Virtuozzo 7.0 Update 3

The new packages for Virtuozzo 7.0 introducing new features and bug fixes. Vulnerability id: PSBM-56838 Kernel panic when creating ploops on NVMe devices. Vulnerability id: PSBM-56668 HWIDs could not be obtained for SGI UV 1000 nodes. Vulnerability id: PSBM-56667 vzlicview could incorrectly detec...