XXEinjector - Tool For Automatic Exploitation Of XXE Vulnerability

XXEinjector automates retrieving files using direct and out of band methods. Directory listing only works in Java applications. Bruteforcing method needs to be used for other applications. Options --host Mandatory - our IP address for reverse connections. --host=192.168.0.2 --file Mandatory - fil...

BSQLinjector - Blind SQL Injection Exploitation Tool

BSQLinjector uses blind method to retrieve data from SQL databases. I recommend using "--test" switch to clearly see how configured payload looks like before sending it to an application. Options: --file Mandatory - File containing valid HTTP request and SQL injection point SQLINJECT...

CVE-2015-8338

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

CVE-2015-8338

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

Code injection

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

CVE-2015-8338

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the 1 XENMEMincreasereservation, 2 XENMEMpopulatephysmap, 3 XENMEMexchange, and possibly other HYPERVISORmemoryop suboperations, which allows ARM guest OS administrators to cause a denial of service CPU consumption,...

Huawei eSpace Unified Gateway Denial of Service Vulnerability

Huawei eSpace U1900 is a series of unified gateway products. A security vulnerability exists in the memory initialization when processing timeout messages in one of the modules of Huawei eSpace U1910, U1911, U1930, U1960, U1980, U1981 Unified Gateway versions prior to V200R003C00SPC300. A remote...

The vulnerability of the Apache HttpClient client module of Apache HttpComponents, as well as the operating systems Fedora and Ubuntu, allows a perpetrator to cause a service failure.

The vulnerability of the http/conn/ssl/SSLConnectionSocketFactory.java component in the Apache HttpClient client library, along with Apache HttpComponents, and on operating systems like Fedora and Ubuntu, is related to the ignoring of the http.socket.timeout parameter during the SSL handshake...

x86: CPU lockup during exception delivery

ISSUE DESCRIPTION When a benign exception occurs while delivering another benign exception, it is architecturally specified that these would be delivered sequentially. There are, however, cases where this results in an infinite loop inside the CPU, which in the virtualized case can be broken only...

[SECURITY] Fedora 23 Update: sudo-1.8.15-1.fc23

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

CVE-2011-1927

The ipexpire function in net/ipv4/ipfragment.c in the Linux kernel before 2.6.39 does not properly construct ICMPTIMEEXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service invalid pointer dereference via crafted fragmented packets...

x86: Long latency populate-on-demand operation is not preemptible

ISSUE DESCRIPTION When running an HVM domain in Populate-on-Demand mode, Xen would sometimes search the domain for memory to reclaim, in response to demands for population of other pages in the same domain. This search runs without preemption. The guest can, by suitable arrangement of its memory...

CVE-2015-5262

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service HTTPS call hang via unspecified vectors...

Hyper-V Synthetic Network Interface Card Reinitializes on New Target Devices

Hyper-V synthetic Network Interface Card NIC reinitializes on new Provisioning Services target.During the synthetic NIC reinitialize at boot, it delays any software to use the interface.Windows redetects the NIC as a new device and increments the name of the device, for example, “Local Area...

Apache Commons HttpClient DoS

No timeout on handshake...

Mageia: Security Advisory (MGASA-2015-0392)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for Samba (SUSE-SU-2015:0371-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache Commons Component HttpClient HTTPS Timeout Denial of Service Vulnerability

Apache Commons contains a lot of open source tools , used to solve the usual programming often encountered problems , reduce duplication of effort . Apache Commons Components HttpClient fails to properly enforce the 'http.socket.timeout' configuration file, allowing remote attackers to exploit a...

MGASA-2015-0392 Updated jakarta-commons-httpclient and httpcomponents-client packages fixes security vulnerability

The Apache httpclient library had a bug where the socket timeout was ignored during the SSL handshake, causing threads in an application to hang CVE-2015-5262...

Oracle: Security Advisory (ELSA-2007-0347)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...