GDB Front End: PINCE

GDB Front End: PINCE is not Cheat Engine PINCE is a front-end/reverse engineering tool for the GNU Project Debugger GDB, focused on games. But it can be used for any reverse-engineering related stuff. PINCE is an abbreviation for “PINCE is not Cheat Engine”. PINCE’s GUI is heavily “inspired;D” by...

UBUNTU-CVE-2016-5842

MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read...

Uber: Authentication Issue for easter egg on bonjour.uber.com

This probably ok, almost definitely is just informative but thought I would throw it out here anyways. : bonjour.uber.com hosts an easter egg view source and scroll down where the passcode is insecurely stored as a javascript variable. The source for the easter egg is: html //error easter egg -...

Theory PHP Common Vulnerabilities first bomb: installation problems-vulnerability warning-the black bar safety net

First get a copy of the source code, certainly is the first install, and the installation file will often appear problem. Generally the installation file after the installation is complete, basically not automatically delete the install file, I encountered will be automatically deleted if it...

SUSE SLES11 Security Update : Recommended update for NetworkManager-kde4 (SUSE-SU-2016:1465-1)

This NetworkManager-kde4 update fixes the following security and non security issues : - Fixed a long standing security issue. This makes knetworkmanager probe the RADIUS server for a CA certificate subject and hash if no CA certificate is specified. knetworkmanager then stores this data and send...

Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArray::IterateIndex Memory Corruption

Foxit PDF Reader 1.0.1.0925 - CFXBaseSegmentedArray::IterateIndex Memory Corruption Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=742 We have identified the following memory corruption vulnerability in Foxit PDF Reader version 1.0.1.0925 for Linux 64-bit, when started with a...

lib32-gnutls: arbitrary file overwrite

Setuid programs using GnuTLS could potentially allow an attacker to overwrite and corrupt arbitrary files in the filesystem. This issue was introduced in GnuTLS 3.4.12 with the GNUTLSKEYLOGFILE environment variable handling via getenv and fixed in GnuTLS 3.4.13 by switching to securegetenv where...

Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20160510)

Security Fixes : - It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker coul...

UBUNTU-CVE-2016-5105

The megasasdcmdcfgread function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface MFI command...

CVE-2016-5105

The megasasdcmdcfgread function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface MFI command...

4digits 1.1.4 - Local Buffer Overflow (PoC)

4digits 1.1.4 - Local Buffer Overflow PoC 4digits 1.1.4 Local Buffer Overflow Privilege Escalation if setuid/setgid Discoverd by NA , NA at tutanota.com Downloaded and tested upon Kali Linux Vendor has been notified. Description ------------- 4digits is a guess-the-number puzzle game. It's also...

ntp: crash with crafted logconfig configuration command

It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig configuration commands...

Debian Security Advisory DSA 3388-1 (ntp - security update)

Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs: CVE-2015-5146 A flaw was found in the way ntpd processed certain remote configuration packets. An attacker could use a specially crafted package to cause ntpd to crash if: ntpd enabled remote...

CVE-2015-8325

The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...

CVE-2015-8325

The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...

CVE-2015-8325

CVE-2015-8325 affects OpenSSH sshd where, with UseLogin enabled and PAM reading user .pam_environment files, a local user can trigger a crafted environment for /bin/login (eg via LD_PRELOAD) to gain privileges. Affected context in the provided connected documents centers on OpenSSH scenarios in v...

MetInfo 5.3.1 存在变量覆盖漏洞(可重置管理员账号密码)

No description provided by source...

Zarafe.net CMS 1.0 SQL Injection

Exploit Title : Zarafe.net CMS SQL Injection Vulnerability Exploit Author : Iran Cyber Security Group ICSG Discovered By : 0x3a Vendor HomePage : www.zarrafe.net Version : 1.0 Q1 Date : 4 April, 2016 Tested On : Internet Explorer , Win 98 ----------------------------------------- SQL Injection :...

UBUNTU-CVE-2016-4020

The patchinstruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register TPR...

Ovidentia troubleticketsModule 7.6 - Remote File Inclusion

Ovidentia troubleticketsModule 7.6 - Remote File Inclusion Title: Ovidentia Module troubletickets 7.6 GLOBALSbabInstallPath Remote File Inclusion Vulnerability Author: bd0rk || SCHOOL-OF-HACK.NET eMail: bd0rkathackermail.com Website: http://www.school-of-hack.net Download:...