Security fix for the ALT Linux 10 package dotnet-bootstrap-5.0 version 5.0.17-alt1

5.0.17-alt1 built March 18, 2023 Vitaly Lipatov in task 316692 March 12, 2023 Vitaly Lipatov - new version 5.0.17 with rpmgs script - CVE-2022-29117: .NET Denial of Service Vulnerability - CVE-2022-29145: .NET Denial of Service Vulnerability - CVE-2022-23267: .NET Denial of Service Vulnerability...

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating "Trickbot," a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S...

Security fix for the ALT Linux 10 package kernel-image-std-def version 2:5.10.121-alt1

2:5.10.121-alt1 built June 15, 2022 Vitaly Chikunov in task 301677 --- June 10, 2022 Vitaly Chikunov - v5.10.121 2022-06-09. - altha: Restrict setcap binaries in nosuid mode. - v5.10.120 2022-06-06. Fixes: CVE-2022-1852, CVE-2022-1972, CVE-2022-1966. - kernel.perfeventparanoid=4 by default. -...

Security fix for the ALT Linux 9 package dotnet-aspnetcore-5.0 version 5.0.14-alt1

5.0.14-alt1 built March 22, 2022 Vitaly Lipatov in task 295274 Feb. 12, 2022 Vitaly Lipatov - ASP.NET 5.0.14 - CVE-2021-43877 : ASP.NET Core Elevation of privilege Vulnerability - CVE-2021-34532 : ASP.NET Core Information Disclosure Vulnerability...

Security fix for the ALT Linux 9 package mediawiki version 1.36.1-alt1

1.36.1-alt1 built June 30, 2021 Vitaly Lipatov in task 274917 June 27, 2021 Vitaly Lipatov - new version 1.36.1 with rpmrb script - T280226, CVE-2021-35197: Prevent blocked users from purging pages...

Security fix for the ALT Linux 9 package mediawiki-extensions-Widgets version 1.3.0-alt1git

1.3.0-alt1git built June 30, 2021 Vitaly Lipatov in task 274917 June 27, 2021 Vitaly Lipatov - new version 1.3.0 with rpmgs script - CVE-2020-9382, CVE-2020-35625...

Security fix for the ALT Linux 10 package dotnet-runtime-5.0 version 5.0.5-alt1

April 17, 2021 Vitaly Lipatov 5.0.5-alt1 - .NET 5.0.5 - CVE-2021-26701: .NET Core Remote Code Execution Vulnerability...

Security fix for the ALT Linux 9 package dotnet-corefx-3.1 version 3.1.12-alt1

3.1.12-alt1 built March 1, 2021 Vitaly Lipatov in task 266709 Feb. 17, 2021 Vitaly Lipatov - .NET Core 3.1.12 - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...

Security fix for the ALT Linux 9 package dotnet-aspnetcore-3.1 version 3.1.12-alt1

3.1.12-alt1 built March 1, 2021 Vitaly Lipatov in task 266709 Feb. 17, 2021 Vitaly Lipatov - ASP.NET Core 3.1.12 - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...

Security fix for the ALT Linux 9 package dotnet-bootstrap-2.1 version 2.1.25-alt1

2.1.25-alt1 built March 1, 2021 Vitaly Lipatov in task 266708 --- Feb. 17, 2021 Vitaly Lipatov - new version 2.1.25 with rpmgs script - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...

Security fix for the ALT Linux 9 package dotnet-bootstrap-5.0 version 5.0.3-alt1

5.0.3-alt1 built Feb. 18, 2021 Vitaly Lipatov in task 266508 Feb. 17, 2021 Vitaly Lipatov - .NET 5.0.3 and .NET SDK 5.0.103 - CVE-2021-1721: .NET Core Denial of Service Vulnerability - CVE-2021-24112: .NET 5 and .NET Core Remote Code Execution Vulnerability...

vitaly-zykov.ru XSS vulnerability

Open Bug Bounty ID: OBB-717607 Description| Value ---|--- Affected Website:| vitaly-zykov.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

eurohockey.com XSS vulnerability

Open Bug Bounty ID: OBB-364002 Description| Value ---|--- Affected Website:| eurohockey.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

Linux Kernel 4.5.1 - Off-By-One (PoC)

Linux Kernel 4.5.1 - Off-By-One PoC / EDB Note Download: http://cyseclabs.com/exploits/matreshka.c Blog http://cyseclabs.com/blog/cve-2016-6187-heap-off-by-one-exploit / / Quick and dirty PoC for CVE-2016-6187 heap off-by-one PoC By Vitaly Nikolenko [email protected] There's no privilege...

Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - netfilter target_offset Local Privilege Escalation

Linux Kernel 4.4.0-21 Ubuntu 16.04 x64 - netfilter targetoffset Local Privilege Escalation / EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/44300.zip Video https://www.youtube.com/watch?v=qchiJn94kTo / / decr.c / / Ubuntu 16.04 local root...

Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege Escalation

/ EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44300.zip Video https://www.youtube.com/watch?v=qchiJn94kTo / / decr.c / / Ubuntu 16.04 local root exploit - netfilter targetoffset OOB checkcompatentrysizeandhooks/checkentry Tested on...

Vitaly Kamluk on the Adwind RAT

Mike Mimoso talks to Kaspersky Lab researcher Vitaly Kamluk who was critical in the discovery of the latest version of the cross-platform Adwind RAT. The remote access Trojan is unique in that it’s written in Java, giving this version—which is also known as Frutas, AlienSpy and JSocket—the...

Linux Kernel ptrace/sysret Local Privilege Escalation

/ CVE-2014-4699 ptrace/sysret PoC by Vitaly Nikolenko [email protected] gcc -O2 pocv0.c This code is kernel specific. On Ubuntu 12.04.0 LTS 3.2.0-23-generic, the following will trigger the GP in sysret and overwrite the PF handler so we can land to our NOP sled mapped at 0x80000000. However, onc...

Linux Kernel ptrace/sysret - Local Privilege Escalation Exploit

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service double...

Linux Kernel 3.2.0-23 (Ubuntu 12.04 x64) - ptracesysret Local Privilege Escalation

Linux Kernel 3.2.0-23 Ubuntu 12.04 x64 - ptracesysret Local Privilege Escalation / CVE-2014-4699 ptrace/sysret PoC by Vitaly Nikolenko [email protected] gcc -O2 pocv0.c This code is kernel specific. On Ubuntu 12.04.0 LTS 3.2.0-23-generic, the following will trigger the GP in sysret and overwrite...