HackerOne: AWS S3 bucket writeable for authenticated aws users

Hi All, I know that hackerone-attachments is used for file uploads on reports and so I did a quick scan for similar buckets and found . While I can't confirm if you own it or not, it appears that it is publicly writable using the aws cli. When I tried to write to hackerone-attachments, I get: "mo...

CentOS 7 : openhpi (CESA-2015:2369)

Updated openhpi packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

openhpi security update

CentOS Errata and Security Advisory CESA-2015:2369 Updated openhpi packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerabilit...

RedHat Update for openhpi RHSA-2015:2369-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2014-1243)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedStar-2.0-Desktop-Privilege-Escalation

Red Star 2.0 desktop ships with a world-writeable "/etc/rc.d/rc.sysinit" which can be abused to execute commands on boot. An example exploitation of this vulnerability is shown here...

LabTech contains privilege escalation vulnerability

Overview LabTech startup scripts and directories on Linux platforms are world-writeable and the scripts execute with root privileges. Description CWE-284: Improper Access Control LabTech startup scripts and directories on Linux platforms are world-writeable and the scripts execute with root...

RedStar 2.0 Desktop - Privilege Escalation (World-writeable rc.sysinit) Vulnerability

Exploit for linux platform in category local exploits Red Star 2.0 desktop ships with a world-writeable "/etc/rc.d/rc.sysinit" which can be abused to execute commands on boot. An example exploitation of this vulnerability is shown here...

RedStar 2.0 Desktop - 'World-writeable rc.sysinit' Local Privilege Escalation

Red Star 2.0 desktop ships with a world-writeable "/etc/rc.d/rc.sysinit" which can be abused to execute commands on boot. An example exploitation of this vulnerability is shown here https://github.com/HackerFantastic/Public/blob/master/exploits/redstar2.0-localroot.png PoC: /bin/echo...

rsync Writeable Module Detection

The rsync server on the host can be remotely written to. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid78428; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/02/11"; scriptnameenglish:"rsync Writeable Module Detection";...

automake security update

1.9.6-3 - fix for CVE-2012-3386 -- 'make distcheck' was making the directory distdir world-writeable 848470...

APC UPS 3.7.2 (apcupsd) Local Denial of Service Exploit

No description provided by source. / Local Denial of Service for any linux box running APCUPSD v3.7.2 APCUPSD has his pid file world writeable, therefore it is possible to let it kill another pid and create a denial of service against any running daemon. when the apcupsd is stopped, for example B...

Linux Kernel < 2.6.37-rc2 ACPI custom_method Privilege Escalation

No description provided by source. / american-sign-language.c Linux Kernel 2.6.37-rc2 ACPI custommethod Privilege Escalation Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4347 This custommethod file allows to inject...

SSH2 3.0 Restricted Shell Escaping Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4547/info SSH and derivatives is the protocol Secure Shell protocol implementation. It is available for various operating systems, although this vulnerability affects operating systems such as Unix and Linux. It has been...

Samba <= 3.4.5 Symlink Directory Traversal Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/38111/info Samba is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploits would allow an attacker to access files outside of the Samba user's roo...

Sun Cobalt RaQ 4.0 Predictable Temporary Filename Symbolic Link Attack Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5529/info A vulnerability has been reported in Cobalt RaQ that may allow attackers to obtain elevated privileges. The vulnerability exists in the /usr/lib/authenticate utility which is used by Apache for authentication...

Find all writeable folder in filesystem linux polymorphic shellcode - 91 bytes

No description provided by source. / Title : Find all writeable folder in filesystem linux polymorphic shellcode . Name : 91 bytes Find all writeable folder in filesystem linux polymorphic shellcode . Date : Sat Jun 17 21:27:03 2010 Author : gunslinger yudha.gunslingeratgmail.com Web :...

Microsoft IIS WebDAV Write Access Code Execution

No description provided by source. $Id: iiswebdavuploadasp.rb 10397 2010-09-20 15:59:46Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

openSUSE Security Update : rocksndiamonds (openSUSE-SU-2012:0918-1)

The game rocksndiamonds created /.rocksndiamonds/ world writeable, allowing other users to save files in there or corrupt your game state. This was fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

WordPress Persuasion 主题'dl-skin.php'任意文件访问漏洞

BUGTRAQ ID: 64501 Persuasion是一款强大的商业主题。 Persuasion 2.0、2.3版本没有有效过滤用户输入，攻击者可利用此漏洞下载或删除任意文件。 0 mysitemyway persuasion 2.3 mysitemyway persuasion 2.0 厂商补丁： mysitemyway ----------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://mysitemyway.com/theme/persuasion-wordpress-theme/ Exploit Title:...