2018-02-03 03:59
This Metasploit module will exploit SMB with vulnerabilities in MS17-010 to achieve a write-what-where primitive. This will then be used to overwrite the connection session information with… Read More
Blog Directory > Software Blogs > MondoUnix - Unix,Linux,FreeBSD,Howto,Networking,Ip software Blog >
Mondounix - Unix,linux,freebsd,howto,networking,ip Blog
mondounix.com
Tags:
webkit
useafterfree
apport abrt chroot
music sql injection
unauthenticated remote
dual gpu miner
jextn reverse auction
windows code execution
hospitality simphony micros
webkit detachwrapper
MondoUnix,Unix,Linux,FreeBSD,Howto,Networking,Ipv6,programmazione,virtualizzazione,sistemi operativi,database
2018-02-03 03:57
This Metasploit module attempts to gain root privileges on Linux systems by invoking the default coredump handler inside a namespace (“container”). Apport versions 2.13 through 2… Read More
2018-02-03 03:54
Claymore Dual GPU Miner versions 10.5 and below suffer from format string vulnerabilities.
Source: Claymore Dual GPU Miner 10.5 Format String
The post Claymore Dual GPU Miner 10.5 Format Str… Read More
2018-02-03 03:46
WebKit suffers from a use-after-free vulnerability in detachWrapper.
Source: WebKit detachWrapper Use-After-Free
The post WebKit detachWrapper Use-After-Free appeared first on MondoUnix Read More
2018-02-03 03:46
WebKit suffers from a use-after-free vulnerability in WebCore::FrameView::clientToLayoutViewportPoint.
Source: WebKit WebCore::FrameView::clientToLayoutViewportPoint Use-After-Free
The post… Read More
2018-02-03 03:34
FiberHome AN5506 unauthenticated remote DNS changing exploit.
Source: FiberHome AN5506 Unauthenticated Remote DNS Change
The post FiberHome AN5506 Unauthenticated Remote DNS Change appeared… Read More
2018-02-03 03:33
Oracle Hospitality Simphony (MICROS) versions 2.7 through 2.9 suffer from a directory traversal vulnerability.
Source: Oracle Hospitality Simphony (MICROS) 2.9 Directory Traversal
The post O… Read More
2018-02-03 03:03
Joomla! JMS Music component version 1.1.1 suffers from a remote SQL injection vulnerability.
Source: Joomla! JMS Music 1.1.1 SQL Injection
The post Joomla! JMS Music 1.1.1 SQL Injection appe… Read More
2018-02-03 02:58
Joomla! JEXTN Reverse Auction component version 3.1.0 suffers from a remote SQL injection vulnerability.
Source: Joomla! JEXTN Reverse Auction 3.1.0 SQL Injection
The post Joomla! JEXTN Reve… Read More
2018-02-03 02:55
Event Manager PHP Script version 1.0 suffers from a remote SQL injection vulnerability.
Source: Event Manager PHP Script 1.0 SQL Injection
The post Event Manager PHP Script 1.0 SQL Injection… Read More
2018-02-02 16:17
Source: Bitcoin Braces For Worst Week Since 2013
The post Bitcoin Braces For Worst Week Since 2013 appeared first on MondoUnix Read More
2018-02-02 16:17
Source: Smart Sex Toy Fails Penetration Test
The post Smart Sex Toy Fails Penetration Test appeared first on MondoUnix Read More
2018-02-02 16:17
Source: GDPR: These Are The Organizations Which Are The Least Prepared
The post GDPR: These Are The Organizations Which Are The Least Prepared appeared first on MondoUnix Read More
2018-02-02 16:17
Source: Nork Hackers Exploit Flash Bug To Pwn South Koreans
The post Nork Hackers Exploit Flash Bug To Pwn South Koreans appeared first on MondoUnix Read More
2018-02-01 15:11
Source: Mysterious DDoS Attacks Hit Dutch Banks
The post Mysterious DDoS Attacks Hit Dutch Banks appeared first on MondoUnix Read More
2018-02-01 15:11
Source: Autosploit Tool Sparks Fears Of Empowered Script Kiddies
The post Autosploit Tool Sparks Fears Of Empowered Script Kiddies appeared first on MondoUnix Read More
2018-02-01 15:11
Source: Delays Hit Kodak Crypto Currency Plans
The post Delays Hit Kodak Crypto Currency Plans appeared first on MondoUnix Read More
2018-02-01 15:11
Source: A Giant Botnet Is Forcing Windows Servers To Mine Crypto Currency
The post A Giant Botnet Is Forcing Windows Servers To Mine Crypto Currency appeared first on MondoUnix Read More
2018-02-01 01:07
Source: Cisco Drops A Mega-Vuln Alert For VPN Devices
The post Cisco Drops A Mega-Vuln Alert For VPN Devices appeared first on MondoUnix Read More
2018-02-01 01:07
Source: Security Consultant Granted Bail After Hacking GoGet Systems
The post Security Consultant Granted Bail After Hacking GoGet Systems appeared first on MondoUnix Read More
2018-02-01 01:07
Source: Samsung Enters Crypto-Currency Chips Business
The post Samsung Enters Crypto-Currency Chips Business appeared first on MondoUnix Read More
2018-02-01 00:53
This archive contains all of the 268 exploits added to Packet Storm in January, 2018.
Source: Packet Storm New Exploits For January, 2018
The post Packet Storm New Exploits For January, 2018… Read More
2018-01-31 23:55
This Metasploit module exploits a weak access control check in the BMC Server Automation RSCD agent that allows arbitrary operating system commands to be executed without authentication. Not… Read More
2018-01-31 23:23
IPSwitch MoveIt versions 8.1 through 9.4 suffer from a persistent cross site scripting vulnerability.
Source: IPSwitch MoveIt 9.4 Cross Site Scripting
The post IPSwitch MoveIt 9.4 Cross Site… Read More
2018-01-31 17:08
Chromium suffers from a sandbox escape vulnerability via an exposed filesystem::mojom::Directory mojo interface in the catalog service.
Source: Chromium filesystem::mojom::Directory Sandbox… Read More
2018-01-31 17:04
Sprecher Automation SPRECON-E-C and PU-2433 versions prior to 8.49 suffer from directory traversal, missing authentication, broken authentication, and denial of service vulnerabilities.
Sour… Read More
2018-01-31 17:01
Source: Flaws In Gas Station Software Let Hackers Change Prices, Steal Fuel, Erase Evidence
The post Flaws In Gas Station Software Let Hackers Change Prices, Steal Fuel, Erase Evidence appea… Read More
2018-01-31 17:01
Source: CT, MRI Machines Face The Greatest Risk Of Cyberattack
The post CT, MRI Machines Face The Greatest Risk Of Cyberattack appeared first on MondoUnix Read More
2018-01-31 17:01
Source: Buy Second Hand Furniture To Learn Australian Govt Secrets
The post Buy Second Hand Furniture To Learn Australian Govt Secrets appeared first on MondoUnix Read More
2018-01-31 17:01
Source: Facebook Bans All Crypto Currency Ads
The post Facebook Bans All Crypto Currency Ads appeared first on MondoUnix Read More
2018-01-31 17:01
Source: Oracle PoS System Vulns Get Big Red Cross
The post Oracle PoS System Vulns Get Big Red Cross appeared first on MondoUnix Read More
2018-01-31 16:59
systemd (systemd-tmpfiles) versions prior to 236 suffer from an fs.protected_hardlinks=0 local privilege escalation vulnerability.
Source: systemd Local Privilege Escalation
The post systemd… Read More
2018-01-30 17:37
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the ne… Read More
2018-01-30 17:29
This Metasploit module exploits a buffer overflow in Dup Scout Enterprise version 10.4.16 by using the import command option to import a specially crafted xml file.
Source: Dup Scout Enterpr… Read More
2018-01-30 17:28
Source: California Senate Defies FCC, Approves Net Neutrality Law
The post California Senate Defies FCC, Approves Net Neutrality Law appeared first on MondoUnix Read More
2018-01-30 17:28
Source: Microsoft Disables Buggy Intel Patch
The post Microsoft Disables Buggy Intel Patch appeared first on MondoUnix Read More
2018-01-30 17:28
Source: UK Government Mass Surveillance Powers Ruled Unlawful
The post UK Government Mass Surveillance Powers Ruled Unlawful appeared first on MondoUnix Read More
2018-01-30 17:28
Source: NSA Exploit Use On Rise For Crypto Currency Mining
The post NSA Exploit Use On Rise For Crypto Currency Mining appeared first on MondoUnix Read More
2018-01-30 17:14
WordPress Propertyhive plugin version 1.4.14 suffers from a cross site scripting vulnerability.
Source: WordPress Propertyhive 1.4.14 Cross Site Scripting
The post WordPress Propertyhive 1.4… Read More
2018-01-30 17:05
System Shield version 5.0.0.136 suffers from a privilege escalation vulnerability.
Source: System Shield 5.0.0.136 Privilege Escalation
The post System Shield 5.0.0.136 Privilege Escalation… Read More
2018-01-30 17:04
BMC BladeLogic RSCD Agent version 8.3.00.64 suffers from a windows users disclosure vulnerability.
Source: BMC BladeLogic RSCD Agent 8.3.00.64 Windows Users Disclosure
The post BMC BladeLogi… Read More
2018-01-30 17:02
Joomla! Visual Calendar component version 3.1.3 suffers from a remote SQL injection vulnerability.
Source: Joomla! Visual Calendar 3.1.3 SQL Injection
The post Joomla! Visual Calendar 3.1.3… Read More
2018-01-29 15:09
Source: ATM Jackpotting Reaches US Shores
The post ATM Jackpotting Reaches US Shores appeared first on MondoUnix Read More
2018-01-29 15:09
Source: Malwarebytes Pushes Multiple Patches After Nearly Bricking PCs
The post Malwarebytes Pushes Multiple Patches After Nearly Bricking PCs appeared first on MondoUnix Read More
2018-01-29 15:09
Source: Fitness App Strava Lights Up Staff At Military Bases
The post Fitness App Strava Lights Up Staff At Military Bases appeared first on MondoUnix Read More
2018-01-29 15:08
Source: Microsoft's New Update Kills Off Intel's Spectre Patch
The post Microsoft's New Update Kills Off Intel's Spectre Patch appeared first on MondoUnix Read More
2018-01-28 18:01
Source: Lenovo's Fingerprint Scanner Has A Hardcoded Password
The post Lenovo's Fingerprint Scanner Has A Hardcoded Password appeared first on MondoUnix Read More
2018-01-28 18:01
Source: Coinhive Mining Code Slipped Into YouTube Site Ads
The post Coinhive Mining Code Slipped Into YouTube Site Ads appeared first on MondoUnix Read More
2018-01-28 18:01
Source: Linux And Intel Slowly Hack Their Way To A Spectre Patch
The post Linux And Intel Slowly Hack Their Way To A Spectre Patch appeared first on MondoUnix Read More
2018-01-28 18:01
Source: Coincheck Promises 46bn Yen Refund After Theft
The post Coincheck Promises 46bn Yen Refund After Theft appeared first on MondoUnix Read More
2018-01-28 17:39
The Oracle WebLogic WLS WSAT component is vulnerable to an XML deserialization remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1… Read More
2018-01-28 17:37
Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusabilit… Read More
2018-01-28 17:37
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general syst… Read More
2018-01-28 17:29
Joomla! Jtag Members Directory component version 5.3.7 suffers from an arbitrary file download vulnerability.
Source: Joomla! Jtag Members Directory 5.3.7 Arbitrary File Download
The post Jo… Read More
2018-01-28 17:28
Vastal I-Tech Facebook Clone version 2.9.9 suffers from a remote SQL injection vulnerability.
Source: Vastal I-Tech Facebook Clone 2.9.9 SQL Injection
The post Vastal I-Tech Facebook Clone 2… Read More
2018-01-28 17:28
Joomla! JS Support Ticket component version 1.1.0 suffers from a cross site request forgery vulnerability.
Source: Joomla! JS Support Ticket 1.1.0 Cross Site Request Forgery
The post Joomla!… Read More
2018-01-26 14:49
Source: Vulnerable Industrial Controls Directly Connected To The Internet? Why Not?
The post Vulnerable Industrial Controls Directly Connected To The Internet? Why Not? appeared first on Mon… Read More
2018-01-26 14:49
Source: Dutch Spies Tipped Off The NSA Regarding Russian Hacking
The post Dutch Spies Tipped Off The NSA Regarding Russian Hacking appeared first on MondoUnix Read More
2018-01-26 14:49
Source: Davos: Bitcoin Is Not A Currency
The post Davos: Bitcoin Is Not A Currency appeared first on MondoUnix Read More
2018-01-26 14:49
Source: New Claim – Intel Alerted Computer Maker Flaws On Nov 29
The post New Claim – Intel Alerted Computer Maker Flaws On Nov 29 appeared first on MondoUnix Read More
2018-01-26 03:31
Source: Senator Demands FBI Director Explain His Encryption Backdoor Bullshit
The post Senator Demands FBI Director Explain His Encryption Backdoor Bullshit appeared first on MondoUnix Read More
2018-01-26 03:28
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, fro… Read More
2018-01-26 03:26
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable m… Read More
2018-01-26 03:17
AsusWRT Router versions prior to 3.0.0.4.380.7743 suffer from an unauthenticated LAN remote code execution vulnerability.
Source: AsusWRT Router Remote Code Execution
The post AsusWRT Router… Read More
2018-01-25 15:08
Source: GDPR: Deadline Looms But Businesses Still Aren't Ready
The post GDPR: Deadline Looms But Businesses Still Aren't Ready appeared first on MondoUnix Read More
2018-01-25 15:08
Source: Lawmakers Not Happy Chip Flaws Were Kept From Industry
The post Lawmakers Not Happy Chip Flaws Were Kept From Industry appeared first on MondoUnix Read More
2018-01-25 15:08
Source: Burger King Trolled Customers To Perfectly Explain Net Neutrality
The post Burger King Trolled Customers To Perfectly Explain Net Neutrality appeared first on MondoUnix Read More
2018-01-25 15:08
Source: Bell Canada Got Hacked Again
The post Bell Canada Got Hacked Again appeared first on MondoUnix Read More
2018-01-25 01:54
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. This framework comes into play when the attacker is able to… Read More
2018-01-24 17:09
RAVPower version 2.000.056 suffers from a remote root code execution vulnerability.
Source: RAVPower 2.000.056 Remote Root Code Execution
The post RAVPower 2.000.056 Remote Root Code Executi… Read More
2018-01-24 17:06
Professional Local Directory Script version 1.0 suffers from a remote SQL injection vulnerability.
Source: Professional Local Directory Script 1.0 SQL Injection
The post Professional Local D… Read More
2018-01-24 17:05
WordPress Email Subscribers and Newsletters plugin version 3.4.7 suffers from an information disclosure vulnerability.
Source: WordPress Email Subscribers And Newsletters 3.4.7 Information D… Read More
2018-01-24 17:03
RAVPower version 2.000.056 suffers from a memory disclosure vulnerability.
Source: RAVPower 2.000.056 Memory Disclosure
The post RAVPower 2.000.056 Memory Disclosure appeared first on MondoU… Read More
2018-01-24 17:01
MixPad version 5.00 suffers from a buffer overflow vulnerability.
Source: MixPad 5.00 Buffer Overflow
The post MixPad 5.00 Buffer Overflow appeared first on MondoUnix Read More
2018-01-24 16:54
Oracle VirtualBox versions prior to 5.1.30 and 5.2-rc1 suffer from a guest to host escape vulnerability.
Source: Oracle VirtualBox Guest To Host Escape
The post Oracle VirtualBox Guest To Ho… Read More
2018-01-24 16:51
Source: Flaws In Panic Buttons Could Render Them Useless
The post Flaws In Panic Buttons Could Render Them Useless appeared first on MondoUnix Read More
2018-01-24 16:51
Source: Skype, Signal, Slack, Other Apps Inherit Electron Vuln
The post Skype, Signal, Slack, Other Apps Inherit Electron Vuln appeared first on MondoUnix Read More
2018-01-24 16:51
Source: A Piece Of DNA Contained The Key To 1 Bitcoin And It Was Cracked
The post A Piece Of DNA Contained The Key To 1 Bitcoin And It Was Cracked appeared first on MondoUnix Read More
2018-01-24 16:51
Source: Firefox Patches More Than 30 Vulnerabilities
The post Firefox Patches More Than 30 Vulnerabilities appeared first on MondoUnix Read More
2018-01-23 15:03
Source: Voting Box Makers Try To Get Gear Stripped From eBay And Out Of Hackers' Hands
The post Voting Box Makers Try To Get Gear Stripped From eBay And Out Of Hackers' Hands appeared first… Read More
2018-01-23 15:03
Source: A Spyware Company Audaciously Offers 'Cyber Nukes'
The post A Spyware Company Audaciously Offers 'Cyber Nukes' appeared first on MondoUnix Read More
2018-01-23 15:03
Source: Intel Tells Users To Stop Installing Chip Patches
The post Intel Tells Users To Stop Installing Chip Patches appeared first on MondoUnix Read More
2018-01-23 15:03
Source: Hackers Steal Almost 0 Million From ICOs
The post Hackers Steal Almost $400 Million From ICOs appeared first on MondoUnix Read More
2018-01-23 04:51
NEC Univerge SV9100/SV8100 WebPro version 10.0 suffers from a remote configuration download vulnerability. The gzipped telephone system configuration file ‘config.gz’ or ‘c… Read More
2018-01-23 00:02
Blizzard’s agent rpc authentication mechanism is vulnerable to DNS rebinding attacks.
Source: Blizzard Agent RPC Auth DNS Rebinding
The post Blizzard Agent RPC Auth DNS Rebinding appea… Read More
2018-01-22 15:03
Source: Hacker Jailed For DDoS Attacks Against Skype And Google
The post Hacker Jailed For DDoS Attacks Against Skype And Google appeared first on MondoUnix Read More
2018-01-22 15:03
Source: Twitter Begins Emailing The 677,775 Americans Who Took The Russian Election Bait
The post Twitter Begins Emailing The 677,775 Americans Who Took The Russian Election Bait appeared fi… Read More
2018-01-22 15:03
Source: Kim Dotcom Sues New Zealand Government For Damages
The post Kim Dotcom Sues New Zealand Government For Damages appeared first on MondoUnix Read More
2018-01-22 15:03
Source: Smut Site Fingered As Source Of A Million US Net Neutrality Comments
The post Smut Site Fingered As Source Of A Million US Net Neutrality Comments appeared first on MondoUnix Read More
2018-01-20 17:42
Source: Zyklon Password Stealer Exploits Microsoft Vulnerabilities
The post Zyklon Password Stealer Exploits Microsoft Vulnerabilities appeared first on MondoUnix Read More
2018-01-20 17:42
Source: Congress Demanded NSA Spying Reform. Instead, They Let You Down
The post Congress Demanded NSA Spying Reform. Instead, They Let You Down appeared first on MondoUnix Read More
2018-01-20 17:42
Source: EFF, Look Out Uncover Dark Caracal Spy Group
The post EFF, Look Out Uncover Dark Caracal Spy Group appeared first on MondoUnix Read More
2018-01-20 17:42
Source: OnePlus Confirms Hack Exposed Credit Cards Of Phone Buyers
The post OnePlus Confirms Hack Exposed Credit Cards Of Phone Buyers appeared first on MondoUnix Read More
2018-01-20 17:10
CentOS Web Panel version 0.9.8.12 suffers from multiple cross site scripting vulnerabilities.
Source: CentOS Web Panel 0.9.8.12 Cross Site Scripting
The post CentOS Web Panel 0.9.8.12 Cross… Read More
2018-01-20 17:09
Shopware versions 5.2.5 and 5.3 suffer from multiple cross site scripting vulnerabilities.
Source: Shopware 5.2.5 / 5.3 Cross Site Scripting
The post Shopware 5.2.5 / 5.3 Cross Site Scriptin… Read More
2018-01-20 16:58
Agora Project version 3.3.5 suffers from a cross site scripting vulnerability via file uploads.
Source: Agora Project 3.3.5 Cross Site Scripting
The post Agora Project 3.3.5 Cross Site Scrip… Read More
2018-01-19 15:51
This is the first version of a mostly working firmware for the ChameleonMini RevE rebooted device. It compiles without errors or warnings and gives you more or less the same functionality as… Read More
2018-01-19 15:48
Source: Lebanese Government Hackers Hit Thousands Of Victims With Incredibly Simple Campaign
The post Lebanese Government Hackers Hit Thousands Of Victims With Incredibly Simple Campaign app… Read More
2018-01-19 15:48
Source: Apple Sued Over Being Susceptible To Meltdown / Spectre
The post Apple Sued Over Being Susceptible To Meltdown / Spectre appeared first on MondoUnix Read More
2018-01-19 15:48
Source: Dridex Banking Trojan Compromises FTP Sites In New Campaign
The post Dridex Banking Trojan Compromises FTP Sites In New Campaign appeared first on MondoUnix Read More
Subscribe to Mondounix - Unix,linux,freebsd,howto,networking,ip
Get updates delivered right to your inbox!