Red Hat Security Advisory 2016-1034-01 – Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Security Fix: It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container.
Monthly Archives: May 2016
Debian Security Advisory 3575-1
Debian Linux Security Advisory 3575-1 – It was discovered that XStream, a Java library to serialize objects to XML and back again, was susceptible to XML External Entity attacks.
Webshell for IIS
Posted by Savio Bot on May 13
Hi All,
I have written webshell which works on latest IIS. I didnt find any working
webshell for IIS 8 on public domain.
The code is very dirty but any feedback will be great.
https://gist.github.com/saveeoo/a8af827510df085f7f1c83208a898098
Regards,
savio
Re: Skype Phishing Attack
Posted by Reindl Harald on May 13
oh no – please don’t post each and every phishing attack on FD becasue
then we would see nothing else when mailadmins start to do the same
Am 11.05.2016 um 22:57 schrieb Danny Kopping:
Re: Skype Phishing Attack
Posted by Wim Remes on May 13
I think MSRC was on the money on this one.
runAV mod_security Remote Command Execution
Posted by Rio Sherri on May 13
# Title : runAV mod_security Remote Command Execution
# Date : 13/05/2016
# Author : R-73eN
# Tested on : mod_security with runAV Linux 4.2.0-30-generic #36-Ubuntu SMP
Fri Feb 26 00:57:19 UTC 2016 i686 i686 i686 GNU/Linux
# Software :
https://github.com/SpiderLabs/owasp-modsecurity-crs/tree/master/util/av-scanning/runAV
# Vendor : https://www.modsecurity.org/
# https://www.infogen.al/
# Title : runAV mod_security Remote Command Execution
# Date :…
FTP JCL Execution
FTP JCL execution exploit. Requires valid credentials to the target system.
CVE-2014-9742
The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group.
CVE-2015-5726
The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.
CVE-2015-5727 (botan, debian_linux)
The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.