Showing 1 - 9 of 9

Files Date: 2020-11-28

Apache NiFi API Remote Code Execution: Posted Nov 28, 2020; Authored by Graeme Robinson | Site metasploit.com; This Metasploit module uses the NiFi API to create an ExecuteProcess processor that will execute OS commands. The API must be unsecured (or credentials provided) and the ExecuteProcess processor must be available. An ExecuteProcessor processor is created then is configured with the payload and started. The processor is then stopped and deleted.; tags | exploit; MD5 | 7f93306aa6b4030f2a6b69fe4206bed0; Download | Favorite | View

nfstream 6.2.5: Posted Nov 28, 2020; Authored by Zied Aouini | Site github.com; nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.; Changes: Patch for minimal truncated UDP raw pcap handling.; tags | tool, python; systems | unix; MD5 | 0d6f828e5d67ceee7e7066e81c9b9078; Download | Favorite | View

Ubuntu Security Notice USN-4646-2: Posted Nov 28, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4646-2 - USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871 introduced a regression causing certain applications linked against poppler to fail. This update backs out the fix pending further investigation. It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. Various other issues were also addressed.; tags | advisory, denial of service, vulnerability; systems | linux, ubuntu; MD5 | 0b505ce3fcb8bc020d54095819e940fa; Download | Favorite | View

Ubuntu Security Notice USN-4649-1: Posted Nov 28, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4649-1 - Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2020-27748; MD5 | 595ba1096ac8463cb7b849752a0852e7; Download | Favorite | View

Weaponize GhostWriting Injection - Code Injection Series Part 5: Posted Nov 28, 2020; Authored by Emeric Nasi; Whitepaper called Weaponize GhostWriting Injection. This is part 5 of a 5 part series of papers.; tags | paper; MD5 | 791ee7b58343b261e98e514c5986c656; Download | Favorite | View

Disable Dynamic Code Mitigation (ACG) - Code Injection Series Part 4: Posted Nov 28, 2020; Authored by Emeric Nasi; Whitepaper called Disable Dynamic Code Mitigation (ACG). This is part 4 of a 5 part series of papers.; tags | paper; MD5 | 0e3e2706f39d2d7d4d94ea738b8ad433; Download | Favorite | View

Exploit WNF Callback - Code Injection Series Part 3: Posted Nov 28, 2020; Authored by Emeric Nasi; Whitepaper called Exploit WNF Callback. This is part 3 of a 5 part series of papers.; tags | paper; MD5 | de2d2611ba5a65fae0e9b4d906265a18; Download | Favorite | View

Bypass Start Address Protection - Code Injection Series Part 2: Posted Nov 28, 2020; Authored by Emeric Nasi; Whitepaper called Bypass Start Address Protection. This is part 2 of a 5 part series of papers.; tags | paper; MD5 | 568ae61a93a997dbd2cec3b699088933; Download | Favorite | View

Process PE Injection Basics - Code Injection Series Part 1: Posted Nov 28, 2020; Authored by Emeric Nasi; Whitepaper called Process PE Injection Basics. This is part 1 of a 5 part series of papers.; tags | paper; MD5 | d6c3819eba87765c193f47df3826d9c2; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days