CVE Hot news Weekly news WORLD

Roaming Mantis, part IV

Mobile config for Apple phishing, and re-spreading an updated malicious APK (MoqHao/XLoader) By GReAT on April 3, 2019. 4:30 pm One year has passed since we published the first blogpost about the Roaming Mantis campaign on securelist.com, and this February we detected new activities by the group. This blogpost is follow up on our earlier […]

Linux TIPS WORLD

Instainsane – Multi-threaded Instagram Brute Forcer

Instainsane is a Shell Script to perform multi-threaded brute force attack against Instagram, this script can bypass login limiting and it can test infinite number of passwords with a rate of about 1000 passwords/min with 100 attemps at once.Legal disclaimer:Usage of InstaInsane for attacking targets without prior mutual consent is illegal. It’s the end user’s […]

CVE VULNERABILITIES

Vuln: Xen HLE Constructs Denial of Service Vulnerability

Xen HLE Constructs Denial of Service Vulnerability Bugtraq ID: 105954 Class: Failure to Handle Exceptional Conditions CVE: CVE-2018-19967 Remote: No Local: No Published: Nov 06 2018 12:00AM Updated: Apr 03 2019 12:00PM Credit: None Vulnerable: XenSource Xen 0Citrix XenServer 7.6Citrix XenServer 7.5Citrix XenServer 7.1 LTSR CU1Citrix XenServer 7.0 Not Vulnerable:

CVE VULNERABILITIES

Vuln: Xen Multiple Privilege Escalation and Denial of Service Vulnerabilities

Xen Multiple Privilege Escalation and Denial of Service Vulnerabilities Bugtraq ID: 106182 Class: Design Error CVE: CVE-2018-19962CVE-2018-19963CVE-2018-19964CVE-2018-19965CVE-2018-19966CVE-2018-19961 Remote: Yes Local: No Published: Dec 07 2018 12:00AM Updated: Apr 03 2019 12:00PM Credit: Paul Durrant, Matthew Daley, Julien Grall, the security team of Prgmr.com. Vulnerable: Xen Xen 4.11Xen Xen 4.10.2Xen Xen 4.9.3Xen Xen 4.8.4Xen Xen 4.0.4Xen […]

CVE VULNERABILITIES

Vuln: Citrix XenServer Multiple Security Vulnerabilities

Bugtraq ID: 102129 Class: Unknown CVE: CVE-2017-15592CVE-2017-17045CVE-2017-7980 Remote: No Local: Yes Published: Dec 01 2017 12:00AM Updated: Apr 03 2019 11:00AM Credit: The vendor reported this issue. Vulnerable: Citrix XenServer 6.0.2Citrix XenServer 7.2Citrix XenServer 7.1 LTSR CU1Citrix XenServer 7.1Citrix XenServer 7.0Citrix XenServer 6.5Citrix XenServer 6.2 Not Vulnerable: Citrix XenServer 6.0.2 Common CriteriaCitrix XenServer 6.5 Service […]

CVE VULNERABILITIES

Vuln: Xen CVE-2017-17044 Denial of Service Vulnerability

Bugtraq ID: 102008 Class: Failure to Handle Exceptional Conditions CVE: CVE-2017-17044 Remote: Yes Local: No Published: Nov 28 2017 12:00AM Updated: Apr 03 2019 11:00AM Credit: Julien Grall of Linaro Vulnerable: Xen Xen 4.9Xen Xen 4.8Xen Xen 4.7Xen Xen 4.6Xen Xen 4.6.3Xen Xen 4.5.3Xen Xen 4.5.0Xen Xen 3.4.4Xen Xen 3.4.3Xen Xen 3.4.2Xen Xen 3.4.1Citrix XenServer […]

0-day TIPS

Hacking College Admissions

Getting into college is one of the more stressful time of a high school student’s life. Since the admissions process can be quite subjective, students have to consider a variety of factors to convince the admissions officers that “they’re the one”. Some families do as much as they can to improve their chances – even […]

TIPS WORLD

Evillimiter – Limits Bandwidth Of Devices On The Same Network

A tool to limit the bandwidth (upload/download) of devices connected to your network without physical or administrative access.evillimiter employs ARP spoofing and traffic shaping to throttle the bandwidth of hosts on the network. This is explained in detail below.Requirements Linux distribution Python 3 or greater Possibly missing python packages will be installed during the installation […]

TIPS WORLD

Osmedeus – Fully Automated Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Osmedeus allow you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to useIf you have no idea what are you doing just type the command below or check out the Advance Usage ./osmedeus.py -t example.com Installation git clone https://github.com/j3ssie/Osmedeuscd Osmedeus./install.sh This install only focus on Kali linux, […]

CVE VULNERABILITIES

Vuln: Siemens SCALANCE X switches CVE-2019-6569 Security Weakness

Siemens SCALANCE X switches CVE-2019-6569 Security Weakness Bugtraq ID: 107465 Class: Design Error CVE: CVE-2019-6569 Remote: Yes Local: No Published: Mar 12 2019 12:00AM Updated: Mar 12 2019 12:00AM Credit: The vendor reported this issue. Vulnerable: Siemens Scalance Xf-200 –Siemens SCALANCE XC-200 3.0Siemens Scalance X-300 0Siemens SCALANCE X-200 0Siemens SCALANCE XP-200 3.0 Not Vulnerable: Siemens […]