nickanderson

2 exploits Active since Jan 2015
CVE-2015-0235 NOMISEC WORKING POC
Exim GHOST (glibc gethostbyname) Buffer Overflow
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
1 stars
CVE-2016-2118 NOMISEC HIGH STUB
Samba 3.6.0-4.2.9, 4.3.0-4.3.7, 4.4.0-4.4.1 - Man-in-the-Middle Protocol Downgrade via DCERPC Connection Tampering
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersonate users by modifying the client-server data stream, aka "BADLOCK."
CVSS 7.5