1. Zero-Day-Exploit for phpMoAdmin

    Cross post: Also on Github.

    A week ago I read a security alert at 'heise Security' . It's a German IT news site. The article was about someone is selling a Zero-Day-Exploit for phpMoAdmin. Here is another source in English. Because nobody has written an issue or a fix a week later I decided to write all the stuff down I figured out last week.

    At least for the second bug I already found Metasploit scripts. So I decide to publish the exploits as well. Its already all over the Internet.

    Well, the fact that there is a security hole and …


  2. Broken pyvenv in Ubuntu

    Since version 3.3 Python has his own virtual environment build-in. This is extremely useful especially if you like to install development or other specific versions of python libraries without messing with Ubuntu's repository python libs.

    Sadly it is broken in Ubuntu 14.04 and 14.10. If you try:

    sr4l@LARS-Laptop:~$ pyvenv-3.4 myvenv
    Error: Command '['/home/sr4l/myvenv/bin/python3.4', '-Im', 'ensurepip', '--upgrade', '--default-pip']' returned non-zero exit status 1

    You can only use it without pip and later install pip manually. (Bug report)

    With Ubuntu 14.04s Python 3.4 and the newest version of …


Page 1 / 1