Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
7089fcc06d13803fc7ce19fdc49f96183efd797be3a4fdca083240b9b46e1d2fUbuntu Security Notice 5619-1 - It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS.
874eb330e0f797a6a5f345bf829b68bb90c1d9ebe271887d31824c498314f317In the Linux Mali driver, when building with MALI_USE_CSF, the VFS read handler of the main Mali file descriptor (kbase_read()) never looks at its "count" parameter. This means that a simple userspace program that sets up a Mali file descriptor, then calls read(mali_fd, buf, 1), will see read() returning a higher length than requested, and out-of-bounds data in the userspace buffer will be clobbered.
3d801b6f86d2cf6dcafab0fab084495a709669823b168ea8d4eaa15c04e2a64cThe Mali driver frees GPU page tables before removing the higher-level PTEs pointing to those page tables (and, therefore, also before issuing the required flushes). This means a racing memory write instruction on the GPU can write to an attacker-controlled physical address.
b9314770c55b858e1768dc0c89581aba6dcd511b77abe5a7a6849771f7835386Arm Mali has an issue where a driver exposes physical addresses to unprivileged userspace.
0dd6b9f2ab5a6a54b712bd8da62800520f10d77e1129a4be99b021e528de767aOn Mali devices without the new CSF interface, IMPORTED_USER_BUF is released without flushing host-side VMAs, leading to a page use-after-free vulnerability.
51a2923bc823fc6d20b96117084be18b4a15d5a3f49b9f2dc2e04e3c069198a0Backdoor.Win32.Hellza.120 malware suffers from a remote command execution vulnerability.
cdc70328ddf40e49dc5b1f2be3419c1dac2bfb6b0721efd3f3603444e744fbd5Backdoor.Win32.Hellza.120 malware suffers from an authentication bypass vulnerability.
adbd455e6069c90acd875b4a68a6da7ff2670fe9ef0da2ea17802f855cdd6cdaBlink1Control2 version 2.2.7 suffers from a weak password encryption vulnerability.
016360d6db87acaeaab1ede2ba44809cb5e3890462779d685dd3c26fa995a7ffProcessMaker versions prior to 3.5.4 were discovered to be susceptible to a remote privilege escalation vulnerability.
4488144ca6dbc46145755713008b526023b21a1bbfead3548cbfc41eacd84cdaRed Hat Security Advisory 2022-6537-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5. Issues addressed include denial of service and out of bounds read vulnerabilities.
735b783c45f9b58ea138e108a34335ff5637f28e24d124171612b58ece201b35Buffalo TeraStation Network Attached Storage (NAS) version 1.66 suffers from an authentication bypass vulnerability.
b25f9ea485651ddd5fbfd1f367341b3088a792a33c6f34e467614dc44f8f1aeeTrojan.Ransom.Ryuk.A ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. Once loaded the exploit dll will check if the current directory is "C:\Windows\System32" and if not, we grab our process ID and terminate. All basic tests were conducted successfully in a virtual machine environment.
cf8ca0f9491742132b26f99723587a07bd7827506a1fb18e871a77bfbc3b9a62Bookwyrm versions 0.4.3 and below suffer from an authentication bypass vulnerability due to a lack of rate limiting on OTP checks.
01182b49f5094c1c536e28a7cca127e1933e717f4d3a739892d462bc0afce375Trojan-Dropper.Win32.Corty.10 malware suffers from an insecure credential storage vulnerability.
32271f7a5d8be605d0185b7cf8397b7bf3093ad269844c0104016e34a6185027
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed