Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.
0fb2a78a07300d6178cc2e68ad5715edb8d213245d8509245b45509940185e53Gentoo Linux Security Advisory 201604-5 - Multiple vulnerabilities have been found in Wireshark, allowing local attackers to escalate privileges and remote attackers to cause Denial of Service. Versions less than 2.0.2 are affected.
47c27f7b141d8adbd823f87858b411cdfffec11eca51c078a83801330b01f327Gentoo Linux Security Advisory 201604-4 - Multiple vulnerabilities have been found in libksba, allowing a possible Denial of Service and unspecified other vectors through integer overflows. Versions less than 1.3.3 are affected.
587f8290d7f59a6381f09f79c51e4030da53894406450164050f164167b8ec2aDebian Linux Security Advisory 3558-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure.
3a563a5fef3ea78c6851cadc6b390e4903b99b2a6842fde118c05fd922d5b727Red Hat Security Advisory 2016-0695-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.1.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
438add94dab646ed2426c1c033bfeaf4fdc37d12f17ae6c15284a7848e3231d7Debian Linux Security Advisory 3557-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.49.
46eba16e731a5ce8cd707967340d95e67db7cdd513b9f1bb48a259a6ef3f14e5VoipNow version 4.0.1 suffers from script insertion vulnerabilities.
03f60bcbb2e812664fd02e7f5aad5865f9811f053e4ea7cae9e0ac16d08eb954Pcapteller is a tool designed for simple traffic manipulation and replay. The tool allows you to recreate a recorded network traffic scenario that occurred in a foreign network, as it really happened in yours. Basically, the tool reads network packets from a PCAP file, and it replaces a given IP address with one that fits your needs. Afterwards, the manipulated packets are injected into the network. The tool is useful if you want to recreate scenarios where computer attacks or malware infections occurred. Using such scenarios as a base, Pcapteller will make it look like everything is really happening in your network. Pcapteller can help you improving your blue team's network security monitoring skills, or creating network decoys during red team operations.
ad183da73d3b2f41bd48ee1ce37d4b720a4026ff343ba052681d5c12e810a62bAnsvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
9d07e5503f96d0d3de861f3ec9ee443ac994d001041bc322b99a98cdf16c1d48A vulnerability exists for Gemtek CPE7000 model ID WLTCS-106 exposing Iperf tool to unauthenticated users. Injecting a command in the perf_measure_server_ip parameter, an attacker can execute arbitrary commands. Since the service runs as root, the remote command execution has the same administrative privileges. The remote shell is obtained uploading the payload and executing it. A reverse shell is preferred rather then a bind one, since firewall won't allow (by default) incoming connections. Tested on Hardware version V02A and Firmware version 01.01.02.082.
46cb65000b542aa82162870f00d5dc85d65f04b83be0846b89ed193e6c3a6c0bA vulnerability exists for Gemtek CPE7000 model ID WLTCS-106 which allows unauthenticated remote attackers to retrieve a valid Administrative SID.
b4280a001436ff85b0ae7737bade7383e9b0bd2426d3bfe6ca6176ba8464b94fHP Security Bulletin HPSBGN03582 1 - HPE Helion CloudSystem addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
26439f2e50832858fd5b35b5b17ec68209e8fbe1597c3cfba78e2bd761d45067Ubuntu Security Notice 2954-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.
05f40994744779c4bf1ed946ccd0cc1e06d25f601405ee6115dddf0e2db83a9fStegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
efd7e78a3c124b89cbd1557b38690de19b7b67311abc40ecd096950a00200a33Yasr console screen reader version 0.6.9-5 proof of concept buffer overflow exploit.
b13efe4490faed9031907233af99ea83b8ee18e36470b5ebdb9b4e3e3de1c43e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed