Ubuntu Security Notice 4147-1 - It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup. A physically proximate attacker could use this to cause a denial of service. It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
3a6e4f11022c15fdae9b2f86ea5e517ab1e88fd12af7e490e6b1aa835deb5cf2CA Technologies, a Broadcom Company, is alerting customers to a potential risk with CA Network Flow Analysis. A vulnerability exists that can allow a remote attacker to execute arbitrary commands. CA published a solution to address the vulnerabilities and recommends that all affected customers implement this solution. The vulnerability occurs due to default credentials and a configuration weakness. A malicious actor may use the default credentials and exploit a weakness in the configuration to execute arbitrary commands on the CA Network Flow Analysis server. Versions 9.x and 10.0.x are affected.
a8f4e8e65f778532ff67e151bdf00b3bd45c373dffe3db0912ad2976fbfa9ec9Gitlab Omnibus versions 7.4 through 12.2.1 suffer from a privilege escalation vulnerability that leverages a race condition in logrotate, resulting in a root shell.
ec5a0ad6e611974c35fee35b42232d35320003024968f9c8ab932cae0dd24449There is a logic error in Signal that can cause an incoming call to be answered even if the callee does not pick it up.
3b9a4c627b9644243c268bf86ee703b8a5487f12549034ded884f920a1b96ec3Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.
b552940a14132bcbbd9afdf6476ec615b5a44a6d15f78b2cdc15860fa02bff9aWhatWeb is a next-generation web scanner. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.
d9dd541368c4c251ca5af53fba5cc7e2d70b012d7c4d8f1863a7aba23cd5c619This Metasploit module uploads a payload and declares that it is the debug process to launch when a specified process exits.
a05b3a3b155bf1ca1a257a13df6b2f389b1f88604331b862f002f95fbb2ac668File Sharing Wizard version 1.5.0 with build date 26-8-2008 DELETE SEH buffer overflow exploit.
3cf109c00e523a014a850c2de6ff70867f771db07b0370086324b2b963d463e1Devinim Library Software version 19.0504000 suffers from an open redirection vulnerability.
03a338bfe562a8fc8fc509490801ea92a6df8b1ce994a08ea6e4e49fa7e0e177ParantezTeknoloji Library Software version 16.0519000 suffers from an open redirection vulnerability.
81081f532847e51869b6a024c25058eb5837a70900011b6da1b364a813e143c4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed