what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2021-04-15

nfstream 6.2.6
Posted Apr 15, 2021
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Added support for pcapng format. Added pypy3.7 support. Improved error handling. nDPI updated and minor fixes.
tags | tool, python
systems | unix
SHA-256 | d5696dfaabde7f3cff0a0b7283cc85addc4642fd500fafaca647e8710e713d54
Botan C++ Crypto Algorithms Library 2.18.0
Posted Apr 15, 2021
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Changes: Added support for implementing custom RNG objects through the FFI interface. Improved safegcd bounds, improving runtime performance. Fixed a bug introduced in 2.9.0. Added build support for RISC-V 32. Fixes for TLS::Stream::async_shutdown. Fixed a regression introduced in 2.17.0.
tags | library
SHA-256 | cc64852e1e0c5bb30ecd052e4a12d5136125a8ce5c3be2efb6fb061c8677e327
Nagios XI Remote Code Execution
Posted Apr 15, 2021
Authored by Haboob Team, Erik Wynter | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in the /admin/monitoringplugins.php page of Nagios XI versions prior to 5.8.0 when uploading plugins. Successful exploitation allows an authenticated admin user to achieve remote code execution as the apache user by uploading a malicious plugin. Valid credentials for a Nagios XI admin user are required. This module has been successfully tested against Nagios versions XI 5.3.0 and 5.7.5, both running on CentOS 7.

tags | exploit, remote, php, code execution
systems | linux, osx, centos
advisories | CVE-2020-35578
SHA-256 | 1c6d22c62a86e7b5f3dedccebd30589cc4a30d490a6e2f222d47174bbda1bf57
Backdoor.Win32.Zombam.h MVID-2021-0171 Buffer Overflow
Posted Apr 15, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Zombam.h malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | 892b70638400e26e267979e0f292cfd7f54058b251f75cfd7f94fce12762ffdd
Red Hat Security Advisory 2021-1213-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1213-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.

tags | advisory, remote, local
systems | linux, redhat
advisories | CVE-2021-20277
SHA-256 | 284ff076eab057d3e4bac9fa40530e3047879e2080a548821f6bfdc381353930
Red Hat Security Advisory 2021-1214-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1214-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.

tags | advisory, remote, local
systems | linux, redhat
advisories | CVE-2021-20277
SHA-256 | 0e0621b3f308786d9649dfae3f567c97cfba95f2ee28620e9b89b63f499ba287
Red Hat Security Advisory 2021-1206-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1206-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

tags | advisory, kernel, cryptography, protocol, python
systems | linux, redhat
advisories | CVE-2021-20305
SHA-256 | cfc2ddbf194ca98e9bd00034d5a3de9b781c3c4eaf8683beb24a941d9f66d122
Ubuntu Security Notice USN-4913-1
Posted Apr 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4913-1 - It was discovered that Underscore incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-23358
SHA-256 | 4c6a55e29d78dc7260498c3c8540897fb4dd35dc278829d4769947644f086890
Red Hat Security Advisory 2021-1202-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1202-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 12 serves as a replacement for Red Hat JBoss Web Server 3.1.11, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
SHA-256 | d298b486b2c549a8e088e04b05a72ab4f8bb78532a52abbdf79f9a27372b8ca5
Red Hat Security Advisory 2021-1203-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1203-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 12 serves as a replacement for Red Hat JBoss Web Server 3.1.11, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
SHA-256 | 843c4e4bd39cfea0d38677d1be1f38188426a895786673ecc360bd6def6bd3f1
Ubuntu Security Notice USN-4914-1
Posted Apr 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4914-1 - It was discovered that NetworkManager incorrectly handled certain profiles. A local attacker could possibly use this issue to cause NetworkManager to crash, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2021-20297
SHA-256 | 3a10fafa334d7b4791e94ae359e5388456be8b53c9a477b36b4803dc880c6e2b
Red Hat Security Advisory 2021-1201-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1201-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.1.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-23991, CVE-2021-23992, CVE-2021-23993
SHA-256 | 820794c43836fe077b75190ec69858bae073323c74eae7a8f16a6336ebcd5e5e
Red Hat Security Advisory 2021-1200-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1200-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 6 and includes bug fixes and enhancements. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
SHA-256 | 2fbf4efc02ab16310a58ac2156fe73aef5b981f4c04d48622018df68de38a4ee
Red Hat Security Advisory 2021-1199-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1199-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 6 and includes bug fixes and enhancements. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, web, vulnerability
systems | linux, redhat
advisories | CVE-2021-3449, CVE-2021-3450
SHA-256 | 0e48ef5d1c90b0c3e3347e7e3394fcbbb4a23a89d852a417dd2fa1fbe1b32b7d
htmly 2.8.0 Cross Site Scripting
Posted Apr 15, 2021
Authored by nu11secur1ty, G.Dzhankushev

htmly version 2.8.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-30637
SHA-256 | 85e18bc2df9abe646cb059b1f16a9324d21a860943c8bb6dfbcd261cfcf66ba6
Horde Groupware Webmail 5.2.22 Cross Site Scripting
Posted Apr 15, 2021
Authored by nu11secur1ty, Ventsislav Varbanovski, Alex Birnberg

Horde Groupware Webmail version 5.2.22 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-26929
SHA-256 | ac0067ca0ac896cea878797665b7d40d5e0749684dd8782ac6396bcae1757783
Tileserver-gl 3.0.0 Cross Site Scripting
Posted Apr 15, 2021
Authored by Akash Chathoth

Tileserver-gl version 3.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-15500
SHA-256 | 452bc88cc7f504133815bce695ed6927383939d2e4ba2b9e34a545b4a73b91ec
SMASH: Synchronized Many-Sided Rowhammer Attacks From JavaScript
Posted Apr 15, 2021
Authored by Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Pietro Frigo, Emanuele Vannacci, Finn de Ridder

In this paper, the authors show that under realistic assumptions, it is indeed possible to bypass TRR directly from JavaScript, allowing attackers to exploit the resurfaced Rowhammer bug inside the browser. In addition, their analysis reveals new requirements for practical TRR evasion. For instance, they discovered that activating many rows in rapid succession as shown in TRRespass may not always be sufficient to produce bit flips. The scheduling of DRAM accesses also plays an important role.

tags | paper, javascript
SHA-256 | 47dfe422ce30e7bc84f40aade82f759d07d143dca97cf56e443b984812de680a
SMASH Rowhammer Proof Of Concept
Posted Apr 15, 2021
Authored by vusec | Site vusec.net

This is a script to trigger (Rowhammer) bit flips on TRR-enabled DDR4 SDRAM through Firefox. It will only work with THP enabled and after having set the target-specific parameters.

tags | exploit
SHA-256 | e3ccd1bd7189438873b030cfa940e70537dc6e478a0165bb9aa82486581a9aa0
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close