what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Recent Files

Files RSS Feed
Zeek 6.0.9
Posted Nov 20, 2024
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: The input framework will no longer get stuck and use 100% of the CPU when encountering lines not immediately terminated by a new line. The Modbus analyzer added some additional protocol checks and should no longer over-match on traffic that's not specifically on port 502.
tags | tool, intrusion detection
systems | unix
Debian Security Advisory 5816-1
Posted Nov 20, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5816-1 - The Qualys Threat Research Unit discovered that libmodule-scandeps-perl, a Perl module to recursively scan Perl code for dependencies, allows an attacker to execute arbitrary shell commands via specially crafted file names.

tags | advisory, arbitrary, shell, perl
systems | linux, debian
Debian Security Advisory 5815-1
Posted Nov 20, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5815-1 - The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable (CVE-2024-48990) or running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable (CVE-2024-48992). Additionally a local attacker can trick needrestart into running a fake Python interpreter (CVE-2024-48991) or cause needrestart to call the Perl module Module::ScanDeps with attacker-controlled files (CVE-2024-11003).

tags | advisory, arbitrary, local, root, perl, vulnerability, python, ruby
systems | linux, debian
Ubuntu Security Notice USN-7123-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7123-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service or possibly expose sensitive information. Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, x86, kernel
systems | linux, ubuntu
Ubuntu Security Notice USN-7121-2
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7121-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
Ubuntu Security Notice USN-7120-2
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7120-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
Ubuntu Security Notice USN-7122-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7122-1 - A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
Ubuntu Security Notice USN-7121-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7121-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
Ubuntu Security Notice USN-7120-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7120-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
Ubuntu Security Notice USN-7119-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7119-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
Ubuntu Security Notice USN-7089-7
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7089-7 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
Ubuntu Security Notice USN-7117-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7117-1 - Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands.

tags | advisory, arbitrary, shell, local, root, perl
systems | linux, ubuntu
Ubuntu Security Notice USN-7115-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7115-1 - It was discovered that Waitress could process follow up requests when receiving a specially crafted message. An attacker could use this issue to have the server process inconsistent client requests. Dylan Jay discovered that Waitress could be lead to write to an unexisting socket after closing the remote connection. An attacker could use this issue to increase resource utilization leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
WordPress Really Simple Security Authentication Bypass
Posted Nov 19, 2024
Authored by Antonio Francesco Sardella | Site github.com

WordPress Really Simple Security plugin versions prior to 9.1.2 proof of concept authentication bypass exploit.

tags | exploit, proof of concept, bypass
Palo Alto PAN-OS Authentication Bypass / Remote Command Execution
Posted Nov 19, 2024
Site github.com

Proof of concept code to exploit an authentication bypass in Palo Alto's PAN-OS that is coupled with remote command execution.

tags | exploit, remote, proof of concept
Ubuntu Security Notice USN-7116-1
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7116-1 - It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated.

tags | advisory, arbitrary, local, python
systems | linux, ubuntu
Ubuntu Security Notice USN-7015-5
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7015-5 - USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2024-6232 and CVE-2024-6923 for python2.7 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. It was discovered that the Python email module incorrectly quoted newlines for email headers. A remote attacker could possibly use this issue to perform header injection. It was discovered that the Python http.cookies module incorrectly handled parsing cookies that contained backslashes for quoted characters. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. It was discovered that the Python zipfile module incorrectly handled certain malformed zip files. A remote attacker could possibly use this issue to cause Python to stop responding, resulting in a denial of service.

tags | advisory, remote, web, denial of service, vulnerability, python
systems | linux, ubuntu
Ubuntu Security Notice USN-7114-1
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7114-1 - It was discovered that Glib incorrectly handled certain trailing characters. An attacker could possibly use this issue to cause a crash or other undefined behavior.

tags | advisory
systems | linux, ubuntu
Ubuntu Security Notice USN-7104-1
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7104-1 - It was discovered that curl could overwrite the HSTS expiry of the parent domain with the subdomain's HSTS entry. This could lead to curl switching back to insecure HTTP earlier than otherwise intended, resulting in information exposure.

tags | advisory, web
systems | linux, ubuntu
Ubuntu Security Notice USN-7113-1
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7113-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
Cable .NET Post Exploitation Tool
Posted Nov 18, 2024
Site github.com

Cable is a simple post-exploitation tool used for enumeration and further exploitation of Active Directory environments. This tool was primarily created to learn more about .NET offensive development in an Active Directory context.

tags | tool, scanner
systems | unix
Pyload Remote Code Execution
Posted Nov 18, 2024
Authored by Spencer McIntyre, jheysel-r7 | Site metasploit.com

CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape the sandbox, bypass pyimport restrictions and execute arbitrary commands on the host. At the time of this writing no patch has been released and version 0.74 is the latest version of js2py which was released Nov 6, 2022. CVE-2024-39205 is a remote code execution vulnerability in Pyload versions 0.5.0b3.dev85 and below. It is an open-source download manager designed to automate file downloads from various online sources. Pyload is vulnerable because it exposes the vulnerable js2py functionality mentioned above on the /flash/addcrypted2 API endpoint. This endpoint was designed to only accept connections from localhost but by manipulating the HOST header we can bypass this restriction in order to access the API to achieve unauthenticated remote code execution.

tags | exploit, remote, arbitrary, javascript, code execution, python
Gentoo Linux Security Advisory 202411-09
Posted Nov 18, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202411-9 - Multiple vulnerabilities have been discovered in Perl, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 5.38.2 are affected.

tags | advisory, arbitrary, perl, vulnerability, code execution
systems | linux, gentoo
Gentoo Linux Security Advisory 202411-08
Posted Nov 18, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202411-8 - A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation. Versions greater than or equal to 21.1.14 are affected.

tags | advisory
systems | linux, gentoo
Gentoo Linux Security Advisory 202411-07
Posted Nov 18, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202411-7 - A vulnerability has been discovered in Pillow, which may lead to arbitrary code execution. Versions greater than or equal to 10.3.0 are affected.

tags | advisory, arbitrary, code execution
systems | linux, gentoo
View Older Files →

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close