PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
cc58ba4a1d07ec5ca49f517d759210bafd38a2e39191ea5182044edbd44c94adThis Metasploit module generates a Javascript file that executes arbitrary code when an eval-based unpacker is run on it. Works against js-beautify's P_A_C_K_E_R unpacker.
194f0e7d20b41bd0f60332ef1dde95810fea4f44e8d6390c5cd8dd449d473c9bRed Hat Security Advisory 2015-0246-01 - OpenStack Image service provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. It was discovered that an authenticated user could use a path traversal flaw in glance to download or delete any file on the glance server that is accessible to the glance process user. Note that only setups using the OpenStack Image V2 API were affected by this flaw.
4b10e1f36554d8953a3c5a43c497178ccb04e8fae974d0fddbfa4cf2f159ff12Ubuntu Security Notice 2504-1 - The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.17.4 which includes the latest CA certificate bundle.
9022b804e945f154e3f6d1967e4ffa8b7d7349976e98ce2808681b930e35e1ddphpBugTracker version 1.6.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
80141a2040b6e83e1773fa82844b97f72955d8ce941b04a67be80c1a64d74097HP Security Bulletin HPSBUX03240 SSRT101872 - Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities. Revision 1 of this advisory.
abc2b7afc4f8f47e2bf3872b6662dfd3cbd30f380650ada88bbaf256a29a3160WordPress Easy Social Icons plugin version 1.2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
fd957c35e50224cc064e2cf7276a9291121981439577b9efd85ab12f511589c2Debian Linux Security Advisory 3163-1 - It was discovered that LibreOffice, an office productivity suite, could try to write to invalid memory areas when importing malformed RTF files. This could allow remote attackers to cause a denial of service (crash) or arbitrary code execution via crafted RTF files.
cf591ba3144f2cc4d5e527fce22a32946a8b35589844e3ca830a1e843e8e4c34Debian Linux Security Advisory 3162-1 - Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives "dnssec-validation auto;" (as enabled in the Debian default configuration) or "dnssec-lookaside auto;".
712f536a8bf23bc5f8d33db7a0de53d43e7ac7b83f25eb9aa8ff4b95164b1dd54images suffers from cross site scripting and clickjacking vulnerabilities.
09c4abaa255db0a37a4f9f84e77c05b488e33ba4523376c67742e931a2cd42b2WordPress WooCommerce plugin version 2.2.10 suffers from a cross site scripting vulnerability.
3050b4f52a9bef799cfb09247cc5c4345f9a7d45e75923cfb83f6d4f552d9cffMyBB version 1.8.3 suffers from a cross site scripting vulnerability.
1d47711226472947526b8fac23169ceec888526e58a712734ce421ea17a18d26
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed