PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
06f8152ab98f7047047cfd24c0cdba016ab6e7f80118be85df70640359b44be7
Ubuntu Security Notice 2674-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.44 in Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 14.10. Ubuntu 15.04 has been updated to MySQL 5.6.25. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
3ef591c09526b46ad31c699ecb5630f391e4fa45fd30ade6cd708d16eaa11052
Counter-Strike version 1.6 GameInfo query reflection denial of service proof of concept exploit.
d88c5d35e07f94e50c9cdb08db697a01e63c1bfaa68fe25c3c562c74dc0ed946
Logstash 1.5.2 and prior versions are vulnerable to a SSL/TLS security issue called the FREAK attack. If you are using the Lumberjack input, FREAK allows an attacker to successfully implement a man in the middle attack, intercepting communication between the Logstash Forwarder agent and Logstash server.
b7135fa3ae882e982da1c97f18565f7476767f2800a6c0cc71e186e95bad5b18
Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.
5d6dadf5864c56f8de66c66088fa68e849d0bff6577865a4f81b6f23112b14f2
Joomla Helpdesk Pro versions prior to 1.4.0 suffers from cross site scripting, local file disclosure, remote file upload, remote SQL injection, and insecure direct object reference vulnerabilities.
9712ee16b62ebd84fa316ca9325157ce4e08bf0486e35985aa2ded84460b3fa7
WordPress Portfolio plugin version 1.0 suffers from a cross site request forgery vulnerability.
bbfb396ecb41eebf274e643cf76d32fbc4d7901ac899120d06b816988c0822c0
Axigen's WebMail Ajax interface implements a view attachment function that executes javascript code that is part of email HTML attachments. This allows a malicious user to craft email messages that could expose an Axigen WebMail Ajax user to cross site scripting or other attacks that rely on arbitrary javascript code running within a trusted domain.
788c7286734125b3725075a14d57b317c04a5fe4c16dd6e4f81e548ed40b5fc8
HP Security Bulletin HPSBMU03380 1 - Multiple potential security vulnerabilities have been identified with HP System Management Homepage (SMH) on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), Cross-site Request Forgery (CSRF), execution of arbitrary code, unauthorized modification, unauthorized access, or disclosure of information. Revision 1 of this advisory.
b24b33b6953298c7dff07ba7ebf547fe10934e4d227a0e52094bde980503367c
tcpdump suffers from a rpki_rtr_pdu_print denial of service vulnerability. Versions affected include 4.6.2, 4.5.1, and 4.4.0.
76f3283d0ab1af6950691a1d53179bcf5061e40fa7a181aa998c1ee2900c4473
Microsoft Word, Excel, and Powerpoint 2007 contain a remote code execution vulnerability because it is possible to reference documents such as Works document (.wps) as HTML. It will process HTML and script code in the context of the local machine zone of Internet Explorer which leads to arbitrary code execution. By persuading users into opening eg. specially crafted .WPS, ".doc ", ".RTF " (with a space at the end) it is possible to trigger the vulnerability and run arbitrary code in the context of the logged on Windows user. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".
80524257f08622d540b1f1a756c7449341987c8dd9213ef86ba1e8b6a1038bf6
Internet Download Manager OLE automation array remote code execution exploit.
9fee27531464c1903e96190b869e185a39b391d09399d36916a4e68518150a8b