oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.
8cc553e22aa403c18071155ee5e180fb1bd710886f6f15f922da0aaa5dca8137
oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. AMD version.
5397027feb4eb10becd6278c208e69ca03539812ead0a9ac70d0e090d55ebaad
This Metasploit module exploits a null pointer dereference in XNU to escalate privileges to root. Tested on 10.10.4 and 10.10.5.
96d3d170f08479ec6482a4d97b2fb1ead038f68c3dbe1ed44950f74067f7c452
The bulletin summary for August 2015 has been updated to include an additional out-of-band bulletin, MS15-093, which is being released on August 18, 2015.
8d4c118b872c8a43607397a0cd9410211c9fbfb45ecdb7b8967066fe1ae2ffe8
ModX Revolution version 2.3.5-pl suffers from a reflective cross site scripting vulnerability.
3d152bdf6a33c468ed0fa3c3f2478aaa3e820a7da98eefd3efe8ac2787df02a8
Bolt version 2.2.4 suffers from a code execution vulnerability via shell upload.
e2c1943ef583db95a7975023c3a7c4ab89af5a7177598fe0614687c3b777d362
Phorum version 5.2.19 suffers from open redirection and cross site scripting vulnerabilities.
bc90d6b53c23a8d4bab8948215ef1624906d96091b68d72f6596b40f2820ec1f
FreeBSD Security Advisory - Multiple integer overflows have been discovered in the XML_GetBuffer() function in the expat library.
1bf2e6f9cf139148956ddc5cace6515fc78c0e1fbfbe63d0896601c7485a121a
Trend Micro Deep Discovery version 3.7.1096 suffers from a cross site scripting vulnerability.
a3e789b577fdb673b8f15dfb0d8458a1834af7ce30aced8113ebc24ab4b3e588
Viproy Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.
7adcb6181b4f32dd3c5611997d9af5ccec5f78decd8a67ca1dc7faf38e23b1bc
EMC Documentum Content Server suffers from an arbitrary code execution vulnerability.
c2bedfbc57a00c51150a01873bae989bcc87b6d4e0f981bb7614f0a531896758
EMC Documentum Content Server suffers from a privilege escalation vulnerability.
80285eb669610b3c918abc9181df00a398f6734029af4b07e148e171da2b1654
Ubuntu Security Notice 2715-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).
bf3ca28bbbcae6432767477c246a7ab8c7b6e3f4c1c3d67056ec8a1f50f4db7a
Ubuntu Security Notice 2714-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.
24bf0876b3696004973e8a4934365e0fcd0572279cc90431d46cf940e050bdb7
Ubuntu Security Notice 2713-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.
768774b98eb2a5ba82afbe9b7d50455f736972f9f6e89abc3b4e3cdcc6c8ed0a
Debian Linux Security Advisory 3336-1 - Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library.
c249f65af6b2ddadb404c102b050930cb56b50a78eca79a351276696247fa0de
Red Hat Security Advisory 2015-1636-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd.
7e93f979c50653c313c0d7725efcdfce77a93450f3525440e259a4fdc114f124
Red Hat Security Advisory 2015-1643-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system.
64b56961b11e579c77442a474bfb4e67749b8e972a2bad820f0435bd349ea30c
Red Hat Security Advisory 2015-1641-03 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. A flaw was found in the way the mod_cluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the mod_cluster manager web interface.
618a04df343a2ac0c65ea8ade3b6b0f3b2e9336d31745962e7bb003463c800b8
Red Hat Security Advisory 2015-1642-03 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. A flaw was found in the way the mod_cluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the mod_cluster manager web interface.
872fbaba86f701b849f2c8d43b7e548340d2b293c22880fd130ebf10972bd1f4
Red Hat Security Advisory 2015-1640-01 - Pluggable Authentication Modules provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. It was discovered that the _unix_run_helper_binary() function of PAM's unix_pam module could write to a blocking pipe, possibly causing the function to become unresponsive. An attacker able to supply large passwords to the unix_pam module could use this flaw to enumerate valid user accounts, or cause a denial of service on the system.
1efe4270d8c7dd35ad1ec9516793be94aa0cfaddfbdf7a36b79693761a255168
Debian Linux Security Advisory 3338-1 - Lin Hua Cheng discovered that a session could be created when anonymously accessing the django.contrib.auth.views.logout view. This could allow remote attackers to saturate the session store or cause other users' session records to be evicted.
d0aa6a2bb5cb2cb43926ccc501acf850fb3cf6bd6f887aff3c65bf928931e961
Ubuntu Security Notice 2720-1 - Lin Hua Cheng discovered that Django incorrectly handled the session store. A remote attacker could use this issue to cause the session store to fill up, resulting in a denial of service.
031c9ddf641d1fb4ff7e8ec3f8f43084a5e73d1ebe810e51670ac88180695a65
Debian Linux Security Advisory 3337-1 - Gustavo Grieco discovered a heap overflow in the processing of BMP images which may result in the execution of arbitrary code if a malformed image is opened.
05e0afa9d03681b8d8cfb2ff89b4860f5371bd5d95320bac6826acd16121f4c4
Ubuntu Security Notice 2710-2 - USN-2710-1 fixed vulnerabilities in OpenSSH. The upstream fix for CVE-2015-5600 caused a regression resulting in random authentication failures in non-default configurations. This update fixes the problem.
dbda9e100a46c40bb0ca8616a4fedda0df6557ad341fda067189b0e11d1f3707