Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
39ee855b889b766abd408da29285dfb2414d959de62384a8076a9dcd406a8c59pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.
75b14da0889ae1ac5b01caf8b302bd7818ea4819dce8a42f776d3190c4e57cfcPiwik versions 2.14.3 and below suffer from a PHP object injection vulnerability that can lead to remote code execution.
84f13b541beeab5027a0a0d132f9bddd2aec51f57b18ea61539b18dec408924dPiwik version 2.14.3 and below suffer from a local file inclusion vulnerability.
eee59dc36374f91dced40b4ea48194596072b837658dfbeccc53d0849c0265bdATutor versions 2.2 and below suffer from a remote php code injection vulnerability.
d68f51a39b755fe477331334371a85a9867f5564885f7740eefbf41a2c9a3341ATutor versions 2.2 and below suffer from a cross site scripting vulnerability.
3f019a580730a65969fb1ee296eee1f664af50dc8c239571889044cbaa6c68b0ATutor versions 2.2 and below suffer from a session variable overloading vulnerability.
fbaac07ae5c801f3305296ae4796cdbada7788e75ace0989665efa6ffddd79c9ATutor versions 2.2 and below suffer from a remote unrestricted file upload vulnerability.
bfe91d27b6015c2947337a14fd42a2923a402b9ed2d98972883b08ff15515b82Debian Linux Security Advisory 3392-1 - Pengsu Cheng discovered that FreeImage, a library for graphic image formats, contained multiple integer underflows that could lead to a supplying a specially crafted image.
328a24fc90ff18e57777051fb27679ae0846b8c78a04b247dbf46133e987ddafRed Hat Security Advisory 2015-1979-01 - Libreswan is an implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network. A flaw was discovered in the way Libreswan's IKE daemon processed IKE KE payloads. A remote attacker could send specially crafted IKE payload with a KE payload of g^x=0 that, when processed, would lead to a denial of service.
c4ef5d5e98ea05e4162dd1abca2ad94903c0693fb44a6e8659bf31040833f8adHP Security Bulletin HPSBGN03429 2 - A potential security vulnerability has been identified with HP ArcSight Logger. The vulnerability could be exploited remotely to disclose information. Revision 2 of this advisory.
7e143916fd95a1f5f6f7a30683c940f5c3a75a13e4c891d03f3eb5c576b24421HP Security Bulletin HPSBGN03425 1 - Potential security vulnerabilities have been identified with HP ArcSight SmartConnectors. The vulnerabilities could be exploited remotely to allow disclosure of information, and locally to allow escalation of privilege. Revision 1 of this advisory.
d185e1311a60d6b1efcf9fca11dc07b4f80b224e2e6dab2ae50a7dbebb2ba2b9HP Security Bulletin HPSBGN03430 1 - A potential security vulnerability has been identified with ArcSight Management Center ArcSight Connector Appliance ArcSight Logger and ArcSight SmartConnectors. The vulnerability could be exploited locally to allow elevation of privilege. Revision 1 of this advisory.
0c174547eba3a29394d9d77caf037b72cfce173b0f10f694a7038cf179a2107fDebian Linux Security Advisory 3391-1 - It was discovered that the web-based administration interface in the Horde Application Framework did not guard against Cross-Site Request Forgery (CSRF) attacks. As a result, other, malicious web pages could cause Horde applications to perform actions as the Horde user.
7b0449aeb438d86ed9fb2eb9e25f03de6c12c9caea89e9f2f3c25c930fafc62cHP Security Bulletin HPSBGN03386 2 - A potential security vulnerability has been identified with HP Central View Fraud Risk Management, Revenue Leakage Control, Dealer Performance Audit, Credit Risk Control, Roaming Fraud Control, and Subscription Fraud Prevention. The vulnerabilities could be exploited remotely and locally to allow disclosure of information. Revision 2 of this advisory.
818616fc58299ce143b95a677295451675ec749d8a69e78f8215814226f33e66Red Hat Security Advisory 2015-1981-01 - Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library.
f218558d94300f2eeece5fe28759616cde41313ce2bbebe7fd77469b034c87e4Red Hat Security Advisory 2015-1980-01 - Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library.
8cfcb360352e3c75f30ec51f7bbd0be2d86035b626fb9ea84115b65545e233f8Red Hat Security Advisory 2015-1982-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A same-origin policy bypass flaw was found in the way Firefox handled certain cross-origin resource sharing requests. A web page containing malicious content could cause Firefox to disclose sensitive information.
164cfc25fcbcb95177b28bd0255dd76614f43bca1107e6c9c88faf3ed9f9817aHeap-based out-of-bounds memory reads have been encountered in FreeType in the handling of the cmap (format 14) SFNT table.
4cc28eefc46be2738c81144ca33a6055d4ab76ccdeceae4e05be56bbd4b23b5fUbuntu Security Notice 2789-1 - It was discovered that XScreenSaver incorrectly handled unplugging an external monitor. An attacker with physical access could use this flaw to gain access to a locked session.
2eab6002cec84e83ce2e1c3b9bd663af9e266e68fe847bf26170404597ff9383Red Hat Security Advisory 2015-1978-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system. A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system.
95ba0b2540e545687ca7ffa0c2bd118350125ef3544bf11a30ae45e346981005Red Hat Security Advisory 2015-1976-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system.
a655bd67f643a6c78e1d5311abeb8f803d4ece799c757b5b714ccddd829f73e2Red Hat Security Advisory 2015-1977-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system. A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system.
8e2c39b28aabf6afdf43ad9ade18b9ba283b85ecb5d756f6d46bdd9dfbe299c1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed