Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
67642cf7b806e02daeddd588577588caebddc3426db7904e7999a0b0334a63b5The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
dfc2242dd0b45eeea6bb6c3e3cb772842dcbfce98e5afce33cd63cb3cf00b7e6Red Hat Security Advisory 2016-2076-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. This issue was discovered by David Howells.
6bae7f24e59ae8d9804491e44f28a64f6dba1d6ca0ae8933e059b905c9c951b8Debian Linux Security Advisory 3694-1 - It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service, relay, or authority.
bfd62c5b4a901803c2c5020c4a8936285e28f0df694cd5833649f7079667e5baThis is a custom firmware written for the proxmark3. It extends the currently available firmware (revision 2.3.0) to support brute force attacks against proximity card access control systems. It also contains the new attack vector against newer Mifare Classic tags with the hardend prng.
e5db86cf5a29bc0e82605ee58f1f15795f429cf4899d803bb9d7de3e4037bdedRed Hat Security Advisory 2016-2074-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. This issue was discovered by David Howells.
211ff6324147cd5d6e78cc99ed7c543902711980e783ba11bb9ddb0f06682e31Red Hat Security Advisory 2016-2073-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.
016924697aba2b3c0ed2a4b898dbf325da5ec9106c04351d7f374f3485979f2cRed Hat Security Advisory 2016-2071-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.11 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.11 Release Notes, linked to in the References. Multiple security issues have been addressed.
ad36eab6d193625512bd94f6df20f23a60607c199ab728e8152362ed9051ff72Red Hat Security Advisory 2016-2069-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10. It includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.11 Release Notes, linked to in the References. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 7 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.
90a74be5a92d9f26804f928cecbdaf1f32cc050c7b7188829e6168b51a751d5cRed Hat Security Advisory 2016-2072-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java EE applications. It is based on JBoss Application Server 7 and incorporates multiple open-source projects to provide a complete Java EE platform solution. Security Fix: A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer used to read the uploaded file if the boundary was the typical tens of bytes long.
9ed1b834fb53a506fd1eb1dd9f86980b8ae375e674b25aafe7ab41754eb1c606Red Hat Security Advisory 2016-2068-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10. It includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.11 Release Notes, linked to in the References. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.
9fe5a5fdc0cc4a999a818f305cc5969f3b738a130e4405151c33a7b739fd8923Red Hat Security Advisory 2016-2070-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10. It includes bug fixes and enhancements. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect. Multiple security issues have been addressed.
d7ec988f0ff5ab1d3e9e885d06936c7833554bee0db9963a3e999d0f16bd646eRed Hat Security Advisory 2016-2064-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: It was found that Kubernetes did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.
7ac790d0bd5fd3aa218353b24721f042b3a1d148e74215514320782738a96160Debian Linux Security Advisory 3693-1 - Multiple vulnerabilities have been discovered in the GD Graphics Library, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed.
43a92cb5d9f6e62cc4a4da52fe265bff5e1b879505ae69e8fe593cf9645b422aRed Hat Security Advisory 2016-2067-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 54.0.2840.59. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
b4c042ea70dafe96dddda09fc88b41fb0206273af3adff880b986298dbdcec91Gentoo Linux Security Advisory 201610-8 - Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites allowing remote attackers to remotely execute arbitrary code, obtain information, and cause Denial of Service. Versions less than 1.8.0.102 are affected.
956eaa5520a023dd7135bdf93948e2b66b793db7c1efdc8bc6279d7f28ce2078Pluck CMS version 4.7.3 suffers from an add-page cross site request forgery vulnerability.
df6b9e896c00bd12fbaecd706115beb8416dca68ae5255f3547dc2deed7edd5bWhitepaper discussing cross site scripting vulnerabilities in detail. Written in Turkish.
0a5edee7224d590560558e8d90f331b6b7b80ed28c673bf34787d683f809528a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed