exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2016-10-18

Scapy Packet Manipulation Tool 2.3.3
Posted Oct 18, 2016
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Various updates.
tags | tool, scanner, python
systems | unix
SHA-256 | 67642cf7b806e02daeddd588577588caebddc3426db7904e7999a0b0334a63b5
OpenSCAP Libraries 1.2.11
Posted Oct 18, 2016
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Various updates and improvements.
tags | protocol, library
systems | unix
SHA-256 | dfc2242dd0b45eeea6bb6c3e3cb772842dcbfce98e5afce33cd63cb3cf00b7e6
Red Hat Security Advisory 2016-2076-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2076-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. This issue was discovered by David Howells.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-4470
SHA-256 | 6bae7f24e59ae8d9804491e44f28a64f6dba1d6ca0ae8933e059b905c9c951b8
Debian Security Advisory 3694-1
Posted Oct 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3694-1 - It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service, relay, or authority.

tags | advisory, remote
systems | linux, debian
SHA-256 | bfd62c5b4a901803c2c5020c4a8936285e28f0df694cd5833649f7079667e5ba
Proxmark Iceman Fork 1.6.5
Posted Oct 18, 2016
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the proxmark3. It extends the currently available firmware (revision 2.3.0) to support brute force attacks against proximity card access control systems. It also contains the new attack vector against newer Mifare Classic tags with the hardend prng.

Changes: Bug fixes.
tags | tool
systems | unix
SHA-256 | e5db86cf5a29bc0e82605ee58f1f15795f429cf4899d803bb9d7de3e4037bded
Red Hat Security Advisory 2016-2074-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2074-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. This issue was discovered by David Howells.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-4470
SHA-256 | 211ff6324147cd5d6e78cc99ed7c543902711980e783ba11bb9ddb0f06682e31
Red Hat Security Advisory 2016-2073-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2073-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.

tags | advisory, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2842
SHA-256 | 016924697aba2b3c0ed2a4b898dbf325da5ec9106c04351d7f374f3485979f2c
Red Hat Security Advisory 2016-2071-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2071-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.11 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.11 Release Notes, linked to in the References. Multiple security issues have been addressed.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2016-3092
SHA-256 | ad36eab6d193625512bd94f6df20f23a60607c199ab728e8152362ed9051ff72
Red Hat Security Advisory 2016-2069-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2069-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10. It includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.11 Release Notes, linked to in the References. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 7 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2016-3092
SHA-256 | 90a74be5a92d9f26804f928cecbdaf1f32cc050c7b7188829e6168b51a751d5c
Red Hat Security Advisory 2016-2072-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2072-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java EE applications. It is based on JBoss Application Server 7 and incorporates multiple open-source projects to provide a complete Java EE platform solution. Security Fix: A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer used to read the uploaded file if the boundary was the typical tens of bytes long.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2016-3092
SHA-256 | 9ed1b834fb53a506fd1eb1dd9f86980b8ae375e674b25aafe7ab41754eb1c606
Red Hat Security Advisory 2016-2068-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2068-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10. It includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.11 Release Notes, linked to in the References. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2016-3092
SHA-256 | 9fe5a5fdc0cc4a999a818f305cc5969f3b738a130e4405151c33a7b739fd8923
Red Hat Security Advisory 2016-2070-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2070-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10. It includes bug fixes and enhancements. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect. Multiple security issues have been addressed.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2016-3092
SHA-256 | d7ec988f0ff5ab1d3e9e885d06936c7833554bee0db9963a3e999d0f16bd646e
Red Hat Security Advisory 2016-2064-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2064-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: It was found that Kubernetes did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-7075
SHA-256 | 7ac790d0bd5fd3aa218353b24721f042b3a1d148e74215514320782738a96160
Debian Security Advisory 3693-1
Posted Oct 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3693-1 - Multiple vulnerabilities have been discovered in the GD Graphics Library, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-7568
SHA-256 | 43a92cb5d9f6e62cc4a4da52fe265bff5e1b879505ae69e8fe593cf9645b422a
Red Hat Security Advisory 2016-2067-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2067-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 54.0.2840.59. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-5181, CVE-2016-5182, CVE-2016-5183, CVE-2016-5184, CVE-2016-5185, CVE-2016-5186, CVE-2016-5187, CVE-2016-5188, CVE-2016-5189, CVE-2016-5190, CVE-2016-5191, CVE-2016-5192, CVE-2016-5193, CVE-2016-5194
SHA-256 | b4c042ea70dafe96dddda09fc88b41fb0206273af3adff880b986298dbdcec91
Gentoo Linux Security Advisory 201610-08
Posted Oct 18, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201610-8 - Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites allowing remote attackers to remotely execute arbitrary code, obtain information, and cause Denial of Service. Versions less than 1.8.0.102 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475, CVE-2016-0483, CVE-2016-0494, CVE-2016-0603, CVE-2016-0636, CVE-2016-3426, CVE-2016-3458, CVE-2016-3485, CVE-2016-3498, CVE-2016-3500, CVE-2016-3503, CVE-2016-3508, CVE-2016-3511, CVE-2016-3550, CVE-2016-3552, CVE-2016-3587, CVE-2016-3598, CVE-2016-3606, CVE-2016-3610
SHA-256 | 956eaa5520a023dd7135bdf93948e2b66b793db7c1efdc8bc6279d7f28ce2078
Pluck CMS 4.7.3 Add-Page Cross Site Request Forgery
Posted Oct 18, 2016
Authored by Ahsan Tahir

Pluck CMS version 4.7.3 suffers from an add-page cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | df6b9e896c00bd12fbaecd706115beb8416dca68ae5255f3547dc2deed7edd5b
Cross Site Scripting
Posted Oct 18, 2016
Authored by Musa Sana

Whitepaper discussing cross site scripting vulnerabilities in detail. Written in Turkish.

tags | paper, vulnerability, xss
SHA-256 | 0a5edee7224d590560558e8d90f331b6b7b80ed28c673bf34787d683f809528a
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close