Exploit the possiblities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2016-10-18

Scapy Packet Manipulation Tool 2.3.3
Posted Oct 18, 2016
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Various updates.
tags | tool, scanner, python
systems | unix
MD5 | 336d6832110efcf79ad30c9856ef5842
OpenSCAP Libraries 1.2.11
Posted Oct 18, 2016
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Various updates and improvements.
tags | protocol, library
systems | unix
MD5 | 4cac5357617aa94fa697a8ddaedf8860
Red Hat Security Advisory 2016-2076-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2076-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. This issue was discovered by David Howells.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-4470
MD5 | a7564fb33c87028151146ab8ed0c09bc
Debian Security Advisory 3694-1
Posted Oct 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3694-1 - It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service, relay, or authority.

tags | advisory, remote
systems | linux, debian
MD5 | 24eb0282b20a4a763535cdd4aa55adf3
Proxmark Iceman Fork 1.6.5
Posted Oct 18, 2016
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the proxmark3. It extends the currently available firmware (revision 2.3.0) to support brute force attacks against proximity card access control systems. It also contains the new attack vector against newer Mifare Classic tags with the hardend prng.

Changes: Bug fixes.
tags | tool
systems | unix
MD5 | 967b48c5dc989311a75e97ca4ba947e9
Red Hat Security Advisory 2016-2074-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2074-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. This issue was discovered by David Howells.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-4470
MD5 | 92491ea11fe574bdbd8e30cfeee1e07e
Red Hat Security Advisory 2016-2073-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2073-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.

tags | advisory, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2842
MD5 | cd7ac945ed5a0a668c9947cebcef2660
Red Hat Security Advisory 2016-2071-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2071-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.11 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.11 Release Notes, linked to in the References. Multiple security issues have been addressed.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2016-3092
MD5 | 99ad3eb8a0370924c7714c9fcbcced65
Red Hat Security Advisory 2016-2069-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2069-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10. It includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.11 Release Notes, linked to in the References. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 7 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2016-3092
MD5 | 94189f65fcafa34a77e62a001990498c
Red Hat Security Advisory 2016-2072-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2072-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java EE applications. It is based on JBoss Application Server 7 and incorporates multiple open-source projects to provide a complete Java EE platform solution. Security Fix: A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer used to read the uploaded file if the boundary was the typical tens of bytes long.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2016-3092
MD5 | 7a1fbe32c0560fdf08660e23cb5c260c
Red Hat Security Advisory 2016-2068-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2068-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10. It includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.11 Release Notes, linked to in the References. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2016-3092
MD5 | e53cb09c5fd1465ff23a7241e3f32c66
Red Hat Security Advisory 2016-2070-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2070-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.10. It includes bug fixes and enhancements. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect. Multiple security issues have been addressed.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2016-3092
MD5 | b367fcbaee905ff8a09a86498f8af5cb
Red Hat Security Advisory 2016-2064-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2064-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: It was found that Kubernetes did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-7075
MD5 | 8c9b054a3771a37178a19ffbf97cc51c
Debian Security Advisory 3693-1
Posted Oct 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3693-1 - Multiple vulnerabilities have been discovered in the GD Graphics Library, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-7568
MD5 | c72ae7abba5fc5686d76eb807727506b
Red Hat Security Advisory 2016-2067-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2067-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 54.0.2840.59. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-5181, CVE-2016-5182, CVE-2016-5183, CVE-2016-5184, CVE-2016-5185, CVE-2016-5186, CVE-2016-5187, CVE-2016-5188, CVE-2016-5189, CVE-2016-5190, CVE-2016-5191, CVE-2016-5192, CVE-2016-5193, CVE-2016-5194
MD5 | 73f482c872bbd5247961f998498ee299
Gentoo Linux Security Advisory 201610-08
Posted Oct 18, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201610-8 - Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites allowing remote attackers to remotely execute arbitrary code, obtain information, and cause Denial of Service. Versions less than 1.8.0.102 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475, CVE-2016-0483, CVE-2016-0494, CVE-2016-0603, CVE-2016-0636, CVE-2016-3426, CVE-2016-3458, CVE-2016-3485, CVE-2016-3498, CVE-2016-3500, CVE-2016-3503, CVE-2016-3508, CVE-2016-3511, CVE-2016-3550, CVE-2016-3552, CVE-2016-3587, CVE-2016-3598, CVE-2016-3606, CVE-2016-3610
MD5 | 68f81b23992f7615cc228361a2745353
Pluck CMS 4.7.3 Add-Page Cross Site Request Forgery
Posted Oct 18, 2016
Authored by Ahsan Tahir

Pluck CMS version 4.7.3 suffers from an add-page cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | c5b1b9abd53a8a863921a282148cb385
Cross Site Scripting
Posted Oct 18, 2016
Authored by Musa Sana

Whitepaper discussing cross site scripting vulnerabilities in detail. Written in Turkish.

tags | paper, vulnerability, xss
MD5 | ec75d896e6da36b46c3f7e37292469f8
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    28 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close