tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.
2b83364eef53b63ca3181b4eb56dab0cWordPress versions 4.7.0 and 4.7.1 unauthenticated content injection and arbitrary code execution exploit.
9b423351fc845e3ccf431d3883a48a82Zoneminder versions 1.29 and 1.30 suffer from cross site request forgery, cross site scripting, session fixation, and remote SQL injection vulnerabilities.
d9a6dc50b238332944dc1fdc3284194fGhostscript version 9.20 suffers from a local command execution vulnerability due to trusting unsanitized filenames.
53e546b182080ed24aab6da890276a43Red Hat Security Advisory 2017-0238-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.7.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
bfb297226ef68bc6f22a88b481462ebcWordPress versions 4.7.0 and 4.7.1 unauthenticated content injection proof of concept exploit.
03139864fb5787e9961aca601390dcc2Microsoft Windows 10 SMBv3 tree connect proof of concept exploit.
9c6a3b717fefb0568bc92f9e4261b766129 bytes small Linux multi/dual mode reverse shell shellcode.
54e23ca8ff9c6f051550dc5b3c24c7a1Android suffers from an RKP related memory corruption vulnerability in rkp_set_init_page_ro.
e9ced71e9d2e9e92f8f0acc93031a2bcWordPress versions 4.7.0 and 4.7.1 REST API post privilege escalation and defacement exploit. Originally vulnerability discovered by Sucuri's research team.
0bf4eb01dd13b6e3105ee9871200769aEMC Network Configuration Manager (NCM) versions 9.3.x, 9.4.0.x, 9.4.1.x, and 9.4.2.x suffer from code execution and improper authentication vulnerabilities.
15ac4a0e323c73db45b8f3bd82e1438bUbuntu Security Notice 3185-1 - It was discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could use this issue to cause libXpm to crash, resulting in a denial of service, or possibly execute arbitrary code.
a8b866a5d3ce24fa9db453dd25b805e5Ubuntu Security Notice 3183-1 - Stefan Buehler discovered that GnuTLS incorrectly verified the serial length of OCSP responses. A remote attacker could possibly use this issue to bypass certain certificate validation measures. This issue only applied to Ubuntu 16.04 LTS. Shi Lei discovered that GnuTLS incorrectly handled certain warning alerts. A remote attacker could possibly use this issue to cause GnuTLS to hang, resulting in a denial of service. This issue has only been addressed in Ubuntu 16.04 LTS and Ubuntu 16.10. Various other issues were also addressed.
2cc5efe59d2477e19930f66c4a862855Ubuntu Security Notice 3184-1 - It was discovered that the Irssi buf.pl script set incorrect permissions. A local attacker could use this issue to retrieve another user's window contents. Joseph Bisch discovered that Irssi incorrectly handled comparing nicks. A remote attacker could use this issue to cause Irssi to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Irssi incorrectly handled invalid nick messages. A remote attacker could use this issue to cause Irssi to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
145a67b6d0aa3611c29b2f3e9defc831Ubuntu Security Notice 3186-1 - It was discovered that iucode-tool incorrectly handled certain microcodes when using the -tr loader. If a user were tricked into processing a specially crafted microcode, a remote attacker could use this issue to cause iucode-tool to crash, resulting in a denial of service, or possibly execute arbitrary code.
82c40c8c23f48d1e3113f11b4144a885HP Security Bulletin HPSBST03588 1 - A potential security vulnerability has been identified in HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS. The vulnerability could be remotely exploited resulting in arbitrary command execution. Revision 1 of this advisory.
bf0559b742099284a29a54e3359b8f4bCisco Security Advisory - A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication. An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
f5338e30e3ad4b926849dfe222bde208Ubuntu Security Notice 3182-1 - Jann Horn discovered that NTFS-3G incorrectly filtered environment variables when using the modprobe utility. A local attacker could possibly use this issue to load arbitrary kernel modules.
e63f80598199765045623b4fa7fb6622Red Hat Security Advisory 2017-0226-01 - RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable implementation of an AMQP broker. Security Fix: A resource-consumption flaw was found in RabbitMQ Server, where the lengths_age or lengths_incr parameters were not validated in the management plugin. Remote, authenticated users with certain privileges could exploit this flaw to cause a denial of service by passing values which were too large.
a8492eabe85e29081d083743011b67ceDebian Linux Security Advisory 3779-1 - Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to hijack victims' credentials, access sensitive information, execute arbitrary commands, bypass read and post restrictions, or mount denial-of-service attacks.
e2b98373a3d26468cd106c9d01bf69f2Bitrix Site Manager suffers from a cross site scripting vulnerability.
bc7fc3eff843745c2196d4e079376fecProperty Listing Script suffers from a remote blind SQL injection vulnerability.
b0d4229e19850796218bfe9855953ae4LogoStore suffers from a remote SQL injection vulnerability.
aa0a9b60182ccf49f6731ffc43d04763
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed