tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.
eae98121cbb1c9adbedd9a777bf2eae9fa1c1c676424a54740311c8abcee5a5eWordPress versions 4.7.0 and 4.7.1 unauthenticated content injection and arbitrary code execution exploit.
232e4017e6444aa64706da95f3acbbd009ec70edd74978bac9795aa0ad3aaca5Zoneminder versions 1.29 and 1.30 suffer from cross site request forgery, cross site scripting, session fixation, and remote SQL injection vulnerabilities.
04dd869096df8857a51976f38fb0764055eba720300d412a999ef376fb6081d5Ghostscript version 9.20 suffers from a local command execution vulnerability due to trusting unsanitized filenames.
cd512def089ae039535a0ff91f2847be846b37050c9ff6cfa421fe512d16bba9Red Hat Security Advisory 2017-0238-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.7.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
02cc3271b41418bdf6c452b3df794dca967b430e36eedfeb0186983ce94f3c2dWordPress versions 4.7.0 and 4.7.1 unauthenticated content injection proof of concept exploit.
a85d2d596c6cdf62b7ccf464b4ae1844c836271401326bfa305b721c24235129Microsoft Windows 10 SMBv3 tree connect proof of concept exploit.
343da4ee047ee5f258a982c57d4135b6f38f56c8423e847bc62819ca100b5eaa129 bytes small Linux multi/dual mode reverse shell shellcode.
8ebb0b251f9768ff93502f0d5f19bb8a0d5493ef5ee14002fd92ec841d336a2cAndroid suffers from an RKP related memory corruption vulnerability in rkp_set_init_page_ro.
e5c59c78302f977cd29039800c6949a70eb5630d466ed6540a65555c3533cf63WordPress versions 4.7.0 and 4.7.1 REST API post privilege escalation and defacement exploit. Originally vulnerability discovered by Sucuri's research team.
bd58209139b43f7c9b7d2e53c961dfc5458fe627f7b590f162c4620fa054b329EMC Network Configuration Manager (NCM) versions 9.3.x, 9.4.0.x, 9.4.1.x, and 9.4.2.x suffer from code execution and improper authentication vulnerabilities.
0f26d30c5898b380a7503c6be0e506ff6fa3d12c4b250255cd0f6e42a226f86fUbuntu Security Notice 3185-1 - It was discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could use this issue to cause libXpm to crash, resulting in a denial of service, or possibly execute arbitrary code.
17a2c71627e7cea12aef70673bc1567cdd4d4769169668dde3a945c7a5343c04Ubuntu Security Notice 3183-1 - Stefan Buehler discovered that GnuTLS incorrectly verified the serial length of OCSP responses. A remote attacker could possibly use this issue to bypass certain certificate validation measures. This issue only applied to Ubuntu 16.04 LTS. Shi Lei discovered that GnuTLS incorrectly handled certain warning alerts. A remote attacker could possibly use this issue to cause GnuTLS to hang, resulting in a denial of service. This issue has only been addressed in Ubuntu 16.04 LTS and Ubuntu 16.10. Various other issues were also addressed.
035914142c4ddafee94b71aaabdb111a04a8be64edf6d0cf13cb9129c4828f7bUbuntu Security Notice 3184-1 - It was discovered that the Irssi buf.pl script set incorrect permissions. A local attacker could use this issue to retrieve another user's window contents. Joseph Bisch discovered that Irssi incorrectly handled comparing nicks. A remote attacker could use this issue to cause Irssi to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Irssi incorrectly handled invalid nick messages. A remote attacker could use this issue to cause Irssi to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
8fffde546749a146e440119761742c9054a80582cb3f6cf8fcecc6028e307fd3Ubuntu Security Notice 3186-1 - It was discovered that iucode-tool incorrectly handled certain microcodes when using the -tr loader. If a user were tricked into processing a specially crafted microcode, a remote attacker could use this issue to cause iucode-tool to crash, resulting in a denial of service, or possibly execute arbitrary code.
2a283f87c0c3fc55613e7c8182cc0b0d4799a908c82e6514a23e5d63635df2bbHP Security Bulletin HPSBST03588 1 - A potential security vulnerability has been identified in HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS. The vulnerability could be remotely exploited resulting in arbitrary command execution. Revision 1 of this advisory.
782dd5732ac7acd5e00984a08a61b8bf153e990e7fe953e554739b420e1b2abbCisco Security Advisory - A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication. An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
2b2b37f518d4ccc6b7169be17a2c17c139547bd38148a33f01b2283bdda1b7b5Ubuntu Security Notice 3182-1 - Jann Horn discovered that NTFS-3G incorrectly filtered environment variables when using the modprobe utility. A local attacker could possibly use this issue to load arbitrary kernel modules.
d7e87d437e6c386c7a2fd8dbb3bb71070101b552c0748efb494d4cea9373ca4bRed Hat Security Advisory 2017-0226-01 - RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable implementation of an AMQP broker. Security Fix: A resource-consumption flaw was found in RabbitMQ Server, where the lengths_age or lengths_incr parameters were not validated in the management plugin. Remote, authenticated users with certain privileges could exploit this flaw to cause a denial of service by passing values which were too large.
e52ae8f1d7a3ae0c5f62184851716b5e95bb31c806d817f33e959ffd73054384Debian Linux Security Advisory 3779-1 - Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to hijack victims' credentials, access sensitive information, execute arbitrary commands, bypass read and post restrictions, or mount denial-of-service attacks.
09295a4c4e63cd48aa58a0144f1e422d2cddb696e50f6c667deaa4cda3ab03d2Bitrix Site Manager suffers from a cross site scripting vulnerability.
b4e8a85304c515293bfd60d6515e0c85187971f7175192a707017c5b3c76cd37Property Listing Script suffers from a remote blind SQL injection vulnerability.
d2804666c079d5d2c5f1d6d38998755cebde29a17d807828ebd5dfe3ae0f4eacLogoStore suffers from a remote SQL injection vulnerability.
b958a67f93c267bb44bc15716cbd2787122bbd1e138ebbe08a4355b351c5f3b8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed