OSCI-Transport library version 1.2 for German e-Government suffers from padding oracle, signature wrapping, and XML external entity injection vulnerabilities.
e836d90008122100e3bb9c8d79986aeef8cdb8cc46a5f5f505ce7a6396d60f8eBetterCAP is a powerful, flexible, and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.
a9cf8dc94aba25e88ac6d175f5ef4d8b1d9ba7111aeccffc46959534722d0dbbRootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
a8807c83f9f325312df05aa215fa75ad697c7a16163175363c2066baa26dda77Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
48d4880bf6ccb19ce9af2abde6946d7cf0635cc807548badbf4a221a79581e42Google Chrome suffers from an out-of-bounds access vulnerability in RegExp.prototype.exec and RegExp.prototype.test.
a2dfbfbd5b6b713bef9434dadf2a4e4076dec67533a901bf128641446d851b2bLG suffers from multiple stack overflows in ASFParser::SetMetaData.
ea05f7a62253726acc0eb18d46ed9849a18b0dea1654d3211310564f7f79f2feLinux kernel ldso_dynamic stack clash privilege escalation exploit. This affects Debian 9/10, Ubuntu 14.04.5/16.04.2/17.04, and Fedora 23/24/25.
019f1ce6374470fd5095849ce9301acb133a3679244b764940a7e40a80e999dfOpenBSD 'at' local stack clash privilege escalation exploit.
a80fd36081b8074669422ec386b383f6b02e6147e8b26cd6b180b8bcfaa859d2Linux kernel ldso_hwcap_64 stack clash privilege escalation exploit. This affects Debian 7.7/8.5/9.0, Ubuntu 14.04.2/16.04.2/17.04, Fedora 22/25, and CentOS 7.3.1611.
7c324e4c61aee597fae1e36e8fbd936e360099156578d347ef8a0c10d633cce6Linux kernel offset2lib stack clash exploit.
f1addfd343ecc2a4c4e2f9697900b6d0f23b685b668f34ffb4b54dd9fc0ac77fEasy File Sharing Web Server version 7.2 suffers from an account import local buffer overflow vulnerability.
44230e2afab50a3e2ac2122de6b916d5564602604dc11314483782d5a94ad8eaMicrosoft Dynamic CRM 2016 versions SP1 and below suffer from a cross site scripting vulnerability.
7a7ac559b01961f3ee6d891d89c708a79570c82bf81792a0b6b527819cb4e8d5Microsoft .NET Framework version 4.7 suffers from dll hijacking vulnerabilities.
a14c76d3be8ec71126b11a235d5adde47541281cc460aeede7942fad1dde0f2eTrihedral VTScada versions prior to 11.2.26 suffer from resource consumption, cross site scripting, and information disclosure vulnerabilities.
e14e0d0f4e7e01e5baeffed7b702d91c7d3bbbc0662e4bfd676b5401df83dcebSchneider Electric Wonderware InduSoft Web Studio versions 8.0 Patch 3 and below suffer from having incorrect default permissions.
3a6fb63ee2321ae2148abfe45340ced49709d99fb96721ff3760ab329b26826cDigital Canal Structural Wind Analysis versions 9.1 and below suffer from a buffer overflow vulnerability.
682cc56b7180418fb3999e685a72a5afe4e35da7c9f4873634145310163a17dfUbuntu Security Notice 3323-2 - USN-3323-1 fixed a vulnerability in the GNU C Library. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the GNU C library did not properly handle memory when processing environment variables for setuid programs. A local attacker could use this in combination with another vulnerability to gain administrative privileges. Various other issues were also addressed.
39e7f8f276dcc79f00dd5616e1101e41d073297143dedea3d186c76f8bf36f8eUbuntu Security Notice 3346-1 - Clement Berthaux discovered that Bind did not correctly check TSIG authentication for zone update requests. An attacker could use this to improperly perform zone updates. Clement Berthaux discovered that Bind did not correctly check TSIG authentication for zone transfer requests. An attacker could use this to improperly transfer entire zones.
8c0a85a29d7e094864d1ecfcffae3ea3162517bb7e02a399d5a29154df774192Ubuntu Security Notice 3342-2 - USN-3342-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. USN-3333-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
ad451459a82d58adcf3830ea5d4699fed8e20f06f412d9ed72a01f01f346917dRed Hat Security Advisory 2017-1664-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 6.2 will be retired as of December 31, 2017, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.2 AMC after December 31, 2017.
52c7f57e1472d238435376232c35551c746a9d83b5397a43d27d161fefa1bfccMicrosoft Machine Debug Manager (mdm) suffers from dll hijacking vulnerabilities.
db92dfe873e589fe2a002dfec15943dbc9eb4432297101f2fd0811808db098a2Microsoft Office Patch Installer suffers from dll hijacking vulnerabilities.
9dd76fa20f90231d58e4b700d50c6a63b8428b18f97fc2b8c466a1268ea2c8bc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed