haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.
95867032bb3f2abd36179f92e328e651sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
f8172574e6c94b3c3fdce9988fe1d65eAnsvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
6bf4770f84fcca587a06d84b04f577e3This Metasploit module exploits a path traversal via Jetdirect to gain arbitrary code execution by writing a shell script that is loaded on startup to /etc/profile.d. Then, the printer is restarted using SNMP. A large amount of printers are impacted.
330fb84840e2b0a7602e2d3e4c2701b5Red Hat Security Advisory 2018-2566-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a client-side security defense vulnerability.
18b19872fd2a138071b7e1b96a5f9204Ubuntu Security Notice 3754-1 - Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel did not properly validate meta block groups. An attacker with physical access could use this to specially craft an ext4 image that causes a denial of service. It was discovered that an information disclosure vulnerability existed in the ACPI implementation of the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
8fd248fb77a13c2c1319323d9c90a547WordPress Plainview Activity Monitor plugin version 20161228 suffers from an OS command injection vulnerability.
4b0209792ced09d52b809e31313be32cThis Microsoft advisory notification includes advisories released or updated on August 24, 2018.
fb351c53b0e1c2e1f4b6e31f353e5171Dojo Toolkit version 1.13 suffers from a cross site scripting vulnerability.
32361799fbf94963fe405a9d518c8786The Vox TG790 ADSL router suffers from a cross site request forgery vulnerability.
f1ddebc2283a2129859fcbe0f67c5378Libpango version 1.40.8 suffers from a denial of service vulnerability.
7583b00a9838fee5a89fdc248739a3ecTrend Micro Enterprise Mobile Security version 2.0.0.1700 suffers from a denial of service vulnerability.
75f668b30c0241bf5e6838cb77bcf211Red Hat Security Advisory 2018-2565-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include client-side defense vulnerabilities.
08f18b939b68bf18c3d525ff305bde91Gleez CMS version 1.2.0 suffers from a cross site request forgery vulnerability.
2f0089c7d34c574bc74a84ef72ec3fdbLiteCart version 2.1.2 suffers from a remote file upload vulnerability.
44fd0ea7d19bec8cfb7f443bc7ae5960CuteFTP version 5.0 suffers from a buffer overflow vulnerability.
42ec57197a9d8f87c3f26d6265651955Sentrifugo HRMS version 3.2 suffers from a remote SQL injection vulnerability.
75109311c86f8a28209fc71033934ee5The RICOH MP C4504ex printer suffers from a cross site request forgery vulnerability.
ca52e9e6a9ab961e378e5f8674df1140Firefox version 55.0.3 suffers from a denial of service vulnerability.
799c7ad60a0837560bdc470bb70d69e3
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed