PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
0d77048b4d1f82bd42c7f8df9b218c52Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.
55e3ae30dafdd547a875306bfe18f79aD-Link Central WiFiManager CWM-100 version 1.03 r0098 devices will load a trojan horse "quserex.dll" and will create a new thread running with SYSTEM integrity.
7d5b487d0bc7a54d4746370b3f054425Using a web browser or script server-side request forgery (SSRF) can be initiated against internal/external systems to conduct port scans by leveraging D-LINK's MailConnect component. The MailConnect feature on D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using Web Browser.
d9afd3cea418548b6c3b72153c1261feThe FTP Server component of the D-LINK Central WifiManager can be used as a man-in-the-middle machine allowing PORT Command bounce scan attacks. This vulnerability allows remote attackers to abuse your network and discreetly conduct network port scanning. Victims will then think these scans are originating from the D-LINK network running the afflicted FTP Server and not you. Version 1.03 r0098 is affected.
83571811be19f02f54e3bf44fda47807A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. Cisco Immunet versions prior to 6.2.0 and Cisco AMP For Endpoints version 6.2.0 are affected.
7a4ff17f412569211f6751de8fc14501OpenSLP version 2.0.0 suffers from multiple out-of-bounds vulnerabilities.
b3d6349b8cc468058c2a8826027787e9Microsoft Windows 10 Build 17134 local privilege escalation exploit with UAC bypass.
5bfd9fbfd023c4f2d5237ed2729d79adVMware Security Advisory 2018-0027 - VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage.
c90f4cfee02d634beee85044cdd3994fRed Hat Security Advisory 2018-3531-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.3.0. Issues addressed include an integer overflow vulnerability.
843de559af4fe7852cc002b06f9d059cRed Hat Security Advisory 2018-3532-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.3.0. Issues addressed include an integer overflow.
d22c03b447c8e30dc1b1e1f825b1a72aRed Hat Security Advisory 2018-3533-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP25. Issues addressed include a denial of service vulnerability.
c913b5e09ffce9ea3f9633e85e789f65Red Hat Security Advisory 2018-3534-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP25. Issues addressed include a denial of service vulnerability.
c5ff45dc35aec9b2eb9af1aa551780c2Gentoo Linux Security Advisory 201811-4 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 60.3.0 are affected.
3fbaf140c918fdebb25d085bb15384f8Gentoo Linux Security Advisory 201811-3 - A vulnerability in OpenSSL might allow remote attackers to cause a Denial of Service condition. Versions less than 1.0.2o-r6 are affected.
fc3554e4ddb44a3d39e9d3767694abffGentoo Linux Security Advisory 201811-2 - A buffer overflow in Python might allow remote attackers to cause a Denial of Service condition. Versions less than 2.7.15 are affected.
ec4ccf8226c5aad66199371cedbc492fGentoo Linux Security Advisory 201811-1 - Multiple vulnerabilities have been found in X.Org X11 library, the worst of which could allow for remote code execution. Versions less than 1.6.6 are affected.
55133b7ee4b717c649a3eb630beef5fb
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed