what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2018-11-09

Packet Fence 8.2.0
Posted Nov 9, 2018
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Added support for clusters with servers located in multiple layer 3 networks. Permitted incoming Eduroam TLRS RADIUS requests. Added Mojo web authentication support. Added SMTP test function in Alerting. Various other additions and updates.
tags | tool, remote
systems | unix
SHA-256 | 97f539eeb90b8cb653fc9dbd151af722eba19f53c751aec16dc2d94f55258007
Web-Based Firewall Logging Tool 1.1.1
Posted Nov 9, 2018
Authored by Bob Hockney | Site webfwlog.sourceforge.net

Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.

Changes: Added support for checksum fields for database logs for tcp, udp and icmpv6. Multiple bug fixes. Various other updates.
tags | tool, web, firewall
systems | linux, windows, unix
SHA-256 | 6f128ab57db061f7c39e804eb0af1171237079e9b2a5a9354cad29eb4fcc21f2
D-LINK Central WifiManager (CWM 100) 1.03 r0098 DLL Hijacking
Posted Nov 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices will load a trojan horse "quserex.dll" and will create a new thread running with SYSTEM integrity.

tags | exploit, trojan
advisories | CVE-2018-15515
SHA-256 | 52c49a3a7607f161b4168d84b61bd33426cca6070383c6347c351b60ea7cade1
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Server-Side Request Forgery
Posted Nov 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Using a web browser or script server-side request forgery (SSRF) can be initiated against internal/external systems to conduct port scans by leveraging D-LINK's MailConnect component. The MailConnect feature on D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using Web Browser.

tags | exploit, web, php, tcp
advisories | CVE-2018-15517
SHA-256 | 53baa0e6a12bb0ef14fad1c04c6d784940b40d49e5593d74db2b71aa5c26e072
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Man-In-The-Middle
Posted Nov 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The FTP Server component of the D-LINK Central WifiManager can be used as a man-in-the-middle machine allowing PORT Command bounce scan attacks. This vulnerability allows remote attackers to abuse your network and discreetly conduct network port scanning. Victims will then think these scans are originating from the D-LINK network running the afflicted FTP Server and not you. Version 1.03 r0098 is affected.

tags | exploit, remote
advisories | CVE-2018-15516
SHA-256 | b4c780a65fbf4c9da691e430cf3ab77157fb42d84886375e480aa0fb88b21444
Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service
Posted Nov 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. Cisco Immunet versions prior to 6.2.0 and Cisco AMP For Endpoints version 6.2.0 are affected.

tags | exploit, local
systems | cisco, windows
advisories | CVE-2018-15437
SHA-256 | 5017f9c736285c4def48333e34e95f0cc85a4c481b2df3b3524424ab4b0de654
OpenSLP 2.0.0 Out-Of-Bounds
Posted Nov 9, 2018
Authored by Magnus Klaaborg Stubman

OpenSLP version 2.0.0 suffers from multiple out-of-bounds vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2016-7567
SHA-256 | 892cd678b3963c6dfc8ea0d9df1e2bb7239c8092c7d5099d5a6356846a6063bf
Microsoft Windows 10 Build 17134 Local Privilege Escalation
Posted Nov 9, 2018
Authored by Tenable Network Security

Microsoft Windows 10 Build 17134 local privilege escalation exploit with UAC bypass.

tags | exploit, local
systems | windows
SHA-256 | e3dd973532e4f2d060b4d0b153971e8ddc2cc77a366635af649f3f1227c276e5
VMware Security Advisory 2018-0027
Posted Nov 9, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0027 - VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage.

tags | advisory
advisories | CVE-2018-6981, CVE-2018-6982
SHA-256 | 19a8796446a2f63f4cbd94fbcddfe7c6b1795724ba4b0b207ad2e6bd9731f619
Red Hat Security Advisory 2018-3531-01
Posted Nov 9, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3531-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.3.0. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-12389, CVE-2018-12390, CVE-2018-12392, CVE-2018-12393
SHA-256 | 8c15fea412bc4b4a2e9f6cbca2957d6a314483c55100b21551aaed960fd825ed
Red Hat Security Advisory 2018-3532-01
Posted Nov 9, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3532-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.3.0. Issues addressed include an integer overflow.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-12389, CVE-2018-12390, CVE-2018-12392, CVE-2018-12393
SHA-256 | 7ddabe0c631f025e5f76c79adbf664f42dddd68dbde947f177178f29cfde288d
Red Hat Security Advisory 2018-3533-01
Posted Nov 9, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3533-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP25. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2018-13785, CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3214
SHA-256 | cbafd6a88390e5eb75498f509692813f4707486c5cf68f4321300a3c3a979141
Red Hat Security Advisory 2018-3534-01
Posted Nov 9, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3534-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP25. Issues addressed include a denial of service vulnerability.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2018-13785, CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3214
SHA-256 | 83f77043b0fc51469c74877f96ad23dd3aeaa9179fc8bd20ad70e5db6b99d115
Gentoo Linux Security Advisory 201811-04
Posted Nov 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-4 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 60.3.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2018-12389, CVE-2018-12390, CVE-2018-12392, CVE-2018-12393, CVE-2018-12395, CVE-2018-12396, CVE-2018-12397
SHA-256 | 8aa3bc82e407773bfdcd9ad96772bd8c0b936737c4e6cd15abbc811752a70ecc
Gentoo Linux Security Advisory 201811-03
Posted Nov 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-3 - A vulnerability in OpenSSL might allow remote attackers to cause a Denial of Service condition. Versions less than 1.0.2o-r6 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2018-0732
SHA-256 | 2567e550284a41d0a884d941d89911bfb3bd909ca61b03a9f3e550906d00e4f5
Gentoo Linux Security Advisory 201811-02
Posted Nov 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-2 - A buffer overflow in Python might allow remote attackers to cause a Denial of Service condition. Versions less than 2.7.15 are affected.

tags | advisory, remote, denial of service, overflow, python
systems | linux, gentoo
advisories | CVE-2018-1000030
SHA-256 | ab1a2c70d9578a62fe64c48c2b127fd608b5cf524a889fee262ec1d849f3d11b
Gentoo Linux Security Advisory 201811-01
Posted Nov 9, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-1 - Multiple vulnerabilities have been found in X.Org X11 library, the worst of which could allow for remote code execution. Versions less than 1.6.6 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2018-14598, CVE-2018-14599, CVE-2018-14600
SHA-256 | 8b2028fb671586ac088c78627304c1813822f7f8340fc74d2f634ec2e682c03f
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close