Ubuntu Security Notice 4916-2 - USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately, the fix for CVE-2021-3493 introduced a memory leak in some situations. This update fixes the problem. It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Various other issues were also addressed.
0109aef37883b59cfde530823abac56b2ccc7f8d9cf5d79c37274335d1792a6cWireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
de1aafd100a1e1207c850d180e97dd91ab8da0f5eb6beec545f725cdb145d333BMD BMDWeb 2.0 versions prior to 24.01.21 suffer from persistent cross site scripting vulnerabilities.
499c18c38e8687b39167ce9265f6c4cdf83a764a4642327eea6fa7a0feb38768Red Hat Security Advisory 2021-1322-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include integer overflow and null pointer vulnerabilities.
c7f24bb2f14642cac12074bfafb54e59cd5333b67667591a72b4a67fbf6013cbZeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
659a890f433cb730519966bdc41f1a03fb67e27e94b5d52ad9ee890022a12c3anfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
ebe157566eab484ed001f6883fcb5e249ae19419a342d541121959fe406c7c24Packed.Win32.Black.d malware has an unauthenticated open proxy vulnerability.
b18b3ad5d47b356d0d074396d3e78619015d4e8d6d35c24f92a64f3e00c8a7c2Red Hat Security Advisory 2021-1324-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include integer overflow and null pointer vulnerabilities.
57aac1c3058fac07f08df4868593183ba64b72eab1b13e737c26cbface926929OTRS version 6.0.1 remote command execution exploit.
9d111d76bea3e1afbf0a3f7944a2ab12828a882b5a33a64bd3c3773ab6853e44Backdoor.Win32.DarkKomet.artr malware suffers from an insecure permissions vulnerability.
6f97ec5a51f653a05bb81959971a0ad88089ac05e1df22f9ab1015828b1d15beRed Hat Security Advisory 2021-1313-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include double free, information leakage, and remote SQL injection vulnerabilities.
27f926f5aa6dc020146bbe82a0e986564870461f6b710ded0e468168538e2d5cTrojan-Dropper.Win32.Agent.xtp malware suffers from an insecure permissions vulnerability.
9aaf127156348dafcff76eb15d956c0680a835016e5b90fa5d40e53d8177432dRemoteClinic version 2.0 suffers from multiple persistent cross site scripting vulnerabilities.
b00dedb467ec2c26a898adc3fac196e892a358994af6fa922e3582ef27134ac6IM-Worm.Win32.Bropia.aa malware suffers from an insecure permissions vulnerability.
fd29c46bb7217c71da57bbcacc060476989d26ea8994fb2f4b6f0de8f5c93ffdRed Hat Security Advisory 2021-1315-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
67fea351beef34f9524db4f5a5f427cefb9e3b5e273fa598258c7c1afb410f0cHEUR.Trojan.Win32.Generic malware suffers from an insecure permissions vulnerability.
2db468ae0d628e2a2d376200eb1bf0053754b7b6609d8070cc4eaf06439fb6d6CMS Made Simple version 2.2.15 suffers from a reflective cross site scripting vulnerability.
f4abc21bca1ed69f89b0d9c2e9581cbe2aaa7cb0ebede906deadb1c291c9211aThis is a brief whitepaper that discuss HTTP Host header attacks.
a6fa96ce1a609cfb613a8375b0180918f63f56cc17ee3a3c76e0de0ea38c3e92
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed