what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2021-04-22

Ubuntu Security Notice USN-4916-2
Posted Apr 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4916-2 - USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately, the fix for CVE-2021-3493 introduced a memory leak in some situations. This update fixes the problem. It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability, memory leak
systems | linux, ubuntu
advisories | CVE-2021-29154, CVE-2021-3493
SHA-256 | 0109aef37883b59cfde530823abac56b2ccc7f8d9cf5d79c37274335d1792a6c
Wireshark Analyzer 3.4.5
Posted Apr 22, 2021
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: Ten bug fixes have been applied along with a fix for a memory consumption vulnerability.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | de1aafd100a1e1207c850d180e97dd91ab8da0f5eb6beec545f725cdb145d333
BMD BMDWeb 2.0 Cross Site Scripting
Posted Apr 22, 2021
Authored by Stefan Viehbock | Site sec-consult.com

BMD BMDWeb 2.0 versions prior to 24.01.21 suffer from persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 499c18c38e8687b39167ce9265f6c4cdf83a764a4642327eea6fa7a0feb38768
Red Hat Security Advisory 2021-1322-01
Posted Apr 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1322-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include integer overflow and null pointer vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-25014, CVE-2021-28682, CVE-2021-28683, CVE-2021-29258
SHA-256 | c7f24bb2f14642cac12074bfafb54e59cd5333b67667591a72b4a67fbf6013cb
Zeek 4.0.1
Posted Apr 22, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This is a release that addresses quite a few bugs including a null-pointer dereference vulnerability.
tags | tool, intrusion detection
systems | unix
SHA-256 | 659a890f433cb730519966bdc41f1a03fb67e27e94b5d52ad9ee890022a12c3a
nfstream 6.3.0
Posted Apr 22, 2021
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Implemented tunnel_id extraction.
tags | tool, python
systems | unix
SHA-256 | ebe157566eab484ed001f6883fcb5e249ae19419a342d541121959fe406c7c24
Packed.Win32.Black.d MVID-2021-0183 Unauthenticated Open Proxy
Posted Apr 22, 2021
Authored by malvuln | Site malvuln.com

Packed.Win32.Black.d malware has an unauthenticated open proxy vulnerability.

tags | exploit
systems | windows
SHA-256 | b18b3ad5d47b356d0d074396d3e78619015d4e8d6d35c24f92a64f3e00c8a7c2
Red Hat Security Advisory 2021-1324-01
Posted Apr 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1324-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include integer overflow and null pointer vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2021-28682, CVE-2021-28683, CVE-2021-29258
SHA-256 | 57aac1c3058fac07f08df4868593183ba64b72eab1b13e737c26cbface926929
OTRS 6.0.1 Remote Command Execution
Posted Apr 22, 2021
Authored by Hex_26

OTRS version 6.0.1 remote command execution exploit.

tags | exploit, remote
advisories | CVE-2017-16921
SHA-256 | 9d111d76bea3e1afbf0a3f7944a2ab12828a882b5a33a64bd3c3773ab6853e44
Backdoor.Win32.DarkKomet.artr MVID-2021-0182 Insecure Permissions
Posted Apr 22, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.DarkKomet.artr malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 6f97ec5a51f653a05bb81959971a0ad88089ac05e1df22f9ab1015828b1d15be
Red Hat Security Advisory 2021-1313-01
Posted Apr 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1313-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include double free, information leakage, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2017-2662, CVE-2019-18874, CVE-2020-11612, CVE-2020-14335, CVE-2020-25633, CVE-2020-9402
SHA-256 | 27f926f5aa6dc020146bbe82a0e986564870461f6b710ded0e468168538e2d5c
Trojan-Dropper.Win32.Agent.xtp MVID-2021-0180 Insecure Permissions
Posted Apr 22, 2021
Authored by malvuln | Site malvuln.com

Trojan-Dropper.Win32.Agent.xtp malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 9aaf127156348dafcff76eb15d956c0680a835016e5b90fa5d40e53d8177432d
RemoteClinic 2.0 Cross Site Scripting
Posted Apr 22, 2021
Authored by Saud Ahmad

RemoteClinic version 2.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-30030, CVE-2021-30034, CVE-2021-30039, CVE-2021-30042
SHA-256 | b00dedb467ec2c26a898adc3fac196e892a358994af6fa922e3582ef27134ac6
IM-Worm.Win32.Bropia.aa MVID-2021-0181 Insecure Permissions
Posted Apr 22, 2021
Authored by malvuln | Site malvuln.com

IM-Worm.Win32.Bropia.aa malware suffers from an insecure permissions vulnerability.

tags | exploit, worm
systems | windows
SHA-256 | fd29c46bb7217c71da57bbcacc060476989d26ea8994fb2f4b6f0de8f5c93ffd
Red Hat Security Advisory 2021-1315-01
Posted Apr 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1315-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2021-2163
SHA-256 | 67fea351beef34f9524db4f5a5f427cefb9e3b5e273fa598258c7c1afb410f0c
HEUR.Trojan.Win32.Generic MVID-2021-0179 Insecure Permissions
Posted Apr 22, 2021
Authored by malvuln | Site malvuln.com

HEUR.Trojan.Win32.Generic malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 2db468ae0d628e2a2d376200eb1bf0053754b7b6609d8070cc4eaf06439fb6d6
CMS Made Simple 2.2.15 Cross Site Scripting
Posted Apr 22, 2021
Authored by bt0

CMS Made Simple version 2.2.15 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-28935
SHA-256 | f4abc21bca1ed69f89b0d9c2e9581cbe2aaa7cb0ebede906deadb1c291c9211a
HTTP Host Header Attacks
Posted Apr 22, 2021
Authored by SunCSR

This is a brief whitepaper that discuss HTTP Host header attacks.

tags | paper, web
SHA-256 | a6fa96ce1a609cfb613a8375b0180918f63f56cc17ee3a3c76e0de0ea38c3e92
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close