exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2023-01-09

Ubuntu Security Notice USN-5787-2
Posted Jan 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5787-2 - USN-5787-1 fixed vulnerabilities in Libksba. This update provides the corresponding updates for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM. It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-47629
SHA-256 | 82286b86067d6fc4fa31cac9d371a0b0f0692d36a900f8a50b11f9aed2f7b2c0
libpcap 1.10.2
Posted Jan 9, 2023
Site tcpdump.org

Libpcap is a portable packet capture library which is used in many packet sniffers, including tcpdump.

Changes: Over a hundred updates applied as this is the first release since June of 2021. Check the full changelog for details.
tags | library
systems | unix
SHA-256 | db6d79d4ad03b8b15fb16c42447d093ad3520c0ec0ae3d331104dcfb1ce77560
tcpdump 4.99.2
Posted Jan 9, 2023
Site tcpdump.org

tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.

Changes: Over a hundred updates applied as this is the first release since June of 2021. Check the full changelog for details.
tags | tool, sniffer
systems | unix
SHA-256 | f4304357d34b79d46f4e17e654f1f91f9ce4e3d5608a1badbd53295a26fb44d5
GNUnet P2P Framework 0.19.2
Posted Jan 9, 2023
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: This is a bugfix release for gnunet 0.19.1.
tags | tool, web, udp, tcp, peer2peer
systems | unix
SHA-256 | 86034d92ebf8f6623dad95f1031ded1466e064b96ffac9d3e9d47229ac2c22ff
Debian Security Advisory 5311-1
Posted Jan 9, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5311-1 - Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in HTTP request smuggling, cache poisoning or denial of service.

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2022-32749, CVE-2022-37392
SHA-256 | 990cbc4c27bc00413fc821fd5e596736910270440e68916352b4cf984d9ea06a
cryptmount Filesystem Manager 6.2.0
Posted Jan 9, 2023
Authored by RW Penney | Site cryptmount.sourceforge.net

cryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.

Changes: Enabled libudev by default. Updated various maintainer URLs to point to github.com. Reduced verbosity of manual-page variable substitution. Improved unit-test support for NVME devices.
tags | tool, kernel, encryption
systems | linux, unix
SHA-256 | 90cc49fd598d636929c70479b1305f12b011edadf4a54578ace6c0fca8cb5ed2
Ubuntu Security Notice USN-5794-1
Posted Jan 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5794-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3643, CVE-2022-42896, CVE-2022-43945, CVE-2022-45934
SHA-256 | f94cebf0ea6c3ab3da6d1994df82f1a6cfce5dea6344042ba9c85491090964a9
Linux videobuf2 Use-After-Free
Posted Jan 9, 2023
Authored by Google Security Research, Seth Jenkins

A vb2_mmap race with vb2_core_reqbufs leads to a use-after-free vulnerability in the Linux videobuf2 system.

tags | exploit
systems | linux
SHA-256 | d61a2203442211de402e6420b838d2d46c53994de2af84b1f343bfe1d3ad0231
Acunetix Vulnweb Solutions Handbook
Posted Jan 9, 2023
Authored by Ismail Tasdelen

In this paper, the author subjects the vulnerable web application vulnweb.com, developed by Acunetix, to security tests. Acunetix is a web application where we can perform legal penetration tests. The author discusses how to infiltrate the target system by acting as a real hacker through this application. Written in Turkish.

tags | paper, web
SHA-256 | 9452d8ba127e646598688770379f1d68ad85c10e81be8c7238597d9d656014c1
Ubuntu Security Notice USN-5793-1
Posted Jan 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5793-1 - It was discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20421, CVE-2022-2663, CVE-2022-3303, CVE-2022-3541, CVE-2022-3543, CVE-2022-3586, CVE-2022-3623, CVE-2022-3646, CVE-2022-3649, CVE-2022-3910, CVE-2022-3977, CVE-2022-40307, CVE-2022-4095, CVE-2022-41849
SHA-256 | 91ba98c3c9637a1d31736093e5bfd37579c41aaa5e5abbbbc4396e2e20bfe7e1
Ubuntu Security Notice USN-5792-1
Posted Jan 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5792-1 - Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization. A local attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0171, CVE-2022-20421, CVE-2022-2663, CVE-2022-3061, CVE-2022-3303, CVE-2022-3586, CVE-2022-3646, CVE-2022-3649, CVE-2022-39188, CVE-2022-39842, CVE-2022-40307, CVE-2022-4095, CVE-2022-43750
SHA-256 | 0d471b882265b05e21d7d5364395548bdfdb7aabb60f28ba0290bf97ec7175cb
Eatself 1.1.5 SQL Injection
Posted Jan 9, 2023
Authored by indoushka

Eatself version 1.1.5 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | f4fa31a0d3106d8c1adb588bd047ea6ff13bd2f69bed2e503589be0b1ec5678a
Excel Net Computer Institute 4.1 SQL Injection
Posted Jan 9, 2023
Authored by indoushka

Excel Net Computer Institute version 4.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 6e0d6656b5c808ef3fe50aec1bdf458a6173e6fc9e595d2d4c977a81377adba5
Red Hat Security Advisory 2022-9111-01
Posted Jan 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-9111-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.54. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2022-24801, CVE-2022-2639, CVE-2022-26945, CVE-2022-30321, CVE-2022-30322, CVE-2022-30323, CVE-2022-34177
SHA-256 | 28a6d1921e94e2c120c5a8431a0cdef482dfa073febba54fa8e78a5a803ac9d0
Control Web Panel 7 Remote Code Execution
Posted Jan 9, 2023
Authored by numan turle

Control Web Panel 7 versions prior to 0.9.8.1147 suffer from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, web, code execution
advisories | CVE-2022-44877
SHA-256 | 698ef6e35dc8ca09f1857de4c6b56f25be500ed741ecd49ee2cd7f5d8dbf30ef
Ubuntu Security Notice USN-5791-1
Posted Jan 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5791-1 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.

tags | advisory, remote, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-20421, CVE-2022-2663, CVE-2022-3061, CVE-2022-3303, CVE-2022-3586, CVE-2022-3646, CVE-2022-39842, CVE-2022-40307, CVE-2022-4095, CVE-2022-43750
SHA-256 | c620604793b568d88ed5f96e800d17e391508664ad2fb783107dcfa6afb9a3f2
Ubuntu Security Notice USN-5790-1
Posted Jan 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5790-1 - It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4159, CVE-2022-20421, CVE-2022-3061, CVE-2022-3586, CVE-2022-39188, CVE-2022-40307, CVE-2022-4095
SHA-256 | 1d9560d5aef2cc859cd9a37a38fc80172a6ac7361f6977f86ca4cee9c00d13a5
Everything About The Secure Software Development Process
Posted Jan 9, 2023
Authored by Ismail Tasdelen

This is a brief whitepaper that discusses some basic fundamentals for approaching secure design of an application.

tags | paper
SHA-256 | c962e90a506a04f9658f44421b9bf8e4b0339a1755b66c5c193c109f722ea574
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close