what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2023-05-22

Zeek 5.0.9
Posted May 22, 2023
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release fixes 4 security bugs and 1 non-security bug.
tags | tool, intrusion detection
systems | unix
SHA-256 | 2d6247c667c1838d0efd8d860744baadde4b2e8721734dea250e37147899cfcd
Nmap Port Scanner 7.94
Posted May 22, 2023
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Zenmap and Ndiff now use Python 3. Added partial silent-install support to the Nmap Windows installer. Upgraded Npcap from version 1.71 to the latest version 1.75. 23 highlighted changes in all.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | 7ebc3a0d369d5965ba8b6513bce3ff6d3307a7cc87dd18f70d0af5d8e66a2849
Ubuntu Security Notice USN-6093-1
Posted May 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6093-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3108, CVE-2022-3903, CVE-2022-4129, CVE-2023-0458, CVE-2023-1073, CVE-2023-1074, CVE-2023-1281, CVE-2023-1829, CVE-2023-26545
SHA-256 | a978cac588db84607cc6b04a9d12c7eba418d67966b505fd71ab931daba3fd00
Ubuntu Security Notice USN-5900-2
Posted May 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5900-2 - USN-5900-1 fixed vulnerabilities in tar. This update fixes it to Ubuntu 23.04. It was discovered that tar incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or cause a crash.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-48303
SHA-256 | 87fb34d060288a40c1867b32f1219a1049b653da41cf71321d54f8b56973182e
Red Hat Security Advisory 2023-3245-01
Posted May 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3245-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-22490, CVE-2023-23946, CVE-2023-25652, CVE-2023-25815, CVE-2023-29007
SHA-256 | 92bc1cd2a7152d444bfd222b50e428edb590365d8fee84b842dbbedc7c850ce6
Red Hat Security Advisory 2023-3247-01
Posted May 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3247-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25652, CVE-2023-25815, CVE-2023-29007
SHA-256 | dfb2a1444bd138759e6ea37ebe2198e36db6ec927d44477a6240819de4cfecf7
Red Hat Security Advisory 2023-3246-01
Posted May 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3246-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-22490, CVE-2023-23946, CVE-2023-25652, CVE-2023-25815, CVE-2023-29007
SHA-256 | c2580c96a9c4c3691d3e57fb640cf3d03ca4f1a7a519ed3eb3dac98b2000bc8e
Red Hat Security Advisory 2023-3243-01
Posted May 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3243-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25652, CVE-2023-25815, CVE-2023-29007
SHA-256 | 3a2969368eb91efa29365a379b80b084de4db2ea98d94792f0bce7be184417bc
Red Hat Security Advisory 2023-3248-01
Posted May 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3248-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-25652, CVE-2023-25815, CVE-2023-29007
SHA-256 | 1a19dc55a71bb6f47c043555224acbde854af300e3d8d339284d408837bb1939
Gentoo Linux Security Advisory 202305-28
Posted May 22, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-28 - Multiple vulnerabilities have been found in snakeyaml, the worst of which could result in denial of service. Versions greater than or equal to 1.33 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2017-18640, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752
SHA-256 | 450489bee55ab3d0abd0fbbd5825dda4f101c934405fc2e01047cd9490e68b31
Gentoo Linux Security Advisory 202305-27
Posted May 22, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-27 - A vulnerability has been discovered in Tinyproxy which could be used to achieve memory disclosure. Versions greater than or equal to 1.8.3-r3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2022-40468
SHA-256 | 97c9d026f6d059ec367281abfb9316413ae394bd765453b4dba462296c7fb9db
Gentoo Linux Security Advisory 202305-25
Posted May 22, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-25 - Multiple vulnerabilities have been discovered in ModSecurity Core Rule Set, the worst of which could result in bypassing the WAF. Versions greater than or equal to 3.3.4 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2021-35368, CVE-2022-39955, CVE-2022-39956, CVE-2022-39957, CVE-2022-39958
SHA-256 | 87eb2387fc19f1cc46ab6d777ec31009795da99de709f3296f43a6ec6f454b34
Gentoo Linux Security Advisory 202305-24
Posted May 22, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-24 - Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service. Versions greater than or equal to 1.25.2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-41798, CVE-2021-41799, CVE-2021-41800, CVE-2021-44854, CVE-2021-44855, CVE-2021-44856, CVE-2021-44857, CVE-2021-44858, CVE-2021-45038, CVE-2022-28202, CVE-2022-28205, CVE-2022-28206, CVE-2022-28209, CVE-2022-31090
SHA-256 | 78ab2541bb3f01d04e54261262659d5bd6583eb5662586495c141e168f913aee
Gentoo Linux Security Advisory 202305-26
Posted May 22, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202305-26 - Multiple vulnerabilities have been discovered in LibreCAD, the worst of which could result in denial of service. Versions greater than or equal to 2.1.3-r7 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2021-21898, CVE-2021-21899, CVE-2021-21900, CVE-2021-45341, CVE-2021-45342, CVE-2021-45343
SHA-256 | 784cc5e58eaf6f44eb0c9ddde54a3157a4759955a3202b0e003be03487075237
Debian Security Advisory 5408-1
Posted May 22, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5408-1 - Irvan Kurniawan discovered a double free in the libwebp image compression library which may result in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2023-1999
SHA-256 | 914d777520963dd3f76daa3201f29d0daa6b00ad5b9b1a5b2888178a4edb5318
Debian Security Advisory 5407-1
Posted May 22, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5407-1 - It was discovered that missing input sanitising in cups-filters, when using the Backend Error Handler (beh) backend to create an accessible network printer, may result in the execution of arbitrary commands.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2023-24805
SHA-256 | 5e3fbfe7bc3160b27c483112b6adbf0916631a452b6af33574c63618c942311a
Debian Security Advisory 5406-1
Posted May 22, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5406-1 - Max Chernoff discovered that improperly secured shell-escape in LuaTeX may result in arbitrary shell command execution, even with shell escape disabled, if specially crafted tex files are processed.

tags | advisory, arbitrary, shell
systems | linux, debian
advisories | CVE-2023-32700
SHA-256 | 5295edf512ed1a9a3cee6103f9bf48379a4b69b3e5af6b362a9016821312bfd2
W3 Eden Download Manager 3.2.70 Cross Site Scripting
Posted May 22, 2023
Authored by Lana Codes | Site wordfence.com

W3 Eden Download Manager versions 3.2.70 and below suffer from a persistent cross site scripting vulnerability via ShortCode.

tags | exploit, xss
advisories | CVE-2023-2305
SHA-256 | 4e5d40f8a712dd594b12e595c220e8b3546b34db22bcdeeae29ea0155591aa57
eBankIT 6 Arbitrary OTP Generation
Posted May 22, 2023
Authored by Steeven Rodriguez

In eBankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any email address or phone number without validation.

tags | exploit
advisories | CVE-2023-33291
SHA-256 | 972d016f9392b59d94e5953a0d7fcae1086a2619511edc6b73d5277ccf8d9e01
WBiz Desk 1.2 SQL Injection
Posted May 22, 2023
Authored by h4ck3r

WBiz Desk version 1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 75382386fb99f62c432d321a7c1d8b5e46e6120da5c7b81a2cd3ed26ae52438a
hyiplab 2.1 Default Credentials
Posted May 22, 2023
Authored by indoushka

hyiplab version 2.1 leaves a default set of administrative credentials installed post installation.

tags | exploit
SHA-256 | c3961191610fef92e4d7cf83b653d5446f0d6d2c86337e21ac4a1e506b6d196d
Esg 2.5 SQL Injection
Posted May 22, 2023
Authored by indoushka

Esg version 2.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 16522de1601e8b74a1f1b94c88e565317de5aaac9ee19307e27e7eaa65a045d9
Code Bakers 1.0 SQL Injection
Posted May 22, 2023
Authored by indoushka

Code Bakers version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e9725f14c6ed59f49712d2966a74f973ad1b8302f14b6102a963a2249643aba0
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close