PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
f6e74b353f7ffa6d50395924fe0fe5272ddb039a8cc723c53167c969d2224459The CloudStack security team was notified of a information disclosure vulnerability that exists in Apache CloudStack-4.0.0-incubating. With this vulnerability, when a user calls the createSSHKeyPair API command to create an SSH key pair to be used when authenticating to a user VM, the freshly generated SSH private key is rendered in a log file at INFO level on the CloudStack "master" server as well as being returned to the caller.
7e5072bee6a90d8b464801d5889631f4bf7ef3c7f7dd527b84682cb89915ef5dThis write up documents an analysis of the current Java zero-day floating around that affects version 7 update 10.
570d0ab91ce6ae4fe76761c04da03a7343f5d11d4f9bf2f3e155de151060f50cTechnical Cyber Security Alert 2013-10A - A vulnerability in the way Java 7 restricts the permissions of Java applets could allow an attacker to execute arbitrary commands on a vulnerable system.
aaada86c63aa36f6877310ae5b977d9ce2de8841bbf42dca66273a154ae3b9f0HP Security Bulletin HPSBMU02838 SSRT100789 - A potential security vulnerability has been identified in HP Serviceguard. This vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.
95a5f13a4ae9f838cd1118c0292a5dd788d5d09460f2c9509d1e19312013e34dMicrosoft Lync 2012 fails to properly sanitize user-supplied input, which can lead to remote code execution.
61de4ae8908966fb99a4402d4a1ab26569054da13bd2adc7681cdd71ec499425Secunia Security Advisory - Gjoko Krstic has reported a vulnerability in the Incapsula component for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.
d5aa38569f4ac59d15ca6ffcd3303f6790eed447850634553e9fcdae4e01a86dSecunia Security Advisory - Red Hat has issued an update for Ruby on Rails. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.
a4ffe2033d8d79b9cbf2be952b03d041de331c19d660c0060808ec1955cdeb34Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
c9c408261a4b63da67c69009ae7662f8eb02e176c7da299f718143b9e6aa5dddSecunia Security Advisory - High-Tech Bridge SA has reported a vulnerability in Quick.Cart, which can be exploited by malicious people to conduct cross-site scripting attacks.
81844a1dadd06dca0eb7088dcbec1a459a945eeff62879d2935d8f160f992494WordPress Floating Tweets versions 1.0.1 and below suffer from cross site scripting, path disclosure, and directory traversal vulnerabilities.
66b5159581cff7c6e7158f2d4d68344064f524235219abbacb8b3267adfcbb35Sites designed by Avalon IT Services suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
9d932dd366e09440b53d0f41543fefd4da9996d67d8226c4a4eab660c2ee97b3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed