oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.
8cc553e22aa403c18071155ee5e180fb1bd710886f6f15f922da0aaa5dca8137oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. AMD version.
5397027feb4eb10becd6278c208e69ca03539812ead0a9ac70d0e090d55ebaadThis Metasploit module exploits a null pointer dereference in XNU to escalate privileges to root. Tested on 10.10.4 and 10.10.5.
96d3d170f08479ec6482a4d97b2fb1ead038f68c3dbe1ed44950f74067f7c452The bulletin summary for August 2015 has been updated to include an additional out-of-band bulletin, MS15-093, which is being released on August 18, 2015.
8d4c118b872c8a43607397a0cd9410211c9fbfb45ecdb7b8967066fe1ae2ffe8ModX Revolution version 2.3.5-pl suffers from a reflective cross site scripting vulnerability.
3d152bdf6a33c468ed0fa3c3f2478aaa3e820a7da98eefd3efe8ac2787df02a8Bolt version 2.2.4 suffers from a code execution vulnerability via shell upload.
e2c1943ef583db95a7975023c3a7c4ab89af5a7177598fe0614687c3b777d362Phorum version 5.2.19 suffers from open redirection and cross site scripting vulnerabilities.
bc90d6b53c23a8d4bab8948215ef1624906d96091b68d72f6596b40f2820ec1fFreeBSD Security Advisory - Multiple integer overflows have been discovered in the XML_GetBuffer() function in the expat library.
1bf2e6f9cf139148956ddc5cace6515fc78c0e1fbfbe63d0896601c7485a121aTrend Micro Deep Discovery version 3.7.1096 suffers from a cross site scripting vulnerability.
a3e789b577fdb673b8f15dfb0d8458a1834af7ce30aced8113ebc24ab4b3e588Viproy Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.
7adcb6181b4f32dd3c5611997d9af5ccec5f78decd8a67ca1dc7faf38e23b1bcEMC Documentum Content Server suffers from an arbitrary code execution vulnerability.
c2bedfbc57a00c51150a01873bae989bcc87b6d4e0f981bb7614f0a531896758EMC Documentum Content Server suffers from a privilege escalation vulnerability.
80285eb669610b3c918abc9181df00a398f6734029af4b07e148e171da2b1654Ubuntu Security Notice 2715-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).
bf3ca28bbbcae6432767477c246a7ab8c7b6e3f4c1c3d67056ec8a1f50f4db7aUbuntu Security Notice 2714-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.
24bf0876b3696004973e8a4934365e0fcd0572279cc90431d46cf940e050bdb7Ubuntu Security Notice 2713-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.
768774b98eb2a5ba82afbe9b7d50455f736972f9f6e89abc3b4e3cdcc6c8ed0aDebian Linux Security Advisory 3336-1 - Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library.
c249f65af6b2ddadb404c102b050930cb56b50a78eca79a351276696247fa0deRed Hat Security Advisory 2015-1636-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd.
7e93f979c50653c313c0d7725efcdfce77a93450f3525440e259a4fdc114f124Red Hat Security Advisory 2015-1643-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system.
64b56961b11e579c77442a474bfb4e67749b8e972a2bad820f0435bd349ea30cRed Hat Security Advisory 2015-1641-03 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. A flaw was found in the way the mod_cluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the mod_cluster manager web interface.
618a04df343a2ac0c65ea8ade3b6b0f3b2e9336d31745962e7bb003463c800b8Red Hat Security Advisory 2015-1642-03 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. A flaw was found in the way the mod_cluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the mod_cluster manager web interface.
872fbaba86f701b849f2c8d43b7e548340d2b293c22880fd130ebf10972bd1f4Red Hat Security Advisory 2015-1640-01 - Pluggable Authentication Modules provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. It was discovered that the _unix_run_helper_binary() function of PAM's unix_pam module could write to a blocking pipe, possibly causing the function to become unresponsive. An attacker able to supply large passwords to the unix_pam module could use this flaw to enumerate valid user accounts, or cause a denial of service on the system.
1efe4270d8c7dd35ad1ec9516793be94aa0cfaddfbdf7a36b79693761a255168Debian Linux Security Advisory 3338-1 - Lin Hua Cheng discovered that a session could be created when anonymously accessing the django.contrib.auth.views.logout view. This could allow remote attackers to saturate the session store or cause other users' session records to be evicted.
d0aa6a2bb5cb2cb43926ccc501acf850fb3cf6bd6f887aff3c65bf928931e961Ubuntu Security Notice 2720-1 - Lin Hua Cheng discovered that Django incorrectly handled the session store. A remote attacker could use this issue to cause the session store to fill up, resulting in a denial of service.
031c9ddf641d1fb4ff7e8ec3f8f43084a5e73d1ebe810e51670ac88180695a65Debian Linux Security Advisory 3337-1 - Gustavo Grieco discovered a heap overflow in the processing of BMP images which may result in the execution of arbitrary code if a malformed image is opened.
05e0afa9d03681b8d8cfb2ff89b4860f5371bd5d95320bac6826acd16121f4c4Ubuntu Security Notice 2710-2 - USN-2710-1 fixed vulnerabilities in OpenSSH. The upstream fix for CVE-2015-5600 caused a regression resulting in random authentication failures in non-default configurations. This update fixes the problem.
dbda9e100a46c40bb0ca8616a4fedda0df6557ad341fda067189b0e11d1f3707
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed