iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.
4d83efd879d80138550cbc7329d2b20a57b75210a7d1040b252910cacb17fb18
This bulletin summary lists two bulletins that have undergone a major revision increment for February, 2016.
89eb2daa8e73bb575d22a9e776da4ada0d66651dd364474ae688e1d3e67b3359
ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.
b5bc4a79fc52f0333822e3b932c76b81c22257fb3dae82b4f98935d220c186ce
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
d93ac16aade5b4d37ab8cdf6ce4b855835096ccf83deb65ffdeff6d666eaff36
Debian Linux Security Advisory 3480-1 - Several vulnerabilities have been fixed in the GNU C Library, eglibc.
f21bc37873b6d3f878293b24b50bceadf6e2f468ced587d39dcdaea3989a7fc3
Ubuntu Security Notice 2899-1 - It was discovered that LibreOffice incorrectly handled LWP document files. If a user were tricked into opening a specially crafted LWP document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code.
f95a1af1cf1d97dc44ae03be978260260030bfa3db681c00ec0be3f68b0cef30
Red Hat Security Advisory 2016-0225-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module.
36bb67815bd7e37f3beda38548970f1dc500e60b18ee2344ee80be50c5f3fdc6
Red Hat Security Advisory 2016-0176-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module.
cb26d916df37d2282250c405f15e20226153e6df9e8e3e0b9d8911eda607768a
Red Hat Security Advisory 2016-0175-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module.
250da49162f89ae85605b47646659f001c5b45318d448d14ed1f4d5a1b608c74
Redaxo CMS version 5.0.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
58872f982df928318a4cb6b46edbd08e6a1402810a83f6f9f3adffa56501e2dc
TOTVS RM PORTAL suffers from multiple cross site scripting vulnerabilities. The vendor has not responded to reports.
d1e1efd5672a465ab411b93f67845833725772fa6b91c133b1dcd9b880e852d2
phpMyBackupPro version 2.5 suffers from remote command execution and cross site request forgery vulnerabilities.
15b9107732b5558a738085c34214eff5335f320ba47d355c47d18884606d6f5d
phpMyBackupPro version 2.5 suffers from a remote shell upload vulnerability.
50e0dd607fcedc615a8d0c0bb3ddd9ce81b3c8539d4cc0cf6c76e00f347911ce
phpMyBackupPro version 2.5 suffers from multiple cross site scripting vulnerabilities.
b0f8b42735d7a0883a11e14cc8433ac6387e9932da299ce455a9ec13f775bae2
Microsoft afd.sys version 6.1.7600.16385 suffers from a dangling pointer privilege escalation vulnerability. This exploit demonstrates the vulnerability discussed in MS14-040.
43aecafba8f866db9836e1cf4df9c1bc15350cd135f9e99abda52e36dca71d06
smbgrind.exe suffers from a buffer overflow vulnerability.
a6cc32b60c5b420033593bbd7a0064d9e918dd7334c279a954bb80f532def656
Manage Engine OPutils version 8.0 suffers from an authorization bypass vulnerability due to a missing function level access control.
b9e7e86ebc2d1e55dc5329a95efdaca283be5268b1a3a03b374a5d737c611082
Ntpd versions ntp-4.2.6p5 and below ctl_putdata() buffer overflow exploit.
20c1ff267a8bcac5da58926e1274d79d39784fce12793f29a8cdf27998079989
Manage Engine OPutils version 8.0 suffers from a privilege escalation vulnerability.
b977e013fda04f44e8af632bcc03cc1219b52ae3d3bd69ffba3b620b6a52c170
Manage Engine OPutils version 8.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
733c28616c1891158bef1795b1d8b042f1e58ddc0cd0991868a9f08d50bd3559
FireEye FX, AX, NX, and EX products suffer from an analysis bypass vulnerability.
449aafd21ac2669413a7bfe12b72b0a0409a12dace2cd2b57d2a5622aa29d505
SAP PCo versions 2.2, 2.3, 15.0, and 15.1 suffer from a denial of service vulnerability.
39b8bca8d12d613256ed16b6471e91e8cda9378908f629e973648bcbe9a349be
Red Hat Security Advisory 2016-0224-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
00ab730508d67ce6b518ba890134a1d1d8898a4574f922bc1006d89b31f85489
Ubuntu Security Notice 2855-2 - USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem.
7086d756a9e42b4c4cfa8d6023f2eaf650513adb4854120cd3732d1c818288b0
Red Hat Security Advisory 2016-0212-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
b771c9eefb04a0bae6b27307e6c6f3a2e4d927b2ee673b81a19677837f66263c