aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
8ae08a7c28741f6ace2769267112053366550e7f746477081188ad38410383caPacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
ef569376dbacd8bce18c6b0335a0251083a0da8a8e338934489e493985fe1afbIBM QRadar SIEM has three vulnerabilities in the Forensics web application that when chained together allow an attacker to achieve unauthenticated remote code execution. The first stage bypasses authentication by fixating session cookies. The second stage uses those authenticated sessions cookies to write a file to disk and execute that file as the "nobody" user. The third and final stage occurs when the file executed as "nobody" writes an entry into the database that causes QRadar to execute a shell script controlled by the attacker as root within the next minute. Details about these vulnerabilities can be found in the advisories listed in References. The Forensics web application is disabled in QRadar Community Edition, but the code still works, so these vulnerabilities can be exploited in all flavors of QRadar. This Metasploit module was tested with IBM QRadar CE 7.3.0 and 7.3.1. IBM has confirmed versions up to 7.2.8 patch 12 and 7.3.1 patch 3 are vulnerable. Due to payload constraints, this module only runs a generic/shell_reverse_tcp payload.
3d8c4d902558e74f1ecb7dc3aab2036af92311ee73dceacaf719150db4d51a4cMonstra CMS 3.0.4 allows users to upload arbitrary files which leads to remote command execution on the remote server. An attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against Monstra CMS 3.0.4.
1887578bc1177ca40a87f7026a635f2de84eb4fde318ce454bb39c39bf591148Red Hat Security Advisory 2018-2164-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, information leakage, and use-after-free vulnerabilities.
7852e925dd5f5153564fcf9e4a0d1cb0d3d29a3dcb3a7fdea59716c122549f34Red Hat Security Advisory 2018-2162-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a bypass vulnerability.
447160db70c5cc5791b15947f32140f964d20e80560f640b85b6cf2791abd22cRed Hat Security Advisory 2018-2161-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
c131c089623f51e9c103eae3ec02b08e3dbc66cd86e04e4808bdcfcf6998a648
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed