Twenty Year Anniversary
Showing 1 - 25 of 2,721 RSS Feed

Protocol Files

Red Hat Security Advisory 2018-3522-01
Posted Nov 8, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3522-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Issues addressed include a buffer overflow vulnerability.

tags | advisory, remote, overflow, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2017-7506
MD5 | 24eb3ab5c01cfe4fdd69858d462761c2
Ubuntu Security Notice USN-3810-1
Posted Nov 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3810-1 - Ivan Gotovchits discovered that ppp incorrectly handled the EAP-TLS protocol. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly bypass authentication.

tags | advisory, remote, denial of service, protocol
systems | linux, ubuntu
advisories | CVE-2018-11574
MD5 | bea0355887912e2020914ed77fd7dedf
Red Hat Security Advisory 2018-3507-01
Posted Nov 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3507-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-14648
MD5 | af41ce9ebede880a01bb8822db4239b0
Red Hat Security Advisory 2018-3500-01
Posted Nov 5, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3500-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a buffer over-read vulnerability.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2018-17204, CVE-2018-17205, CVE-2018-17206
MD5 | 86abc3e451b118488a62522bda270260
Red Hat Security Advisory 2018-3406-01
Posted Oct 31, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3406-01 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability.

tags | advisory, remote, arbitrary, protocol, python, bypass
systems | linux, redhat
advisories | CVE-2018-1000805
MD5 | 63cb15b1b8c7c0d8a5f07a72241a9099
Red Hat Security Advisory 2018-3347-01
Posted Oct 31, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3347-01 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability.

tags | advisory, remote, arbitrary, protocol, python, bypass
systems | linux, redhat
advisories | CVE-2018-1000805
MD5 | fb12de1ca589b8cea0907a5e1db23b4c
Red Hat Security Advisory 2018-3127-01
Posted Oct 31, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3127-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-14648
MD5 | b6100114a02cf1b0155224c7ddca1fe0
Red Hat Security Advisory 2018-3221-01
Posted Oct 31, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3221-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-3735, CVE-2018-0495, CVE-2018-0732, CVE-2018-0737, CVE-2018-0739
MD5 | 93916b2adeb03f0b0cd24738dda507b5
Red Hat Security Advisory 2018-3249-01
Posted Oct 31, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3249-01 - The setup package contains a set of important default system configuration and setup files. Examples include /etc/passwd, /etc/group, and /etc/profile. Other examples are the default lists of reserved user IDs, reserved ports, reserved protocols, allowed shells, allowed secure terminals. Issues addressed include a nologin listed in /etc/shells violating security expectations.

tags | advisory, shell, protocol
systems | linux, redhat
advisories | CVE-2018-1113
MD5 | 052b4472e8b5b2610c2c96b2ebfb3f33
Red Hat Security Advisory 2018-3157-01
Posted Oct 31, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3157-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. The nss-pem package provides the PEM file reader for Network Security Services implemented as a PKCS#11 module. Issues addressed include denial of service, null pointer, and out of bounds write vulnerabilities.

tags | advisory, web, denial of service, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2018-1000007, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000301
MD5 | 64fd2f3db9f57d9a15f45dfcc25f6450
Red Hat Security Advisory 2018-3056-01
Posted Oct 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3056-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a null pointer vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-1050, CVE-2018-10858, CVE-2018-1139
MD5 | e633af0b2ea9d3bf7bf0fc56872d8771
Red Hat Security Advisory 2018-3052-01
Posted Oct 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3052-01 - The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Issues addressed include cookie injection.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2018-0494
MD5 | d5ed6fa7178616584ee6a9e28a703217
Red Hat Security Advisory 2018-3050-01
Posted Oct 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3050-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include Lucky Thirteen and other attack mitigations.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-10844, CVE-2018-10845, CVE-2018-10846
MD5 | ab7c6b4a8a0c21485c0e7921408ece0e
Ubuntu Security Notice USN-3801-1
Posted Oct 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3801-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass mixed content warnings, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, protocol
systems | linux, ubuntu
advisories | CVE-2018-12388, CVE-2018-12395, CVE-2018-12398, CVE-2018-12399, CVE-2018-12403
MD5 | 952c961245ddeace11587b0845c529ab
SIPPTS 1.2.2
Posted Oct 23, 2018
Authored by Pepelux

SIPPTS is a set of tools to audit VoIP servers and devices using the SIP protocol. It is a set of perl scripts that allow you to identify extensions, remotely crack passwords, check for missing authentication to make phone calls, and more.

tags | tool, perl, telephony, protocol
MD5 | 04a6889548bba8328cf1f425eb681298
Wireshark Analyzer 2.6.4
Posted Oct 12, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Multiple crash vulnerabilities fixed. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2018-18225, CVE-2018-18226, CVE-2018-18227
MD5 | 8aa7b8c8ce0b6ce4256a081493819d6f
OpenSCAP Libraries 1.3.0
Posted Oct 10, 2018
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Added Microsoft Windows CPEs. oscap-ssh can supply SSH options into an environment variable. Verbose mode is a global option in all modules. Various other updates.
tags | protocol, library
systems | unix
MD5 | 0bf56a97fe3c97e5af744adddcbc922c
Red Hat Security Advisory 2018-2757-01
Posted Sep 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2757-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-10850, CVE-2018-10935, CVE-2018-14624, CVE-2018-14638
MD5 | 4de2faf1dde7d5b904b79ba0da69d9cd
Red Hat Security Advisory 2018-2731-01
Posted Sep 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2731-01 - The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. The spice-gtk packages provide a GIMP Toolkit widget for Simple Protocol for Independent Computing Environments clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. Issues addressed include buffer overflow and denial of service vulnerabilities.

tags | advisory, remote, denial of service, overflow, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2018-10873
MD5 | 8d40cb7f1ced83a4f4b7bd544cba91fd
Red Hat Security Advisory 2018-2732-01
Posted Sep 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2732-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. The spice-gtk packages provide a GIMP Toolkit widget for Simple Protocol for Independent Computing Environments clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. Issues addressed include buffer overflow and denial of service vulnerabilities.

tags | advisory, remote, denial of service, overflow, kernel, local, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2018-10873
MD5 | 863d33eb921de55d54e521471f3d6064
Chrome OS gRPC garcon Command Execution
Posted Sep 13, 2018
Authored by Jann Horn, Google Security Research

There is a variety of RPC communication channels between the Chrome OS host system and the crosvm guest. This bug report focuses on communication on TCP port 8889, which is used by the "garcon" service. garcon uses gRPC, which is an RPC protocol that sends protobufs over plaintext HTTP/2. (Other system components communicate with the VM over gRPC-over-vsock, but garcon uses gRPC-over-TCP.) For some command types, the TCP connection is initiated by the host; for others, it is initiated by the guest. Both guest and host are listening on [::]:8889; however, the iptables rules of the host prevent an outside host from simply connecting to those sockets. However, apps running on the host are not affected by such restrictions.

tags | exploit, web, tcp, protocol
MD5 | aff1ab159e8069bed85cefa1dff66810
OpenSSL Toolkit 1.1.1
Posted Sep 11, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added a new ClientHello callback. Added SM2 base algorithm support. Various other updates.
tags | tool, encryption, protocol
systems | unix
MD5 | 7079eb017429e0ffb9efb42bf80ccb21
TestSSL 2.9.5-7
Posted Sep 7, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This update contains a few bugfixes only.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 62c5148ca576b0ec7229775b1ec69720
TestSSL 2.9.5
Posted Sep 5, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This update contains a few bugfixes only.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | da5717d95120b32fc3d0a5fe80454f59
Red Hat Security Advisory 2018-2613-01
Posted Sep 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2613-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a null pointer vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-1050, CVE-2018-10858, CVE-2018-1139
MD5 | c1ede42b3f4f9b84a4c6fd7105077044
Page 1 of 109
Back12345Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close