exploit the possibilities
Showing 51 - 75 of 2,760 RSS Feed

Protocol Files

Red Hat Security Advisory 2018-3050-01
Posted Oct 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3050-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include Lucky Thirteen and other attack mitigations.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-10844, CVE-2018-10845, CVE-2018-10846
MD5 | ab7c6b4a8a0c21485c0e7921408ece0e
Ubuntu Security Notice USN-3801-1
Posted Oct 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3801-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass mixed content warnings, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, protocol
systems | linux, ubuntu
advisories | CVE-2018-12388, CVE-2018-12395, CVE-2018-12398, CVE-2018-12399, CVE-2018-12403
MD5 | 952c961245ddeace11587b0845c529ab
SIPPTS 1.2.2
Posted Oct 23, 2018
Authored by Pepelux

SIPPTS is a set of tools to audit VoIP servers and devices using the SIP protocol. It is a set of perl scripts that allow you to identify extensions, remotely crack passwords, check for missing authentication to make phone calls, and more.

tags | tool, perl, telephony, protocol
MD5 | 04a6889548bba8328cf1f425eb681298
Wireshark Analyzer 2.6.4
Posted Oct 12, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Multiple crash vulnerabilities fixed. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2018-18225, CVE-2018-18226, CVE-2018-18227
MD5 | 8aa7b8c8ce0b6ce4256a081493819d6f
OpenSCAP Libraries 1.3.0
Posted Oct 10, 2018
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Added Microsoft Windows CPEs. oscap-ssh can supply SSH options into an environment variable. Verbose mode is a global option in all modules. Various other updates.
tags | protocol, library
systems | unix
MD5 | 0bf56a97fe3c97e5af744adddcbc922c
TestSSL 3.0rc2
Posted Oct 10, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Partly addresses TCP fragmentation. Added name check for XMPP servers. Added support for STARTTLS LMTP. TLS 1.3 and OpenSSL 1.1.1 fixes.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 029f30f3ca7a6e138662ee6e8d60dffb
Red Hat Security Advisory 2018-2757-01
Posted Sep 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2757-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-10850, CVE-2018-10935, CVE-2018-14624, CVE-2018-14638
MD5 | 4de2faf1dde7d5b904b79ba0da69d9cd
Red Hat Security Advisory 2018-2731-01
Posted Sep 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2731-01 - The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. The spice-gtk packages provide a GIMP Toolkit widget for Simple Protocol for Independent Computing Environments clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. Issues addressed include buffer overflow and denial of service vulnerabilities.

tags | advisory, remote, denial of service, overflow, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2018-10873
MD5 | 8d40cb7f1ced83a4f4b7bd544cba91fd
Red Hat Security Advisory 2018-2732-01
Posted Sep 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2732-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. The spice-gtk packages provide a GIMP Toolkit widget for Simple Protocol for Independent Computing Environments clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. Issues addressed include buffer overflow and denial of service vulnerabilities.

tags | advisory, remote, denial of service, overflow, kernel, local, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2018-10873
MD5 | 863d33eb921de55d54e521471f3d6064
Chrome OS gRPC garcon Command Execution
Posted Sep 13, 2018
Authored by Jann Horn, Google Security Research

There is a variety of RPC communication channels between the Chrome OS host system and the crosvm guest. This bug report focuses on communication on TCP port 8889, which is used by the "garcon" service. garcon uses gRPC, which is an RPC protocol that sends protobufs over plaintext HTTP/2. (Other system components communicate with the VM over gRPC-over-vsock, but garcon uses gRPC-over-TCP.) For some command types, the TCP connection is initiated by the host; for others, it is initiated by the guest. Both guest and host are listening on [::]:8889; however, the iptables rules of the host prevent an outside host from simply connecting to those sockets. However, apps running on the host are not affected by such restrictions.

tags | exploit, web, tcp, protocol
MD5 | aff1ab159e8069bed85cefa1dff66810
OpenSSL Toolkit 1.1.1
Posted Sep 11, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added a new ClientHello callback. Added SM2 base algorithm support. Various other updates.
tags | tool, encryption, protocol
systems | unix
MD5 | 7079eb017429e0ffb9efb42bf80ccb21
TestSSL 2.9.5-7
Posted Sep 7, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This update contains a few bugfixes only.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 62c5148ca576b0ec7229775b1ec69720
TestSSL 2.9.5
Posted Sep 5, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This update contains a few bugfixes only.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | da5717d95120b32fc3d0a5fe80454f59
Red Hat Security Advisory 2018-2613-01
Posted Sep 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2613-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a null pointer vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-1050, CVE-2018-10858, CVE-2018-1139
MD5 | c1ede42b3f4f9b84a4c6fd7105077044
Red Hat Security Advisory 2018-2612-01
Posted Sep 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2612-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a null pointer vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2018-1050, CVE-2018-10858, CVE-2018-1139
MD5 | d0c322f7925a33849b04459b0e3337a1
Wireshark Analyzer 2.6.3
Posted Aug 31, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Reduce the Valgrind packet limit to 10,000 for Fuzz. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 716100be9027e735bba82a40db828abc
Red Hat Security Advisory 2018-2570-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2570-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-5740
MD5 | 51538ebca6acb42b0c4dd23594565fde
Red Hat Security Advisory 2018-2571-01
Posted Aug 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2571-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2018-5740
MD5 | ac2c868d9370e0325dea88a496720f41
Debian Security Advisory 4280-1
Posted Aug 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4280-1 - Dariusz Tytko, Michal Sajdak and Qualys Security discovered that OpenSSH, an implementation of the SSH protocol suite, was prone to a user enumeration vulnerability. This would allow a remote attacker to check whether a specific user account existed on the target server.

tags | advisory, remote, protocol
systems | linux, debian
advisories | CVE-2018-15473
MD5 | 3d0963b28013c21571d9d2aa7eafa911
Red Hat Security Advisory 2018-2526-01
Posted Aug 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2526-01 - Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Issues addressed include code execution and traversal vulnerabilities.

tags | advisory, vulnerability, imap, code execution, protocol
systems | linux, redhat
advisories | CVE-2018-14354, CVE-2018-14357, CVE-2018-14362
MD5 | dc82de352d6bc254fab3abc69c8876c0
Red Hat Security Advisory 2018-2524-01
Posted Aug 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2524-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include information exposure.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2018-1059
MD5 | 12640d6a05be546f7793f2c5633b93a2
OpenSSL Toolkit 1.1.0i
Posted Aug 17, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Addressed a client denial of service due to a large DH parameter addressed. Cache timing vulnerability fixed. Various other updates and fixes.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2018-0732, CVE-2018-0737
MD5 | 9495126aafd2659d357ea66a969c3fe1
Red Hat Security Advisory 2018-2317-01
Posted Aug 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2317-01 - XML-RPC is a way to make remote procedure calls over the Internet. It converts procedure calls into XML documents, sends them to a remote server using the HTTP protocol, and gets back the response as XML. Issues addressed include a deserialization vulnerability.

tags | advisory, remote, web, protocol
systems | linux, redhat
advisories | CVE-2016-5003
MD5 | 19c1f0116a68d7484fa0a5e62b46d00f
Red Hat Security Advisory 2018-2308-01
Posted Aug 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2308-01 - OpenSLP is an open source implementation of the Service Location Protocol which is an Internet Engineering Task Force standards track protocol and provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, protocol
systems | linux, redhat
advisories | CVE-2017-17833
MD5 | f935c99bbae2bc1e980eeb092cce4228
EMC NetWorker Insecure Transit
Posted Jul 30, 2018
Site emc.com

Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a clear-text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing Protocol (AMQP) component. User credentials are sent unencrypted to the remote AMQP service. An unauthenticated attacker in the same network collision domain, could potentially sniff the password from the network and use it to access the component using the privileges of the compromised user.

tags | advisory, remote, protocol
advisories | CVE-2018-11050
MD5 | 8fa258c990062b421d7f2ccfc60ca833
Page 3 of 111
Back12345Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    15 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close