what you don't know can hurt you
Showing 1 - 25 of 1,313 RSS Feed

Python Files

Scapy Packet Manipulation Tool 2.4.5
Posted Apr 20, 2021
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: 354 commits to Core master since last release. There is a new interfaces system, multiple bug fixes, and more.
tags | tool, scanner, python
systems | unix
MD5 | 7bf39994a6f476ecef96ff125ab18fe0
Red Hat Security Advisory 2021-1246-01
Posted Apr 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1246-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

tags | advisory, kernel, crypto, protocol, python
systems | linux, redhat
advisories | CVE-2021-20305
MD5 | d037bc355b3b1e959cc8db553011cbc2
Red Hat Security Advisory 2021-1245-01
Posted Apr 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1245-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

tags | advisory, kernel, crypto, protocol, python
systems | linux, redhat
advisories | CVE-2021-20305
MD5 | 27824832d2a475dc12ab656b6c1bf483
nfstream 6.2.6
Posted Apr 15, 2021
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Added support for pcapng format. Added pypy3.7 support. Improved error handling. nDPI updated and minor fixes.
tags | tool, python
systems | unix
MD5 | d988670353e4ddc6d45e557a2e5c294d
Red Hat Security Advisory 2021-1206-01
Posted Apr 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1206-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

tags | advisory, kernel, crypto, protocol, python
systems | linux, redhat
advisories | CVE-2021-20305
MD5 | 390532b6ce55a0e44ef5ab6f18499ef8
Red Hat Security Advisory 2021-1145-01
Posted Apr 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1145-01 - Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

tags | advisory, kernel, crypto, python
systems | linux, redhat
advisories | CVE-2021-20305
MD5 | 5a8992527f5a06417d8b841c91b0cbf1
SaltStack Salt API Unauthenticated Remote Command Execution
Posted Apr 1, 2021
Authored by Christophe de la Fuente, Alex Seymour | Site metasploit.com

This Metasploit module leverages an authentication bypass and directory traversal vulnerabilities in Saltstack Salt's REST API to execute commands remotely on the master as the root user. Every 60 seconds, salt-master service performs a maintenance process check that reloads and executes all the grains on the master, including custom grain modules in the Extension Module directory. So, this module simply creates a Python script at this location and waits for it to be executed. The time interval is set to 60 seconds by default but can be changed in the master configuration file with the loop_interval option. Note that, if an administrator executes commands locally on the master, the maintenance process check will also be performed. It has been fixed in the following installation packages: 3002.5, 3001.6 and 3000.8. Also, a patch is available for the following versions: 3002.2, 3001.4, 3000.6, 2019.2.8, 2019.2.5, 2018.3.5, 2017.7.8, 2016.11.10, 2016.11.6, 2016.11.5, 2016.11.3, 2016.3.8, 2016.3.6, 2016.3.4, 2015.8.13 and 2015.8.10. This module has been tested successfully against versions 3001.4, 3002 and 3002.2 on Ubuntu 18.04.

tags | exploit, root, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2021-25281, CVE-2021-25282
MD5 | c836d9acbeb076642702599310fe13a4
Scapy Packet Manipulation Tool 2.4.5rc1
Posted Mar 31, 2021
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Release candidate 1 for 2.4.5. Various updates.
tags | tool, scanner, python
systems | unix
MD5 | e11cb37c83f2b1c1179aa293e1b53b81
Red Hat Security Advisory 2021-0933-01
Posted Mar 18, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0933-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2020-13254
MD5 | 51a173aae020dc0343be6cefcaf53dd2
Red Hat Security Advisory 2021-0915-01
Posted Mar 18, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0915-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2020-13254
MD5 | 9248d5dd4fb5b69e301f121b48884a04
Red Hat Security Advisory 2021-0881-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0881-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-20907
MD5 | 659f29f2f9f919e936fda737c6ffcfa8
Ubuntu Security Notice USN-4754-3
Posted Mar 12, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4754-3 - USN-4754-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. In the case of Python 2.7 for 20.04 ESM, these additional fixes are included: It was discovered that Python allowed remote attackers to cause a denial of service via a ZIP bomb. It was discovered that Python had potentially misleading information about whether sorting occurs. This fix updates the documentation about it. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2019-17514, CVE-2019-20907, CVE-2019-9674, CVE-2020-26116, CVE-2020-27619, CVE-2020-8492
MD5 | 67d5415d4b4e952d651e9fc905a209c3
Red Hat Security Advisory 2021-0761-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0761-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-20907
MD5 | 5a30dddc6840778503651e549098fa2a
Ubuntu Security Notice USN-4754-4
Posted Mar 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4754-4 - USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for CVE-2021-3177. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2021-3177
MD5 | 6c6bc4e280c087eaec3deb827504f9bd
Ubuntu Security Notice USN-4754-2
Posted Feb 26, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4754-2 - USN-4754-1 fixed a vulnerability in Python. The fix for CVE-2021-3177 introduced a regression in Python 2.7. This update reverts the security fix pending further investigation. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary, python
systems | linux, ubuntu
MD5 | c58459cb7018d68bd66024f925f30d8f
Ubuntu Security Notice USN-4754-1
Posted Feb 26, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4754-1 - It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2020-27619
MD5 | fcb1f44f76f6b77579ed4d79f1e90403
Python jsonpickle 2.0.0 Remote Code Execution
Posted Feb 24, 2021
Authored by Shay Reuven, Adi Malyanker

Python jsonpickle version 2.0.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution, python
MD5 | 7f823e00e2ad92c744d0d31059e24f72
Red Hat Security Advisory 2021-0528-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0528-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-20907
MD5 | a7ad9920bac87ab50a03bd6ddb993bea
Gentoo Linux Security Advisory 202101-18
Posted Jan 25, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-18 - Multiple vulnerabilities have been found in Python, the worst of which could result in the arbitrary execution of code. Versions less than 2.7.18-r6:2.7 are affected.

tags | advisory, arbitrary, vulnerability, python
systems | linux, gentoo
advisories | CVE-2020-26116, CVE-2021-3177
MD5 | 89a248016035f11533fe205791880204
Ubuntu Security Notice USN-4668-4
Posted Jan 12, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4668-4 - USN-4668-1 fixed a vulnerability in python-apt. This update provides the corresponding update for Ubuntu 14.04 ESM. Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local, python
systems | linux, ubuntu
advisories | CVE-2020-27351
MD5 | 547dc78aa1e891e8e1a6f4156108a0f0
Ubuntu Security Notice USN-4668-3
Posted Jan 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4668-3 - USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local, vulnerability, python
systems | linux, ubuntu
MD5 | a029e69b2f2fd6b5ff7a56f554dcb47f
Erlang Bytecode String Converter
Posted Dec 21, 2020
Authored by Jeremy Brown

estr2bc is a python script to convert arbitrary string input to Erlang bytecode.

tags | tool, arbitrary, python
systems | unix
MD5 | 095fa28eaa19faca6a6c82b238094580
Red Hat Security Advisory 2020-5571-01
Posted Dec 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5571-01 - python-XStatic-Bootstrap-SCSS is the Bootstrap-SCSS JavaScript library packaged for setuptools / pip. Issues addressed include a cross site scripting vulnerability.

tags | advisory, javascript, xss, python
systems | linux, redhat
advisories | CVE-2016-10735, CVE-2018-14042, CVE-2018-20676, CVE-2018-20677, CVE-2019-8331
MD5 | 739b2e46eeec9bdd86917d46ad43ede4
Red Hat Security Advisory 2020-5581-01
Posted Dec 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5581-01 - python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability, code execution, python
systems | linux, redhat
advisories | CVE-2019-11358
MD5 | bd946b390d9987f8f45223214602819b
Red Hat Security Advisory 2020-5412-01
Posted Dec 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5412-01 - python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools. Issues addressed include a code execution vulnerability.

tags | advisory, javascript, code execution, python
systems | linux, redhat
advisories | CVE-2020-11023
MD5 | 21e73315192b13aed7b1e70867c71f8b
Page 1 of 53
Back12345Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    1 Files
  • 18
    Apr 18th
    1 Files
  • 19
    Apr 19th
    19 Files
  • 20
    Apr 20th
    18 Files
  • 21
    Apr 21st
    30 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close