the original cloud security
Showing 26 - 50 of 1,038 RSS Feed

Python Files

Red Hat Security Advisory 2017-0515-01
Posted Mar 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0515-01 - The ceph-ansible package provides Ansible playbooks for installing, maintaining, and upgrading Red Hat Ceph Storage. Ansible is a simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. The following packages have been upgraded to a later upstream version: ceph-installer, ansible, python-passlib, ceph-ansible.

tags | advisory, remote, python
systems | linux, redhat
advisories | CVE-2016-9587
MD5 | 406ba4d5193b8c629c1eb8b01606e6f8
Ubuntu Security Notice USN-3229-1
Posted Mar 13, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3229-1 - It was discovered that the Python Imaging Library incorrectly handled certain compressed text chunks in PNG images. A remote attacker could possibly use this issue to cause the Python Imaging Library to crash, resulting in a denial of service. Cris Neckar discovered that the Python Imaging Library incorrectly handled certain malformed images. A remote attacker could use this issue to cause the Python Imaging Library to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, python
systems | linux, ubuntu
advisories | CVE-2014-9601, CVE-2016-9189, CVE-2016-9190
MD5 | ff7e8c4d3fa12e9267ec54a73b0d553f
Stegano 0.6.9
Posted Mar 12, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Introduces some type hints (PEP 484). More tests for the generators and for the tools module. Updated descriptions of generators. Fixed a bug with a generator that has been previously renamed.
tags | tool, encryption, steganography, python
systems | unix
MD5 | fdcde58c8b8ee2fc03f15bd0ea242da6
Stegano 0.6.8
Posted Mar 9, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Fixed an error when revealing a hidden binary file in an image.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 52f57be3040e681abd2d814ce9196afa
Blue Team Training Toolkit (BT3) 2.1.1
Posted Mar 8, 2017
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: Fixed bug that prevented Pcapteller from starting. Minor adjustments.
tags | tool, python
systems | unix
MD5 | 9e80b57fa469742c6dd00630f671e505
Java / Python FTP URL Handling XXE / SSRF
Posted Feb 24, 2017
Authored by Timothy D. Morgan

Java and Python both have URL handling code that can be leveraged for XML external entity (XXE) injection and SSRF attacks.

tags | advisory, java, python
MD5 | b46f35be652c08f2529c29a9fccd6755
Stegano 0.6.7
Posted Feb 23, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Added missing dependency in the setup.py file.
tags | tool, encryption, steganography, python
systems | unix
MD5 | a86c61ff8ca7e4e5b4c2d23d1497ebbe
Stegano 0.6.5
Posted Feb 18, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Added a command to list all available generators for the lsb-set module. Added a test when the data image is coming via byte stream, for the lsb module.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 1e5f7149efdbe891021f573c6ddbc446
Ubuntu Security Notice USN-3199-2
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-2 - USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit. Unfortunately, various programs depended on the original behavior of the Python Cryptography Toolkit which was altered when fixing the vulnerability. This update retains the fix for the vulnerability but issues a warning rather than throwing an exception. Code which produces this warning should be updated because future versions of the Python Cryptography Toolkit re-introduce the exception. Various other issues were also addressed.

tags | advisory, python
systems | linux, ubuntu
MD5 | 340428b2c433631648bcdd669fbbaccf
Ubuntu Security Notice USN-3199-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-1 - It was discovered that the ALGnew function in block_templace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. A remote attacker could use this flaw to execute arbitrary code by using a crafted initialization vector parameter.

tags | advisory, remote, overflow, arbitrary, python
systems | linux, ubuntu
MD5 | 0fa5ef4093d20bcb56084b1ba3f57d3b
Stegano 0.6.4
Posted Feb 8, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: A command line for the red module has been added. Fixed a bug in the lsb-set command line.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 2bf8e84f0e364bd8eb29908002536cdc
Mobius Forensic Toolkit 0.5.27
Posted Feb 1, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: New extension lshw-agent. Various other improvements.
tags | tool, python, forensics
MD5 | c63bfb52c519dbb44c724037201f6ede
Stegano 0.6.3
Posted Feb 1, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Support for transparent PNG images has been added (lsb and lsbset modules).
tags | tool, encryption, steganography, python
systems | unix
MD5 | edf049af0de135b84632221dc5a4bd43
Python 2.x Buffer Overflow
Posted Jan 23, 2017
Authored by sultan albalawi, Chaitanya Haritash

Python version 2.x suffers from a buffer overflow in the DecodeAdpcmImaQT function in the ctypes module.

tags | exploit, overflow, python
MD5 | c62627678ae4e681acfc632f6b86abe2
Stegano 0.6.2
Posted Jan 19, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Fixed a bug in the exifHeader hiding method.
tags | tool, encryption, steganography, python
systems | unix
MD5 | e25cb6d3a824a594a4a43c85304ca2d8
Debian Security Advisory 3743-2
Posted Jan 16, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3743-2 - The update for python-bottle issued as DSA-3743-1 would cause a crash if a unicode string was used as a header. Updated packages are now available to correct this issue.

tags | advisory, python
systems | linux, debian
MD5 | b43310eac758ee22166349328e67d14f
Gentoo Linux Security Advisory 201701-18
Posted Jan 10, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-18 - Multiple vulnerabilities have been found in Python, the worst of which could lead to arbitrary code execution. Versions less than 3.4.5 are affected.

tags | advisory, arbitrary, vulnerability, code execution, python
systems | linux, gentoo
advisories | CVE-2016-0772, CVE-2016-5636
MD5 | 315156d6f023be8c82f94026fb132b6f
PHPMailer Remote Code Execution
Posted Dec 29, 2016
Authored by anarc0der

PHPMailer versions prior to 5.2.18 remote code execution exploit. Written in python.

tags | exploit, remote, code execution, python
advisories | CVE-2016-10033
MD5 | 1071a3999c4f3f2e365fb7bb03a8bb35
Debian Security Advisory 3743-1
Posted Dec 20, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3743-1 - It was discovered that bottle, a WSGI-framework for the Python programming language, did not properly filter "\r\n" sequences when handling redirections. This allowed an attacker to perform CRLF attacks such as HTTP header injection.

tags | advisory, web, python
systems | linux, debian
advisories | CVE-2016-9964
MD5 | 23024fd9edf9fc5dddba4e7698685361
Ubuntu Security Notice USN-3157-1
Posted Dec 15, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3157-1 - Donncha O Cearbhaill discovered that the crash file parser in Apport improperly treated the CrashDB field as python code. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Donncha O Cearbhaill discovered that Apport did not properly sanitize the Package and SourcePackage fields in crash files before processing package specific hooks. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. Various other issues were also addressed.

tags | advisory, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2016-9949, CVE-2016-9950, CVE-2016-9951
MD5 | 67b555399730f2ee8248463e13814325
Red Hat Security Advisory 2016-2933
Posted Dec 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2933 - An update for python-XStatic-jquery-ui is now available for Red Hat OpenStack Platform 9.0 (Mitaka). Security Fix: It was found that a parameter of the dialog box feature of jQuery UI was vulnerable to cross site scripting. An attacker could use this flaw to execute a malicious script via the dialog box when it was displayed to a user.

tags | advisory, xss, python
systems | linux, redhat
advisories | CVE-2016-7103
MD5 | 3a67966724894e89a341f4814dcd580e
Red Hat Security Advisory 2016-2932-01
Posted Dec 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2932-01 - An update for python-XStatic-jquery-ui is now available for Red Hat OpenStack Platform 8.0 (Liberty). Security Fix: It was found that a parameter of the dialog box feature of jQuery UI was vulnerable to cross site scripting. An attacker could use this flaw to execute a malicious script via the dialog box when it was displayed to a user.

tags | advisory, xss, python
systems | linux, redhat
advisories | CVE-2016-7103
MD5 | 1cb3f4b95bde5aecb57e2e20df9a968b
Ubuntu Security Notice USN-3138-1
Posted Nov 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3138-1 - Markus Doering discovered that python-cryptography incorrectly handled certain HKDF lengths. This could result in python-cryptography returning an empty string instead of the expected derived key.

tags | advisory, python
systems | linux, ubuntu
advisories | CVE-2016-9243
MD5 | 7af8fd9033167a619d1f40c7d195fbcb
Blue Team Training Toolkit (BT3) 2.1
Posted Nov 23, 2016
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: New Mocksum module added, improved Maligno HTTP method support, minor adjustments.
tags | tool, python
systems | unix
MD5 | 4e79eb042eb823afaf5a229f2344c8fe
Ubuntu Security Notice USN-3134-1
Posted Nov 22, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3134-1 - It was discovered that the smtplib library in Python did not return an error when StartTLS fails. A remote attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, web, cgi, python
systems | linux, ubuntu
advisories | CVE-2016-0772, CVE-2016-1000110, CVE-2016-5636, CVE-2016-5699
MD5 | 0ce8a8b98671640d3e776ca2617dbc64
Page 2 of 42
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close