Twenty Year Anniversary
Showing 76 - 100 of 1,082 RSS Feed

Python Files

Stegano 0.6.7
Posted Feb 23, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Added missing dependency in the setup.py file.
tags | tool, encryption, steganography, python
systems | unix
MD5 | a86c61ff8ca7e4e5b4c2d23d1497ebbe
Stegano 0.6.5
Posted Feb 18, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Added a command to list all available generators for the lsb-set module. Added a test when the data image is coming via byte stream, for the lsb module.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 1e5f7149efdbe891021f573c6ddbc446
Ubuntu Security Notice USN-3199-2
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-2 - USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit. Unfortunately, various programs depended on the original behavior of the Python Cryptography Toolkit which was altered when fixing the vulnerability. This update retains the fix for the vulnerability but issues a warning rather than throwing an exception. Code which produces this warning should be updated because future versions of the Python Cryptography Toolkit re-introduce the exception. Various other issues were also addressed.

tags | advisory, python
systems | linux, ubuntu
MD5 | 340428b2c433631648bcdd669fbbaccf
Ubuntu Security Notice USN-3199-1
Posted Feb 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-1 - It was discovered that the ALGnew function in block_templace.c in the Python Cryptography Toolkit contained a heap-based buffer overflow vulnerability. A remote attacker could use this flaw to execute arbitrary code by using a crafted initialization vector parameter.

tags | advisory, remote, overflow, arbitrary, python
systems | linux, ubuntu
MD5 | 0fa5ef4093d20bcb56084b1ba3f57d3b
Stegano 0.6.4
Posted Feb 8, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: A command line for the red module has been added. Fixed a bug in the lsb-set command line.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 2bf8e84f0e364bd8eb29908002536cdc
Mobius Forensic Toolkit 0.5.27
Posted Feb 1, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: New extension lshw-agent. Various other improvements.
tags | tool, python, forensics
MD5 | c63bfb52c519dbb44c724037201f6ede
Stegano 0.6.3
Posted Feb 1, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Support for transparent PNG images has been added (lsb and lsbset modules).
tags | tool, encryption, steganography, python
systems | unix
MD5 | edf049af0de135b84632221dc5a4bd43
Python 2.x Buffer Overflow
Posted Jan 23, 2017
Authored by sultan albalawi, Chaitanya Haritash

Python version 2.x suffers from a buffer overflow in the DecodeAdpcmImaQT function in the ctypes module.

tags | exploit, overflow, python
MD5 | c62627678ae4e681acfc632f6b86abe2
Stegano 0.6.2
Posted Jan 19, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Fixed a bug in the exifHeader hiding method.
tags | tool, encryption, steganography, python
systems | unix
MD5 | e25cb6d3a824a594a4a43c85304ca2d8
Debian Security Advisory 3743-2
Posted Jan 16, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3743-2 - The update for python-bottle issued as DSA-3743-1 would cause a crash if a unicode string was used as a header. Updated packages are now available to correct this issue.

tags | advisory, python
systems | linux, debian
MD5 | b43310eac758ee22166349328e67d14f
Gentoo Linux Security Advisory 201701-18
Posted Jan 10, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-18 - Multiple vulnerabilities have been found in Python, the worst of which could lead to arbitrary code execution. Versions less than 3.4.5 are affected.

tags | advisory, arbitrary, vulnerability, code execution, python
systems | linux, gentoo
advisories | CVE-2016-0772, CVE-2016-5636
MD5 | 315156d6f023be8c82f94026fb132b6f
PHPMailer Remote Code Execution
Posted Dec 29, 2016
Authored by anarc0der

PHPMailer versions prior to 5.2.18 remote code execution exploit. Written in python.

tags | exploit, remote, code execution, python
advisories | CVE-2016-10033
MD5 | 1071a3999c4f3f2e365fb7bb03a8bb35
Debian Security Advisory 3743-1
Posted Dec 20, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3743-1 - It was discovered that bottle, a WSGI-framework for the Python programming language, did not properly filter "\r\n" sequences when handling redirections. This allowed an attacker to perform CRLF attacks such as HTTP header injection.

tags | advisory, web, python
systems | linux, debian
advisories | CVE-2016-9964
MD5 | 23024fd9edf9fc5dddba4e7698685361
Ubuntu Security Notice USN-3157-1
Posted Dec 15, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3157-1 - Donncha O Cearbhaill discovered that the crash file parser in Apport improperly treated the CrashDB field as python code. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Donncha O Cearbhaill discovered that Apport did not properly sanitize the Package and SourcePackage fields in crash files before processing package specific hooks. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. Various other issues were also addressed.

tags | advisory, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2016-9949, CVE-2016-9950, CVE-2016-9951
MD5 | 67b555399730f2ee8248463e13814325
Red Hat Security Advisory 2016-2933
Posted Dec 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2933 - An update for python-XStatic-jquery-ui is now available for Red Hat OpenStack Platform 9.0 (Mitaka). Security Fix: It was found that a parameter of the dialog box feature of jQuery UI was vulnerable to cross site scripting. An attacker could use this flaw to execute a malicious script via the dialog box when it was displayed to a user.

tags | advisory, xss, python
systems | linux, redhat
advisories | CVE-2016-7103
MD5 | 3a67966724894e89a341f4814dcd580e
Red Hat Security Advisory 2016-2932-01
Posted Dec 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2932-01 - An update for python-XStatic-jquery-ui is now available for Red Hat OpenStack Platform 8.0 (Liberty). Security Fix: It was found that a parameter of the dialog box feature of jQuery UI was vulnerable to cross site scripting. An attacker could use this flaw to execute a malicious script via the dialog box when it was displayed to a user.

tags | advisory, xss, python
systems | linux, redhat
advisories | CVE-2016-7103
MD5 | 1cb3f4b95bde5aecb57e2e20df9a968b
Ubuntu Security Notice USN-3138-1
Posted Nov 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3138-1 - Markus Doering discovered that python-cryptography incorrectly handled certain HKDF lengths. This could result in python-cryptography returning an empty string instead of the expected derived key.

tags | advisory, python
systems | linux, ubuntu
advisories | CVE-2016-9243
MD5 | 7af8fd9033167a619d1f40c7d195fbcb
Blue Team Training Toolkit (BT3) 2.1
Posted Nov 23, 2016
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: New Mocksum module added, improved Maligno HTTP method support, minor adjustments.
tags | tool, python
systems | unix
MD5 | 4e79eb042eb823afaf5a229f2344c8fe
Ubuntu Security Notice USN-3134-1
Posted Nov 22, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3134-1 - It was discovered that the smtplib library in Python did not return an error when StartTLS fails. A remote attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, web, cgi, python
systems | linux, ubuntu
advisories | CVE-2016-0772, CVE-2016-1000110, CVE-2016-5636, CVE-2016-5699
MD5 | 0ce8a8b98671640d3e776ca2617dbc64
Red Hat Security Advisory 2016-2607-02
Posted Nov 4, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2607-02 - The powerpc-utils-python packages provide Python-based utilities for maintaining and servicing PowerPC systems. Security Fix: It was found that the amsvis command of the powerpc-utils-python package did not verify unpickled data before processing it. This could allow an attacker who can connect to an amsvis server process to execute arbitrary code as the user running the amsvis process.

tags | advisory, arbitrary, python
systems | linux, redhat
advisories | CVE-2014-8165
MD5 | ba6c75d947c853f1781181f0216f1991
Red Hat Security Advisory 2016-2592-02
Posted Nov 4, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2592-02 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform. The subscription-manager-migration-data package provides certificates for migrating a system from the legacy Red Hat Network Classic to Red Hat Subscription Management. The python-rhsm packages provide a library for communicating with the representational state transfer interface of a Red Hat Unified Entitlement Platform. The Subscription Management tools use this interface to manage system entitlements, certificates, and access to content.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2016-4455
MD5 | 424afbdd323d8fbca5417ca0c81d7abd
Red Hat Security Advisory 2016-2586-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2586-02 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later "import" statement could cause a heap overflow, leading to arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution, python
systems | linux, redhat
advisories | CVE-2016-5636
MD5 | 6a7880c1413ad2ea73746f9f5fd7fe89
Red Hat Security Advisory 2016-2582-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2582-02 - Nettle is a cryptographic library that is designed to fit easily in almost any context: In cryptographic toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like lsh or GnuPG, or even in kernel space. Security Fix: Multiple flaws were found in the way nettle implemented elliptic curve scalar multiplication. These flaws could potentially introduce cryptographic weaknesses into nettle's functionality.

tags | advisory, kernel, python
systems | linux, redhat
advisories | CVE-2015-8803, CVE-2015-8804, CVE-2015-8805, CVE-2016-6489
MD5 | b904965b4165784bbe76c8baa6406604
Scapy Packet Manipulation Tool 2.3.3
Posted Oct 18, 2016
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Various updates.
tags | tool, scanner, python
systems | unix
MD5 | 336d6832110efcf79ad30c9856ef5842
Mobius Forensic Toolkit 0.5.26
Posted Oct 10, 2016
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Tons of C++ API changes. Various other improvements.
tags | tool, python, forensics
MD5 | c8cfc5982d32602b5f1b357feee8f245
Page 4 of 44
Back23456Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close