Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
e196376e75fe21fdef41b4eaa27ce2e1b2b561e7f7b20328a8e96657cc4465fcThis Metasploit module exploits HP Data Protector Omniinet process on Windows only. This exploit invokes the install service function which allows an attacker to create a custom payload in the format of an executable. To ensure this works, the SMB server created in MSF must have a share called Omniback which has a subfolder i386.
3f3ee3bebaadc3f10e4f57cb6e085b314f160caf7c79688ef8fc177c8ea4eea2The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
20ae67ffabf90865fb2033d5c5e49bfb5fb485ffa6ff37910e8d7084c2236c74Digitalstrom Konfigurator version 1.10.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
c1222ada6c904eee3c1aae5b05d9e712fcff0d0139e72dc176f4270549e20f32my devolo version 1.2.8 suffers from an insecure data storage vulnerability.
415a9667d7875e4ffab1d65d9e2cf1a4f4419c8a28f4fcc72dddbb4c9b7a0e90HP Security Bulletin HPSBMU03573 1 - A potential security vulnerability has been identified with HPE System Management Homepage (SMH) on Windows and Linux. The vulnerability could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
0f9a8afa3e02fde39f49085d5941c36ef63fb1b0db9a70d41a775c34c9b30791HP Security Bulletin HPSBGN03580 1 - Potential security vulnerabilities have been identified in HP Data Protector that could allow the remote execution of code or the unauthorized disclosure of information. Revision 1 of this advisory.
fe555940ce11a58464ddf248fb5f34613b1577e3c29742dd8f78b82baddfc1deDebian Linux Security Advisory 3553-1 - Regis Leroy from Makina Corpus discovered that varnish, a caching HTTP reverse proxy, is vulnerable to HTTP smuggling issues, potentially resulting in cache poisoning or bypassing of access control policies.
bc657fff411ae02e679a1648904473ae77ce5c8698e470789184f8f669a61b43Debian Linux Security Advisory 3554-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor.
eaab15a54a41ea6970b80c6129c79cc7bf582d226649ce50c14c4881102bb949This Metasploit module exploits an arbitrary file upload vulnerability found in Advantech WebAccess 8.0. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the uploadImageCommon function in the UploadAjaxAction script allows unauthenticated callers to upload arbitrary code (instead of an image) to the server, which will then be executed under the high-privilege context of the IIS AppPool.
eb65f546694378db27ee102831851f498e62d4fb03e39ac60cfe0233903e6505Pcapteller is a tool designed for simple traffic manipulation and replay. The tool allows you to recreate a recorded network traffic scenario that occurred in a foreign network, as it really happened in yours. Basically, the tool reads network packets from a PCAP file, and it replaces a given IP address with one that fits your needs. Afterwards, the manipulated packets are injected into the network. The tool is useful if you want to recreate scenarios where computer attacks or malware infections occurred. Using such scenarios as a base, Pcapteller will make it look like everything is really happening in your network. Pcapteller can help you improving your blue team's network security monitoring skills, or creating network decoys during red team operations.
9817c5848356d1c681ec4d7673067caf73002458ea45865f096169c58e3f4474Red Hat Security Advisory 2016-0679-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 115. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
0340146d9888ba15286481bf065ec18c2d5a4ddf8079084b846383f0f04b7c15Ubuntu Security Notice 2953-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.49 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.10 has been updated to MySQL 5.6.30. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
9c12ded85963841122600225020c8b57b79a49ee77bbd119512b585e2069ce08phpLiteadmin version 1.9.6 suffers from cross site request forgery and cross site scripting vulnerabilities.
292be8d16f4261cf491c35a9bc824f7659e683907e5529a5962c98fc7707acbdGemtek CPE7000 WLTCS-106 suffers from authentication bypass and remote code execution vulnerabilities.
745cfcf489634daa60147be08fb47f037b6814b4b22fc0372c239b663d014cceThis python script generates bind shell shellcode for Linux x64.
da456f340343df29f1fbf4bb7a56af35e8d6ff0df790903d7442feff3a72fdd3This bulletin summary lists MS16-039 which has undergone a major revision increment.
0ac741de4428df0121953939d51fee062a375e8acec222ddc150a90301918fe7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed