what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2024-08-02

Zeek 6.0.5
Posted Aug 2, 2024
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release addresses 4 issues. The Mozilla CA and Google CT lists were updated to their latest versions. Connection IDs now correctly propagate into files.log. A rare crash in CAF that happened when shutting down Zeek was resolved. Binary addresses passed to Zeekctl were previously assumed to be valid unicode, which was not always the case. Some additional checking was added to ensure that is the case and to provide better error messaging when it is not.
tags | tool, intrusion detection
systems | unix
SHA-256 | 17333748eb6ab56a11a7027eba925e82f58b2d38176ac24b6fa3354b41993fe3
Ubuntu Security Notice USN-6942-1
Posted Aug 2, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6942-1 - It was discovered that Gross incorrectly handled memory when composing log entries. An attacker could possibly use this issue to cause Gross to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-52159
SHA-256 | feb2f237b27e68ffb24d8a4d362b5ae5b9244219d8230adee41aad3672240643
Ubuntu Security Notice USN-6943-1
Posted Aug 2, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6943-1 - It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected tomcat8 for Ubuntu 18.04 LTS It was discovered that Tomcat incorrectly handled certain HTTP/2 connection requests. A remote attacker could use this issue to obtain wrong responses possibly containing sensitive information. This issue only affected tomcat8 for Ubuntu 18.04 LTS

tags | advisory, remote, web, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-9484, CVE-2021-25122, CVE-2021-41079, CVE-2022-23181, CVE-2022-29885
SHA-256 | f0aa0eff0ede3e5e3704517eb7ba3f99160da85aee66c59e0606b7a0e59f71b9
Packet Storm New Exploits For July, 2024
Posted Aug 2, 2024
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 105 exploits added to Packet Storm in July, 2024.

tags | exploit
SHA-256 | ed3100062dccd204225c57e2bfca387cb694af9154705c4edf36706d394e8ec8
Caterease SQL Injection / Command Injection / Bypass
Posted Aug 2, 2024
Authored by Calvin Star, Austin Henderson, jTag Labs

This is the official vulnerability disclosure report for CVEs CVE-2024-38881 through CVE-2024-38891 by jTag Labs. This report details critical security vulnerabilities found within Caterease, a product of Horizon Business Services Inc. These vulnerabilities have significant implications for the confidentiality, integrity, and availability of the software and the sensitive data it handles. The issues include problems like remote SQL injection, command injection, authentication bypass, hard-coded credentials, and more.

tags | advisory, paper, remote, vulnerability, code execution, sql injection, bypass, info disclosure
advisories | CVE-2024-38881, CVE-2024-38882, CVE-2024-38883, CVE-2024-38884, CVE-2024-38885, CVE-2024-38886, CVE-2024-38887, CVE-2024-38888, CVE-2024-38889, CVE-2024-38890, CVE-2024-38891
SHA-256 | 922dd24931dfc780dbe72f5070222b4450361d9b42c8b9a975582549453b4573
Tourism Management System 2.0 Cross Site Scripting
Posted Aug 2, 2024
Authored by Sampath Kumar Kadajari

Tourism Management System version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2024-41333
SHA-256 | 6a6ea6ff0446e61f5a321b7cbbcd79e00b45d07a8609be34e9aff3443d2f5e5e
Computer Laboratory Management System 1.0 Privilege Escalation
Posted Aug 2, 2024
Authored by Sampath Kumar Kadajari

Computer Laboratory Management System version 1.0 suffers from an incorrect access control that allows for privilege escalation.

tags | exploit
advisories | CVE-2024-41332
SHA-256 | 3993bf953169c9693309f12504dc8d422d5a33116865a83135e3a0dd9befb630
Ubuntu Security Notice USN-6909-2
Posted Aug 2, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6909-2 - USN-6909-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 18.04 LTS. Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large number of RRs existing at the same time. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-1737, CVE-2024-1975
SHA-256 | 06bca4f6d5a9f305cf07f48c14000e2250516db86891e6a4647f465a1667e725
Leads Manager Tool SQL Injection / Cross Site Scripting
Posted Aug 2, 2024
Authored by OoN_Boy

Leads Manager Tool suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | a5f2822b36f3d9ad0225477aba58244bbd90f789258b7d465e98eee2442d617d
Ubuntu Security Notice USN-6926-2
Posted Aug 2, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6926-2 - 黄思聪 discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-46343, CVE-2023-52435, CVE-2023-52436, CVE-2023-52443, CVE-2023-52444, CVE-2023-52449, CVE-2023-52752, CVE-2024-25739, CVE-2024-25744, CVE-2024-26882, CVE-2024-26901, CVE-2024-26923, CVE-2024-27020, CVE-2024-35978
SHA-256 | 2d46229c1bb410100a951de8431f990f91bf51ba7ec8b3772ca11b05a1a2247c
ReadyMade Unilevel Ecommerce MLM Blind SQL Injection / Cross Site Scripting
Posted Aug 2, 2024
Authored by OoN_Boy

Readymade Unilevel Ecommerce MLM suffers from remote blind SQL injection and cross site scripting vulnerabilities. These issues affected the version released as late as March 15, 2024.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 6516c67721502532af286b998f1bd2aa37ea2c5c4806a9a0fa77479cd3a3c623
Appointment Scheduler 3.0 Insecure Direct Object Reference
Posted Aug 2, 2024
Authored by indoushka

Appointment Scheduler version 3.0 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | 704b395184ea72d2a89e336b4e3419816c72acc8e4b5bccaec26769e25c2ce41
AccPack Cop 1.0 Cross Site Request Forgery
Posted Aug 2, 2024
Authored by indoushka

AccPack Cop version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 9019bcc0149f6bd585eeb57145abd8d8ab36247d7e4f551459497d7ef6a6c872
AccPack Buzz 1.0 SQL Injection
Posted Aug 2, 2024
Authored by indoushka

AccPack Buzz version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 0418a06664d6d1af973681fa771cbbc3aad7f00340d712b9636e1e8a6e572ca2
Red Hat Security Advisory 2024-4982-03
Posted Aug 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4982-03 - OpenShift API for Data Protection 1.3.3 is now available. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-45288
SHA-256 | bdee5d8d2f9300e30e73fe74fc77fba222bc8ea328b6e0f69b9b0f2734a25b32
Red Hat Security Advisory 2024-4972-03
Posted Aug 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4972-03 - An update is now available for Red Hat OpenShift GitOps v1.11.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-40025
SHA-256 | b669d81ead1b521de9129342ee8f759af9c0ba623d2ca9e2f6d53ea313086dc4
Red Hat Security Advisory 2024-4971-03
Posted Aug 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4971-03 - An update for emacs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-39331
SHA-256 | f1de96d6591f3909c0d57ad04f0394b3ee1208a3347f64f1c3fa870a239b6bf5
Red Hat Security Advisory 2024-4970-03
Posted Aug 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4970-03 - An update for kpatch-patch-4_18_0-305_120_1 is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-6546
SHA-256 | e7a7ea6c37568e12a8affdaecfbf64336db2ae323f5ad19decfaadb8877416bb
Red Hat Security Advisory 2024-4943-03
Posted Aug 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4943-03 - An update for httpd is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2024-38474
SHA-256 | 4a7b9d6f819185f31ed0963404f3afe7d3e23a7aba486c2a4158fdec55d35ed4
Red Hat Security Advisory 2024-4858-03
Posted Aug 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4858-03 - Red Hat OpenShift Container Platform release 4.16.5 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include deserialization and memory exhaustion vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2024-6104
SHA-256 | da66ba87e3611e718278afe32ba1bd82bd699ddc5629604c55d6e2f3833d581f
Red Hat Security Advisory 2024-4848-03
Posted Aug 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4848-03 - Red Hat OpenShift Container Platform release 4.13.46 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include deserialization and memory exhaustion vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2024-37298
SHA-256 | 6f24ef50626aee5ed0e8c53fbde0e004703bac6565f2bd36b37e21eafa21943c
Red Hat Security Advisory 2024-4846-03
Posted Aug 2, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-4846-03 - Red Hat OpenShift Container Platform release 4.13.46 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-29483
SHA-256 | 01bea6eac4eb94260d765efc65ca3722b8ea33a4372717f039dff980fcdb1123
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close