I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
24e303f2af1b7b14ed3a6e17cc7d1b6432ec99d8d00246a88486922941c72345This Metasploit module exploits a SQL injection vulnerability found in Joomla versions 3.2 up to 3.4.4. The vulnerability exists in the Content History administrator component in the core of Joomla. Triggering the SQL injection makes it possible to retrieve active Super User sessions. The cookie can be used to login to the Joomla administrator backend. By creating a new template file containing our payload, remote code execution is made possible.
53518655f45dd51e0502900828af9b020e75d493ef442b649696eaac77fb78b1ZTE ADSL ZXV10 W300 modems suffer from insufficient authorization controls, information disclosure, and a backdoor account feature.
f638139811112ec6d7f34ff1e8acef146adf3549a65b832da61f1755c75c498dZTE ZXHN H108N R1A and ZXV10 W300 routers suffer from path traversal, information disclosure, improper authorization, and hard-coded credential vulnerabilities.
2735f65d35edc3931a3eae6069d85013b997afb9f924b5865ac99b6d29c02f0fAtlassian Bamboo remote code execution exploit that leverages the java deserialization vulnerability as noted in CVE-2015-6576.
607a629353c90b0d484735e431ce673d9f7f7ae92d4516f5a50546cb0b881ca6Red Hat Security Advisory 2015-2500-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
3817e8f6587a1c7b3e3fef64ace7842893225be276163b92f3b4ce1a5b15e9faRed Hat Security Advisory 2015-2501-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
8dfd2a2bdac7aa4a57b373e2416d20f244fdbbe50d28b503e42e289d2b773490Debian Linux Security Advisory 3400-1 - Roman Fiedler discovered a directory traversal flaw in LXC, the Linux Containers userspace tools. A local attacker with access to a LXC container could exploit this flaw to run programs inside the container that are not confined by AppArmor or expose unintended files in the host to the container.
427606cc5d197a209e93836177cee64871000126401f8ef142033291a343332fRed Hat Security Advisory 2015-2502-01 - Red Hat JBoss Data Grid is a distributed in-memory data grid, based on Infinispan. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
d8df8f2cadccac7dc9d72ba654c954391e3ccf0c051d99ac1337e84e72a93e1eTraffic CMS version 1.4.x suffers from a local file inclusion vulnerability.
624c98b778717d19759cfb903dc4a9bfd8c1114710a9bd101578150c371516afNmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
8ba3248e6e1443114b62822786d17681e312c6ed6c2bb609b692700776aba2a4Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a trivial privsec. WfsDelay is set to 24h, since this is how often a chkrootkit scan is scheduled by default.
0747e7950fe687c3ab16c47390e8715755184a47efb63dffd00b15a5ba393195Cambium ePMP 1000 suffers from a remote OS command injection and privilege escalation vulnerabilities.
f3f71e560f8ee614e20bf5956339837e20028c8d5053172f3eb99639d547b9e1There is an integer overflow issue in sanity checking section lengths when parsing the vcdiff format (used in SDCH content encoding). This results in the parser parsing outside of sane memory bounds when parsing the contents of a vcdiff windowThere's an integer overflow issue in sanity checking section lengths when parsing the vcdiff format (used in SDCH content encoding). This results in the parser parsing outside of sane memory bounds when parsing the contents of a vcdiff window.
7dd26a5b0e5074777454a033d2a5cf9abf8079a2604f2b566807914eb6911c4bNo Big Thing Conference #2 has announced their Call For Papers. It will take place in San Francisco, CA, USA on December 5, 2015.
c977209df17aa6e2e8bc476201d0ed8ec1e4645f5883d987d39ce467628e89c6Red Hat Security Advisory 2015-2101-01 - Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. It was discovered that the Python xmlrpclib module did not restrict the size of gzip-compressed HTTP responses. A malicious XMLRPC server could cause an XMLRPC client using xmlrpclib to consume an excessive amount of memory.
cc582ebc49e27cc4fafe81b106e309a23e455c02652176ce97cad6da6638b90aRed Hat Security Advisory 2015-2088-06 - OpenSSH is OpenBSD's SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users. A use-after-free flaw was found in OpenSSH. An attacker able to fully compromise a non-privileged pre-authentication process using a different flaw could possibly cause sshd to crash or execute arbitrary code with root privileges.
969133ceccf94cfbbd19259f9b16682286538b1be6ef824cd26361a6825383a7Red Hat Security Advisory 2015-2111-07 - The grep utility searches through textual input for lines that contain a match to a specified pattern and then prints the matching lines. The GNU grep utilities include grep, egrep, and fgrep. A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. An attacker able to trick a user into running grep on specially crafted input could use this flaw to crash grep or, potentially, read from uninitialized memory.
85af8b14f39b036a24bff1ae72c7129266031c69712bacc24a3eedde004aeec6Red Hat Security Advisory 2015-2131-03 - OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. The openldap packages contain configuration files, libraries, and documentation for OpenLDAP. A flaw was found in the way OpenLDAP parsed OpenSSL-style cipher strings. As a result, OpenLDAP could potentially use ciphers that were not intended to be enabled. This issue was discovered by Martin Poole of the Red Hat Software Maintenance Engineering group.
7bc976e464c0ae54fe7601d196a030253fba798be58f9fe678e1cae3370995b2Red Hat Security Advisory 2015-2079-09 - The binutils packages provide a set of binary utilities. Multiple buffer overflow flaws were found in the libbdf library used by various binutils utilities. If a user were tricked into processing a specially crafted file with an application using the libbdf library, it could cause the application to crash or, potentially, execute arbitrary code. An integer overflow flaw was found in the libbdf library used by various binutils utilities. If a user were tricked into processing a specially crafted file with an application using the libbdf library, it could cause the application to crash.
ffc6ec1dcdf0d2a09814a10e6711d7ff034fa0cc3ab0adcf54f1d16a7c573c81Red Hat Security Advisory 2015-2108-03 - The cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another. A heap-based buffer overflow flaw was found in cpio's list_file() function. An attacker could provide a specially crafted archive that, when processed by cpio, would crash cpio, or potentially lead to arbitrary code execution. This update fixes the following bugs: Previously, during archive creation, cpio internals did not detect a read() system call failure. Based on the premise that the call succeeded, cpio terminated unexpectedly with a segmentation fault without processing further files. The underlying source code has been patched, and an archive is now created successfully.
040f489f569742c7ec032acfcbab8c837af8e84536287fb290242c5694346665Red Hat Security Advisory 2015-2172-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap in certain cases. A local attacker could potentially use this flaw to escalate their privileges.
85b19fac93010af8ff49962e528a4a1656adaf223c5b448e01bf25afe054dd99Red Hat Security Advisory 2015-2455-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. A denial of service flaw was found in unbound that an attacker could use to trick the unbound resolver into following an endless loop of delegations, consuming an excessive amount of resources. Prior to this update, there was a mistake in the time configuration in the cron job invoking unbound-anchor to update the root zone key. Consequently, unbound-anchor was invoked once a month instead of every day, thus not complying with RFC 5011. The cron job has been replaced with a systemd timer unit that is invoked on a daily basis. Now, the root zone key validity is checked daily at a random time within a 24-hour window, and compliance with RFC 5011 is ensured.
80eec6ea3b08ffaf69bd8e7af8262477749a554f359c9fa6654843dacb0da7b6Red Hat Security Advisory 2015-2355-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It was found that SSSD's Privilege Attribute Certificate responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon application configured to authenticate using the PAC responder plug-in.
d919b3f85feab93be7bf6b2682d4b77d4f83d744a808670bebdba7e9c5849e5dRed Hat Security Advisory 2015-2378-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. It was found that Squid configured with client-first SSL-bump did not correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a Squid server using a specially crafted X.509 certificate. This update fixes the following bugs: Previously, the squid process did not handle file descriptors correctly when receiving Simple Network Management Protocol requests. As a consequence, the process gradually accumulated open file descriptors. This bug has been fixed and squid now handles SNMP requests correctly, closing file descriptors when necessary.
d5ceee7ceef28f7f64ebb85564d2ca943167c76079f8f17f04b21946deed25d4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed