what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files Date: 2023-02-22

Zeek 5.0.7
Posted Feb 22, 2023
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Various issues with signed/unsigned character discrepancies on arm64 builds are fixed. A performance degradation in debug builds involving hashing large keys for Dictionaries was fixed. A DNS related memory leak was addressed. An ftp denial of service was addressed. Two find related BIF methods had a denial of service issue addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | dbb9788260269c5a75eb5d18fd9ad0df1f06f00757cdde9d86994b35428b5776
pyLoad js2py Python Execution
Posted Feb 22, 2023
Authored by Spencer McIntyre, bAu | Site metasploit.com

pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code injection due to the pyimport functionality exposed through the js2py library. An unauthenticated attacker can issue a crafted POST request to the flash/addcrypted2 endpoint to leverage this for code execution. pyLoad by default runs two services, the primary of which is on port 8000 and can not be used by external hosts. A secondary Click N Load service runs on port 9666 and can be used remotely without authentication.

tags | exploit, code execution, python
advisories | CVE-2023-0297
SHA-256 | d86b89ccd29b81ac570725e1b71f96f42350980adb191ce14634207100bc2450
Ubuntu Security Notice USN-5739-2
Posted Feb 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5739-2 - USN-5739-1 fixed vulnerabilities in MariaDB. It caused a regression. This update fixes the problem. MariaDB has been updated to 10.3.38 in Ubuntu 20.04 LTS and to 10.6.12 in Ubuntu 22.04 LTS and Ubuntu 22.10.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 864704062d2b1c3bdf54e5ca1c62eb30ddf326673f2e3cbfba651f9d4c73b1bd
Red Hat Security Advisory 2023-0774-01
Posted Feb 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0774-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.28. Issues addressed include denial of service and out of bounds read vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-38561, CVE-2021-4238, CVE-2022-23521, CVE-2022-2879, CVE-2022-2880, CVE-2022-41715, CVE-2022-41717, CVE-2022-41903, CVE-2022-4337, CVE-2022-4338
SHA-256 | ca47c0cea81330f5de88e4e9f79a211719d421c59b8c4c4424353cdd2b6b0a26
Ubuntu Security Notice USN-5881-1
Posted Feb 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5881-1 - It was discovered that Chromium did not properly manage memory. A remote attacker could possibly use these issues to cause a denial of service or execute arbitrary code via a crafted HTML page. It was discovered that Chromium did not properly manage memory. A remote attacker who convinced a user to install a malicious extension could possibly use this issue to corrupt memory via a Chrome web app.

tags | advisory, remote, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-0471, CVE-2023-0472, CVE-2023-0473, CVE-2023-0474, CVE-2023-0696, CVE-2023-0700, CVE-2023-0701, CVE-2023-0702, CVE-2023-0704, CVE-2023-0705
SHA-256 | 1ffc99eb387d685f3934bcb9f92476d55e232ea25caa6a7e53c49c72dff61a87
Red Hat Security Advisory 2023-0833-01
Posted Feb 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0833-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include denial of service, information leakage, and open redirection vulnerabilities.

tags | advisory, denial of service, vulnerability, python
systems | linux, redhat
advisories | CVE-2020-10735, CVE-2021-28861, CVE-2022-45061
SHA-256 | d16dc5abdc87b7c6d25b0c046da8d55627f3f9d1e6610e67e99f688d38471729
Red Hat Security Advisory 2023-0888-01
Posted Feb 22, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0888-01 - A security update for 2.13.2-1 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-41881, CVE-2022-41946
SHA-256 | d4de88d15e138f91bd87cf8e8825d14fabd472872f1b7b84374be9f237454a82
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close