Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
97bac89e88892054a5848a9f7e0c36aa399a2008900829b078e29cab0ddd593bI2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
7bb27444bd1074a0f670276ad07e0b5b2a7a29ed6d25d93e6f95646981cd0aafBetterCAP is a powerful, flexible, and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.
ee2a941b493858347cd08e568148a5c5a2434db1712cb6669fef3520caeac699Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the win32k.sys when processing Type 1 fonts, which can be exploited to trigger a NULL pointer dereference and subsequently cause a kernel crash or gain elevated privileges via a specially crafted PFB font. The vulnerability is confirmed on a fully patched Windows 7 Professional (win32k.sys version 6.1.7601.23545).
b6b7d487b13f5974b1d680b4b3cd014162b94a54fd298adb9eb15a3d0cdaa57bThe XNU kernel suffers from a use-after-free vulnerability due to a lack of locking in set_dp_control_port.
70fb5d71ad7edf4688efba8a24e70c1786a30e2f5bd97f65e9e036050daf0c32Nagios Core versions prior to 4.2.2 suffer from a curl command injection vulnerability that can lead to remote code execution.
c3b5ce14fa314de6954bd04ce7bfdf56d1d7a73489b184889179a25362cc9a20Microsoft Internet Explorer 9 suffers from an IEFRAME CMarkupPointer::MoveToGap use-after-free vulnerability.
f949ec22b0e789c30417cfd64057af1e6fd219810c56f6b85cbf6a2d22bdb59fVMPanel version 2.7.4 suffers from a remote SQL injection vulnerability.
a8c108779bed2941a3311216fb2e330d23b5db5a58d7ee6fb026aaeae96f372eMicrosoft Internet Explorer 9 suffers from an IEFRAME CMarkup..RemovePointerPos use-after-free vulnerability.
634d8d94a12d60ded007a6b665b6c620bb8e0b39af116a7c06ea2a618e27cd38Microsoft Internet Explorer 9 suffers from an MSHTML CMarkup::ReloadInCompatView use-after-free vulnerability.
85cb5f19ffcd1562e5f3a0a4493985c462ccbaa11c50ec45b0b92b3398331868Nidesoft MP3 Converter version 2.6.18 SEH local buffer overflow exploit.
2164c70401c709b5fbd7c143416b717e7590a407049accd64bce1d081321ec8bAdobe Animate versions 15.2.1.95 and below suffer from a buffer overflow vulnerability.
deefce1ffd423d6fa926e51b041c856564c9488d18f7afd4320d96725b9f2438Red Hat Security Advisory 2016-2947-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 24.0.0.186. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
765e02f69a22614cfe6c1db7a564eceac91ddaea0e1e48d6b0cd4801bab8b049Red Hat Security Advisory 2016-2946-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.6.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
84564515b5f9d776044d365d809f99f157eb14f3275091f7c8501626652858c4Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues.
451a308e892803e82049bb6bb16dcbbd6e04a3ce93d7ae62bb47904915c48897Ubuntu Security Notice 3157-1 - Donncha O Cearbhaill discovered that the crash file parser in Apport improperly treated the CrashDB field as python code. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Donncha O Cearbhaill discovered that Apport did not properly sanitize the Package and SourcePackage fields in crash files before processing package specific hooks. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. Various other issues were also addressed.
a6a736e2e12ac1c6250ab44dd7b1b96530916ecd5f2b440dec573008e9c757d8WordPress MailChimp versions 3.1.5 and 4.0.10 suffer from a cross site scripting vulnerability.
ff179074357ac7336249ba032d5f12b0766d960a4f96041e3a66d6151fb4c1a0A vulnerability and a separate logic error exist in the gstreamer 0.10.x player for NSF music files. Combined, they allow for very reliable exploitation and the bypass of 64-bit ASLR, DEP, etc. The reliability is provided by the presence of a turing complete "scripting" inside a music player. Read the homepage link for full analysis. Proof of concept exploit included in this archive.
efc0146838d9c8d7a192a4e776050cdf88ee6e0ad5ec639d2c832f8efc66e28b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed