THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
482846580888f54e000bb125e263a65c32fa28ba86c9d4012371cf55c3bdc140EMC Documentum eRoom includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions affected include 7.4.4 and 7.4.4 SP. Versions prior to 7.4.5 P04 and 7.5.0 P01 are also affected.
e835023b15095c92be0207b2036c81225742f33b18d6c5ba2baf30034498536cThis is a database download brute forcing script that is written for the WordPress WP Easy Full Backup plugin.
8009e8ab50cfe48e9e83d6221a42b01e2d9572a63fa30c4d3ef32db9c178dcd1Viscosity for Windows version 1.6.7 suffers from a privilege escalation vulnerability. It is possible to execute openvpn with a custom dll as SYSTEM using ViscosityService because the path is not correctly validated.
1e165f6606a232bfd4cc34a34c68a7346cb59ed704cf1caf321ea02cee78ab3eRevive Adserver versions 4.0.0 and below suffer from cross site scripting, session fixation, and deserialization of untrusted data vulnerabilities.
49fc47c53b039e7dd7aa51c531ed2ea56ab25e997650a7d59f9e2c32e722f087Multiple Netgear routers suffers from remote and local password disclosure vulnerabilities.
dbaeb4937d70280e3491b85b30c34a0d631fed2c6555336ee35deb7fefcc8ddaHPE Security Bulletin HPESBMU03701 1 - A potential vulnerability has been identified in HPE Smart Storage Administrator. The vulnerability could remotely be exploited to allow execution of arbitrary code. Revision 1 of this advisory.
389f47122d3d84da0c8406651485468f4b6e77a77a96f6b2064f6ed76dcf6148Gentoo Linux Security Advisory 201701-77 - A vulnerability in Ansible may allow rogue clients to execute commands on the Ansible controller. Versions less than 2.1.4.0_rc3 are affected.
2cb237a335974f57ee8379fa18610f2a02590df401548e2efc9bc897e132ba96Red Hat Security Advisory 2017-0215-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.
9773caf065be9c5f7c1b57330e6aebc627b8f3c6632b045a8257a108b8da6d9dRed Hat Security Advisory 2017-0216-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.
c186c3b266a35ae94614ffd7a976f4b1e2eb276249557cbb40ab3439fcd12aaeRed Hat Security Advisory 2017-0217-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.
0f04199e8b96f3c0ef49b41aa0b81c70b56ac8c4e9e510b9a19ddf9c1b0c225aGentoo Linux Security Advisory 201701-76 - Multiple vulnerabilities have been found in HarfBuzz, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.0.6 are affected.
c4c43fcf2857f96ff6e6e6c393e86dcc4e8f80c56171ed36cf7a530c3cb25994Red Hat Security Advisory 2017-0214-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.
f4f50df16590df135e030cf35334e92ba1f77e66d0e7be3a8b1762fff8cdb46eRed Hat Security Advisory 2017-0212-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.
b998263bac801bdf05507dd054133c1c0a715741d1d2f96c11ded4a4c365f07bRed Hat Security Advisory 2017-0211-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.
cbd1b0894feca5060b35372d9de8469d1a1ab60046d7d13765e6cb15c5f5c95aRed Hat Security Advisory 2017-0213-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.
b2641d56ba15d1ad8f1fb0ac80fb12918d10204de071e367093ddb8886171dc5Secunia Research has discovered a vulnerability in libarchive, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "lha_read_file_header_1()" function (archive_read_support_format_lha.c), which can be exploited to trigger an out-of-bounds read memory access via a specially crafted archive. The vulnerability is confirmed in version 3.2.2. Other versions may also be affected.
aa2df6dcc8af97d089cfa8e980271155e3918baf57560ac35d78aea7e00ccc4bThis post is about putting printers out of their misery and destroying the NVRAM through ordinary print jobs.
e2cd86b8adc6667167b8f7b8f181989c96fee30d127929b13743dc8b7d1e5967This post is about resetting a printer to factory defaults through ordinary print jobs, therefore bypassing all protection mechanisms like user-set passwords.
c0d3ac08f94bc071adf9e63784f30829f42fad0694c4e352f9eb78b9c01cd3f8This post is about buffer overflows in a printer's LPD daemon and PJL interpreter which leads to denial of service or potentially even to code execution. Multiple printers are affected.
ed3f781546ee705d1385f6e94873f6738e66f693d3e7c6ffb379426cacaefa6bHeimdal Security's SetupLauncher is vulnerable to DLL hijacking.
943d15090aa9969816c66d337a95a511ef46089ce4b7786320fe7e66d6aa41c9Itech Multi Vendor Script version 6.49 suffers from a remote SQL injection vulnerability.
3b956b159cd882b8b43f719ce66d2222edcf0227acab224b8cfbd1c3ded4ad83Netman 204 suffers from backdoor accounts and a password reset vulnerability. The backdoor accounts were already discovered in September of 2016 by Saeed reza Zamania.
604c3bc5a72eb8e9929ea3e43976a09ff9667d1f8bff94b645c84be2b5255741Itech News Portal Script version 6.28 suffers from a remote SQL injection vulnerability.
66666fa7d3b32270be5df5fb8f2232b2476f89ebef78c89e9ff8002d7094d1cePHP Product Designer Script suffers from a remote file upload vulnerability.
7d790c1ec21fded17dacbbc17620efc38ecb001d6fc9c52edfe9851c78357a60
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed