Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
39e6293f11ec9f7d38e08f2eb076a436f384c9bb45ce026f60a4154064f6c1e0ABB Cylon Aspect version 3.07.02 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the file GET parameter through the downloadDb.php script is not properly verified before being used to download database files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.
bdeb7b96ce0490816b5aff85c7d91a69137f224971e0d812190f2924733b54d4Debian Linux Security Advisory 5784-1 - Fabian Vogt reported that the PAM module in oath-toolkit, a collection of components to build one-time password authentication systems, does not safely perform file operations in users's home directories when using the usersfile feature (allowing to place the OTP state in the home directory of the to-be-authenticated user). A local user can take advantage of this flaw for root privilege escalation.
630b245f04eb1a7ff0cfa42251496c38ea3ce7b755c4c145ac3252c552e621aaDebian Linux Security Advisory 5783-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
d6e973db117eecd0774e6df97f98106f30600a1abd447da40462c767ea65fcb3Proof of concept code for a flaw in TeamViewer that enables an unprivileged user to load an arbitrary kernel driver into the system.
8e84c906525cb3028d5e2434a5ce1ee9c2d79ef078f6024e17e16888fa959853Ubuntu Security Notice 7053-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or potentially leak sensitive information. These vulnerabilities included heap and stack-based buffer overflows, memory leaks, and improper handling of uninitialized values.
c46fa2a8f39b4ff10e8c0dddf0bf320de57a6dc38c9be5fef165226cc363c4a8Debian Linux Security Advisory 5782-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
6b1995cd75513141f3e03b2f430413db5d1f10bd1835463af1502d9622c439b4Ubuntu Security Notice 7055-1 - Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl discovered that FreeRADIUS incorrectly authenticated certain responses. An attacker able to intercept communications between a RADIUS client and server could possibly use this issue to forge responses, bypass authentication, and access network devices and services. This update introduces new configuration options called "limit_proxy_state" and "require_message_authenticator" that default to "auto" but should be set to "yes" once all RADIUS devices have been upgraded on a network.
271871d1420a0528a26685e8ce5cbcd406f9ca78469177524e1728fd0cf2771eMD-Pro version 1.0.76 suffers from remote SQL injection and shell upload vulnerabilities.
b641856919de4d5b0a61bc35a8e30fb6042f78f529af33b52af81ec5d5f73c4eComputer Laboratory Management System 2024 version 1.0 suffers from a cross site scripting vulnerability.
1fcd86678b2635e2cdd7247396f54562591ba9b9d9952cdb8f0ee3191c2cbf7aUbuntu Security Notice 7054-1 - It was discovered that unzip did not properly handle unicode strings under certain circumstances. If a user were tricked into opening a specially crafted zip file, an attacker could possibly use this issue to cause unzip to crash, resulting in a denial of service, or possibly execute arbitrary code.
f929b28b770364cb20cced4b9f7c68ae7cbf43c718918fb91835f47e7343078fAcronis Cyber Infrastructure version 5.0.1-61 suffers from a cross site request forgery vulnerability.
c2eceedb5e5bb0efa35e17bc56bd524328eb69b0a4975863b7ddd165b1b73695Vehicle Service Management System version 1.0 suffers from a WYSIWYG code injection vulnerability.
daeb244d9db94e371d9cc2e37a40f07b6ca949b734ea683afcbe95ac4b4ca130Vehicle Service Management System version 1.0 suffers from a PHP code injection vulnerability.
f9fcf44105743a3a54ea4970cafe882eab97bba4a5694154f79b99123f25e133Transport Management System version 1.0 suffers from an arbitrary file upload vulnerability.
1cd66e393ca7966dfbaac0ad1a1b3a444b9752a015b512e8517095c91f4717e2Transport Management System version 1.0 suffers from a PHP code injection vulnerability.
cd5dd78857336257ee61bcf76cd477a9fa12e3c595be519cef024af5bed57cdbManageEngine ADManager version 7183 suffers from a password hash disclosure vulnerability.
ddade0c8d44290aca9a54f0c1621504614026325fdfa745fc4d9c008c6feca03A condition exists when fastrpc_mmap_create creates a new globally visible mapping that can lead to a use-after-free.
f676785fdf4478de819b5665c9ba33c67535e75932f2e0c3889dcb7a0811f410An incorrect searching algorithm in fastrpc_mmap_find can lead to kernel address space information leaks.
46fa1c601050810eb66a262de97a8b9a9dbe879e08b68141820f5aeffa5d1da5There appears to be some (possibly deprecated) code associated with AF_QIPCRTR sockets in bpf_service.c. Within this file are some ioctl handlers - e.g. qrtr_bpf_filter_attach and qrtr_bpf_filter_detach. In the case of qrtr_bpf_filter_detach, the global pointer bpf_filter is fetched and freed while only holding a socket lock (and an irrelevant rcu_read_lock) - this may lead directly to double frees or use-after-free (kernel memory corruption) if a malicious user is able to call the QRTR_DETTACH_BPF ioctl on multiple AF_QIPCRTR sockets at once. Based on Android SELinux files, it appears this may be possible from some lower-privileged vendor and HAL services.
9a1258e6adb1b608d6d8bf4e2c0f15fb713920d26890f57e49ad4ff67b1e99c1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed