Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
3abe6e1063e80a66c609e4a0d369660588bfdefb8c8fff994d8199dab739ca5eD-Link DIR-615 and DIR-300 suffer from cross site request forgery, OS command injection, lack of cryptographic storage, header injection, and cross site scripting vulnerabilities.
d92d1912f11dbbae5692e74866d76e755ce2c196d6f9a7fa689ae37251fd787eClam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
d872bdfd692d440bc2ade2f4e5a7befc37feb8885cd81adfb6346a8214aafc12Ubuntu Security Notice 1806-1 - Ben Murphy discovered a vulnerability in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to execute arbitrary code. James Forshaw discovered a vulnerability in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit this to execute arbitrary code. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. Various other issues were also addressed.
fb482b1d6a477dd71523149f9168031b4570c128ce30b71240ef31f2fa6d158bUbuntu Security Notice 1804-2 - USN-1804-1 fixed vulnerabilities in IcedTea-Web. This update introduced a regression with the Java Network Launching Protocol (JNLP) when fetching content over SSL under certain configurations, such as when using the community-supported IcedTead 7 browser plugin. This update fixes the problem. Various other issues were also addressed.
788cd726d94bf98f4dc6192ab9c074b7cbe5cca9dc2456a6adbf105350c328e6This bulletin summary lists two re-released Microsoft security bulletins for April, 2013.
4c5b461ca8708792edf50c28f91334af4f000b0087439a86b6979d146a56b905Red Hat Security Advisory 2013-0744-01 - Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the Intel i915 driver in the Linux kernel handled the allocation of the buffer used for relocation copies. A local user with console access could use this flaw to cause a denial of service or escalate their privileges. A buffer overflow flaw was found in the way UTF-8 characters were converted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's FAT file system implementation. A local user able to mount a FAT file system with the "utf8=1" option could use this flaw to crash the system or, potentially, to escalate their privileges.
cbd907594e654e3d3d2b243dd52c44128cb2ec5866fbf646e4281d98046c891dSMF version 2.0.4 suffers from a remote PHP code injection vulnerability.
fb1fdb9f88f7a10a68b514edae1cd6ba816517347156676b1a236c8ed23c784bThis php script fingerprints a given Joomla system and then uses Packet Storm's archive to check for bugs related to the installed components.
88262f0098e3ae940b541af13f63757e65e56df737aad47c872d4403ce361308This is a brief tutorial that discusses obfuscation techniques used by phishers.
4c282764be11f363487575a3810708ce4b9779823e5dbdad0c980365b13992d5This Metasploit module abuses Java Reflection to generate a Type Confusion, due to a weak access control when setting final fields on static classes, and run code outside of the Java Sandbox. The vulnerability affects Java version 7u17 and earlier. This exploit doesn't bypass click-to-play, so the user must accept the java warning in order to run the malicious applet.
bb2929226a8a08e2945d6536acc0a7c67d0777ced5120b0ffa098ac076125760Debian Linux Security Advisory 2663-1 - Martin Schobert discovered a stack-based vulnerability in tinc, a virtual private network daemon.
d27a46903652511fd9626681594a7256f7c929cb46999751f76c9fe419b659fbMandriva Linux Security Advisory 2013-149 - A local file inclusion flaw was found in the way RoundCube Webmail, a browser-based multilingual IMAP client, performed validation of the 'generic_message_footer' value provided via web user interface in certain circumstances. A remote attacker could issue a specially-crafted request that, when processed by RoundCube Webmail could allow an attacker to obtain arbitrary file on the system, accessible with the privileges of the user running RoundCube Webmail client. The updated packages have been upgraded to the 0.8.6 version which is not affected by this issue.
185018b1135f20767fccdb3719f084ecdfac1009cbbf8690224b50a4414df48f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed