The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
d3bc30d36b68934151ef822d9b09df7f1559297ee1330e96520e588c0a846f68A Linux IPv4 firewall and traffic shaper for single hosts to small and mid-sized networks. It allows flexible rule creation, while also shipping with presets for common needs. Rules are written in simple XML, allowing various ways to group and nest the iptables arguments. An interactive mode is available in order to build configuration files in a wizard based manner. Extensive documentation is also included.
de001b81914740972faf4bd4d0ea388e8757a9bfd02dd6b63707be348929904aNetSTR is an open source small, fast and easy to use port scanner and packet sniffer. IPv4 scanner can perform ranged, single or use an internal top ports list plus it has a flexible timers/port capability. IPv6 single port single host is supported. The tcp and arp sniffers print an easy to read dump format and have a full packet decode capability. Additionally netstr sports a fuzzy passive network scanner.
0362e46af780f0720501428c67c098df5a2b564a8a01114787c8fa2a054d6ab9AbsoluteTelnet version 10.14 suffers from a DLL hijacking vulnerability.
2129cfd8f7159c9f48e17173b9fc9fa7e5f92f84ba90cf738827dec0c074e314Debian Linux Security Advisory 3524-1 - It was discovered that the ActiveMQ Java message broker performs unsafe deserialisation.
026b81c4d359d32407cfe76c07ba260baa12c3e323b769a5d33716a3084332f1Debian Linux Security Advisory 3523-1 - This update disables the Graphite font shaping library in Iceweasel, Debian's version of the Mozilla Firefox web browser.
9f095db66403e6e64901b6b96e7c04301c954031a92adbe3c56644313c733be4Debian Linux Security Advisory 3522-1 - Alex Rousskov from The Measurement Factory discovered that Squid3, a fully featured web proxy cache, does not properly handle errors for certain malformed HTTP responses. A remote HTTP server can exploit this flaw to cause a denial of service (assertion failure and daemon exit).
58240e40d13b60c6570f863ede1323dd5c628f7d8e2318d7a363cb0785cd9fc2Gentoo Linux Security Advisory 201603-15 - Multiple vulnerabilities have been found in OpenSSL, the worst allowing remote attackers to decrypt TLS sessions. Versions less than 1.0.2g-r2 are affected.
6f0722d9e284f07b269abf7998e9e52da12fdf8dcb8e32ab4f709a7b253f0481D-Link DWR-932 with firmware versions 4.00 and below suffer from authentication bypass and password disclosure vulnerabilities.
f86505f0c1e4921225059a0b8cf6188a72de7d3c8ab3ee65fa7c5bc636a0fd1bWordPress eBook Download plugin version 1.1 suffers from a directory traversal vulnerability.
318fb4f76e3092c8ff33ac73fd09fc95ac7ed8b8879301abfb411e910e2b8bbaWordPress Import CSV plugin version 1.1 suffers from a directory traversal vulnerability.
707a5fc82a6731639583d67130bd989dfed85f9b4b0f10af7dcc9e0f8b036b3cAsusTEK asio.sys driver accepts IOCTLs that allow the user to freely manipulate MSRs.
325593d3acbc08d615dd99f440693508f61114fcd70ff4a0997008168a95e16cDORG Disc Organization System suffers from cross site scripting and remote SQL injection vulnerabilities.
b7f23955a8300938467a5000dab30ca14634b797f3fb1d7e029e85191454903cWildfly versions prior to 10.0.0.Final, including 9.0.2.Final, and 8.2.1.Final suffer from a WEB-INF and META-INF information disclosure issue via a filter restriction bypass vulnerability. Video included showing the proof of concept.
702a857da000ebd458a935e4fbf17d96d7f77f33e1ef8aaa494e4206bfa48f76WordPress Abtest plugin suffers from a local file inclusion vulnerability.
4dfd25d83af233008ae8fd8f81633e2601547ac29e44fd477dde61fa603cb041Netgear DGNv2200 suffers from authentication bypass, memory corruption, and cross site request forgery vulnerabilities.
296e35b157692cccfcf1d5b18bf0d85519166c302d3e42c4cbe9e05b4677ee2bSysax Multi Server version 6.50 HTTP file share SEH overflow remote code execution exploit.
c00ceddd52d084e84687306a20618247ce5e46f255ec2f4e36d4c94b92151b3f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed