REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada, and as of this year, a new edition of the conference was held in Brussels, Belgium. The Call For Papers closes on April 15th, 2017. The conference takes place June 16th through June 18th, 2017.
00136e359cd829b3d2f8d00f1d654c973ab2bd3ef89ba00b7ed01aa40edd88beSuricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
0e0b0cf49016804bb2fb1fc4327341617e76a67902f4e03e0ef6d16c1d7d3994Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
54dbf77411bae2ab7a7845f70eec0c02f4f1e64092fd19d3842200ff8027cb60Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
1a72be1d4fd599bf47b7ce55aa55ac318232350ee45816c1042b3879fb67f0daFireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
23cb0f3598f1ceac14ec4bc238cae5e13071f95e313751785ce8cd5533b5c246QEMU has an issue where virtfs permits a guest to access the entire host filesystem.
8afb47007c79b3a9ac847f6e9b076ad790c162d53fdddf920e2a3d557b2daeb1Adobe Flash suffers from an overflow vulnerability during MP4 AMF parsing.
975f33074a57e3cfc572b9cf9519a6d3855366d379e71d3cc22b0b38ac580121Adobe Flash suffers from a stack corruption vulnerability using a fuzzed SWF file.
861f5baa072230b7939cd1b63451ce6753e5bfa28f6b0c8f8760db23344f9efdAdobe Flash suffers from a heap overflow vulnerability during YUVPLane decoding.
2bf4e6c3b7be108e8fdfd8baf1d8546149c39e64a4f46c8b3fe36fb7fd6bca33Adobe Flash suffers from a use-after-free vulnerability in applying bitmapfilter.
c3983405af4d8f611ecd50aa0083c83ab68a09eb670364bcd670de0a0063bf60Google Chrome suffers from a bypass vulnerability in the download filetype blacklist functionality. Versions 54.0.2840.100 stable is affected.
f412918e9a8a97d1bea8165805a9f03c35f0a54bd19258721264d95feb3b814aCisco ASA WebVPN CIFS handling buffer overflow conditions have been discovered.
5f13058e5f06f00a4c9e17b0e2cff240e100c10816e9044cab1647b9e216332fGDI suffers from an insufficient bounds check on GDI32!ConvertDxArray.
d103fb33865c638c44eb1d2b9664aed2de06df107938c288a09492550c9a4a38Microsoft Office 2010 running under Windows 7 x86 with Application Verifier enabled suffers from a heap out-of-bounds access issue that leads to a memory corruption condition.
83ef05a42ff7b08997720ddd16937c7105800b18b0a6bf34e392b72b87e72108AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
ab4fd8a885f0d2bdd42acd115a8c759c0f1b3e4fce8eda849a7ef7fe84916985Microsoft Office 2010 running under Windows 7 x86 with Application Verifier enabled suffers from a heap corruption issue due to a missing length check.
88da86d02c741d0ff8968f5f0017c278198fca482725e6f5dbb4c524808f6d49Elefant CMS version 1.3.12-RC suffers from remote code execution vulnerabilities.
93ab7cd15114ad9062d18ca8df2fcf662b1919081dc6bdb9660574d8243dfb8aPlone version 5.0.5 suffers from a cross site scripting vulnerability.
f23f365ad7be4890c9801cbb5c09c3060407d0b8d444fc6d52637f10df958c28This Metasploit module executes an arbitrary native payload on a Microsoft SQL server by loading a custom SQL CLR Assembly into the target SQL installation, and calling it directly with a base64-encoded payload. The module requires working credentials in order to connect directly to the MSSQL Server. This method requires the user to have sufficient privileges to install a custom SQL CRL DLL, and invoke the custom stored procedure that comes with it. This exploit does not leave any binaries on disk. Tested on MS SQL Server versions: 2005, 2012, 2016 (all x64).
fe2d879dbdd0c10aa7ac5b9f21f78eea25748d38856209e0eae44eec747be7d8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed