Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
d9718b83fdae0c76eea5254a4b9470304c4d1d3778687de9a4fe0b5dffea521bThe erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie, remote code execution is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location.
8fd12f434db46fa81ba8c0025bc071fdc803952e508bc82dad352cbf0212aadbStarting from Windows 10 Fall Creators Update, VBScript execution in IE 11 should be disabled for websites in the Internet Zone and the Restricted Sites Zone by default. However, the VBScript execution policy does not appear to cover VBScript code in MSXML xsl files which can still execute VBScript, even when loaded from the Internet Zone.
b0f1afdfeed7b58164b0ac07caec27811ba02f778e45365490b8d741eb009e35There is an reference leak in Microsoft VBScript that can be turned into an use-after-free given sufficient time. The vulnerability has been confirmed in Internet Explorer on various Windows versions with the latest patches applied.
bbed7824f89e9377c1a62b7a38d9841ad9be96f597755fed927b3e56bee44b2cRed Hat Security Advisory 2018-3854-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
ecccca8405ce1ae112c4c9ef8699c52acaa7349eacd9444e706b1cc606052122Red Hat Security Advisory 2018-3853-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
7d67828682276999308ce93378cd3811edc0d9b3565bdbef85add8ef9bf3f2bfRukovoditel Project Management CRM version 2.3.1 suffers from a remote code execution vulnerability.
8a584cc6a1816c6b3a4fe23a1902ad4a7e8c221665ed7dd33f64ab8c95dde6b6LanSpy version 2.0.1.159 local buffer overflow exploit.
3309894f13d2961ceb6dbe7be8467f2f9baa186fa92a1c081db4417f663dd7a9PDF Explorer version 1.5.66.2 SEH buffer overflow exploit.
f48e127b00a83012716677d4a1c5c49bb04840262f6489f05e55581876ba6547IBM Operational Decision Manager version 8.x suffers from an XML external entity injection vulnerability.
18845ad07f984f9c6c27bb827621215c2f4825597c89ff7c09d4a0f5a8cf3466Yeswiki Cercopitheque suffers from a remote SQL injection vulnerability.
2191ee618f205f47d949b3798efa5fd260cfb4e592d66b79ca96cc83ced25bffIntegria IMS version 5.0.83 suffers from a cross site scripting vulnerability.
f5770dc8399dab6df8212ba01ad2c7655b3fbc8bf3d3f91de4d8036c00042f20Integria IMS version 5.0.83 suffers from a cross site request forgery vulnerability.
494dc73a5483a3b5258fb7d29a5efa5434ad403784af2cd871269d10874dfd8ePassFab RAR version 9.3.2 SEH buffer overflow exploit.
0604bdbbf645670711942446f2f53027b3d6fa359107f498e6d85edbb203fe9d93 bytes small Linux/x64 disable ASLR Security shellcode.
bfba9bba35bda0b1441d416d81269e233df34a339d9d54d7b408201cb68de428Linux kernel version 4.4 rtnetlink stack memory disclosure exploit.
40764dc8fda6722111b000f9b935f1aa492b399d8ebb435a9ac60ad02ac3fbbcStegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
c23b61f48ebed1afc2c8e7b7ff7258ba4d71afa2e2d246d757fa1ad8754e5e79Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.
26c6461618670d59215635602ef5fb6f90bf6724006983af88e4983d6af1e67aHotel Booking Script version 3.4 suffers from a cross site request forgery vulnerability.
b0b33614e3e299d840feadff31f0d475ed57f5729df9e5d4eeba3073ff28f8cfVMware Security Advisory 2018-0031 - vRealize Operations updates address a local privilege escalation vulnerability.
f41524536e72c476e12712b7fba94223e3194bcd61922bab81d01d639ea618bcRed Hat Security Advisory 2018-3852-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP25. Issues addressed include a denial of service vulnerability.
9d4f7bc666bf94a492aff063465bfd97a5d1aa5e574805c94c9ec1e09d2be252Bolt CMS versions prior to 3.6.2 suffer from a cross site scripting vulnerability.
facbd08aebdfb510077a57849161e0b3da809998e62d8c36f7fc0b7b5bf4ae81
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed