Ubuntu Security Notice 4734-2 - USN-4734-1 fixed several vulnerabilities in wpa_supplicant. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that wpa_supplicant did not properly handle P2P group information in some situations, leading to a heap overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that hostapd did not properly handle UPnP subscribe messages in some circumstances. An attacker could use this to cause a denial of service. Various other issues were also addressed.
49410830b0c8b8841b939879c09f65434aed797cf17da754ead53d148a5e865f
Red Hat Security Advisory 2021-0599-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server and command-line utilities for server administration, the Administration Server HTTP agent package, and the GUI console packages. Issues addressed include an information leakage vulnerability.
b45608432e7c570572f13c8dbaa35ec7f8c2bfcb6c0d5eacad5e24a3593c95ce
Ubuntu Security Notice 4736-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that responses received during the plaintext phase of the STARTTLS connection setup were subsequently evaluated during the encrypted session. A person in the middle could potentially exploit this to perform a response injection attack. Various other issues were also addressed.
b6c1f03c7fd8c0de6f8a95513aaf24c579db20b2e4391bdcb8805ea4e08a8069
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
22cba3794fedd5fa87afc1e512c6ce2c21bc20b4e1c6f8079d832dc1e545e733
Recon-Informer is a basic real-time anti-reconnaissance detection tool for offensive security systems, useful for penetration testers. It runs on Windows/Linux and leverages scapy.
7f97a6b15e928a7250bd0474cc2f213abf8cc02a26b7e424d31838675907162f
Backdoor.Win32.Burbul.b malware has an ftp service that allows for anonymous login.
eacd817de5297bfb135a0355f799bafec34151bbf8e3f6ea6560cc32d694a5b8
Backdoor.Win32.Indexer.a malware suffers from a denial of service vulnerability.
d48a8459e1ba4c181989347d8c267adcf50e5532c2ce2473ef00b11baab6e68f
Red Hat Security Advisory 2021-0557-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a denial of service vulnerability.
1f7fbb8a9cda11a8da72b390e2dc8c19d436b004932f3dfe932f1cb842431812
Red Hat Security Advisory 2021-0531-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
e6652ef2a0267358106529a53c6dc5f9986e7a254cd1604f6373851dd251650d
Red Hat Security Advisory 2021-0549-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, denial of service, and use-after-free vulnerabilities.
a64a6a19ac80244fb7f9a1e728597b19c74ec6464def40c77bf97ff808fc4203
Red Hat Security Advisory 2021-0558-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
7283785eaa933b306c1724231dee042628d834e4720063f7b151d6119cbe24fa
Red Hat Security Advisory 2021-0548-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, denial of service, and use-after-free vulnerabilities.
320aab402ef7196c5381a1e9675462d0a99fe6bc160bc505ac3775abdb558fc8
Red Hat Security Advisory 2021-0538-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Issues addressed include an out of bounds read vulnerability.
c262e1576a15286836eb793cba072f9d4ea3eaeb3112849368fb9d53ccd32197
Red Hat Security Advisory 2021-0551-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, denial of service, and use-after-free vulnerabilities.
1ef045ee9b5c6ed6cb265e67182061ab92d2e4d1256aeaa85d77d6cd36f00f69
Red Hat Security Advisory 2021-0537-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
b771926c5d71d88a97d82d3499e15c5dd8e405c9a5899cdca21ddf8ce43e2fc3
Red Hat Security Advisory 2021-0436-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The compliance-operator image updates are now available for OpenShift Container Platform 4.6. This advisory provides the following updates among others: Enhances profile parsing time. Fixes excessive resource consumption from the Operator. Fixes default content image. Fixes outdated remediation handling.
0d991d0f7e88d36db03aa4ec1666ccd474727a461e4af460a0e41379046f1895
This whitepaper is an introductory guide to Digital Forensics. It provides a high level understanding of protocol and roles.
a676db8f5ab0381a2e9ea5b5adf74019397945ebdb2b6bc06f10b3b04670452d
BlackCat CMS version 1.3.6 suffers from a persistent cross site scripting vulnerability.
89f9428d9165020374ce602c34b5d6dea670dd8a192f3274bb62f7db262a8dff
Managed Switch Port Mapping Tool version 2.85.2 denial of service proof of concept exploit.
f8397484f88b103bcbe65d00c2f84027a9f33ad3c2558b01dccddbc60242d157
Backdoor.Win32.Indexer.a malware has a backdoor with weak hardcoded credentials.
75d07c22ee885ccdb973aa8ca9f378855c5b303ddbc339cb577013a21100e03a
Red Hat Security Advisory 2021-0528-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
3bb29f57bc2a277c7ab3637ada0c063fb9c3ae045f79e2a8c48ff5886ea41a2b
Red Hat Security Advisory 2021-0521-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, denial of service, and use-after-free vulnerabilities.
8874e7408dd53c374668285d5a6736222671e5c705f397d142acf86d17cd1f95
Nsauditor version 3.2.2.0 Event Description denial of service proof of concept exploit.
34b3b4f12f18d6376082a846d5d3399fcdb9b9c36e3ab68200a4864b66e79031
CASAP Automated Enrollment System version 1.0 First Name persistent cross site scripting exploit. Original discovery of persistent cross site scripting in this version is attributed to Richard Jones.
6bceefc7fea2224717fdd993983c75fc667149e655487aff3b2785373418dbb9
Red Hat Security Advisory 2021-0525-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
5295611830e6ca09048df89bff66ad52cefd94e45db7ae9e73785d46662811b8