aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
d93ac16aade5b4d37ab8cdf6ce4b855835096ccf83deb65ffdeff6d666eaff36Debian Linux Security Advisory 3480-1 - Several vulnerabilities have been fixed in the GNU C Library, eglibc.
f21bc37873b6d3f878293b24b50bceadf6e2f468ced587d39dcdaea3989a7fc3Ubuntu Security Notice 2899-1 - It was discovered that LibreOffice incorrectly handled LWP document files. If a user were tricked into opening a specially crafted LWP document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code.
f95a1af1cf1d97dc44ae03be978260260030bfa3db681c00ec0be3f68b0cef30Red Hat Security Advisory 2016-0225-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module.
36bb67815bd7e37f3beda38548970f1dc500e60b18ee2344ee80be50c5f3fdc6Red Hat Security Advisory 2016-0176-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module.
cb26d916df37d2282250c405f15e20226153e6df9e8e3e0b9d8911eda607768aRed Hat Security Advisory 2016-0175-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module.
250da49162f89ae85605b47646659f001c5b45318d448d14ed1f4d5a1b608c74Redaxo CMS version 5.0.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
58872f982df928318a4cb6b46edbd08e6a1402810a83f6f9f3adffa56501e2dcTOTVS RM PORTAL suffers from multiple cross site scripting vulnerabilities. The vendor has not responded to reports.
d1e1efd5672a465ab411b93f67845833725772fa6b91c133b1dcd9b880e852d2phpMyBackupPro version 2.5 suffers from remote command execution and cross site request forgery vulnerabilities.
15b9107732b5558a738085c34214eff5335f320ba47d355c47d18884606d6f5dphpMyBackupPro version 2.5 suffers from a remote shell upload vulnerability.
50e0dd607fcedc615a8d0c0bb3ddd9ce81b3c8539d4cc0cf6c76e00f347911cephpMyBackupPro version 2.5 suffers from multiple cross site scripting vulnerabilities.
b0f8b42735d7a0883a11e14cc8433ac6387e9932da299ce455a9ec13f775bae2Microsoft afd.sys version 6.1.7600.16385 suffers from a dangling pointer privilege escalation vulnerability. This exploit demonstrates the vulnerability discussed in MS14-040.
43aecafba8f866db9836e1cf4df9c1bc15350cd135f9e99abda52e36dca71d06smbgrind.exe suffers from a buffer overflow vulnerability.
a6cc32b60c5b420033593bbd7a0064d9e918dd7334c279a954bb80f532def656Manage Engine OPutils version 8.0 suffers from an authorization bypass vulnerability due to a missing function level access control.
b9e7e86ebc2d1e55dc5329a95efdaca283be5268b1a3a03b374a5d737c611082Ntpd versions ntp-4.2.6p5 and below ctl_putdata() buffer overflow exploit.
20c1ff267a8bcac5da58926e1274d79d39784fce12793f29a8cdf27998079989Manage Engine OPutils version 8.0 suffers from a privilege escalation vulnerability.
b977e013fda04f44e8af632bcc03cc1219b52ae3d3bd69ffba3b620b6a52c170Manage Engine OPutils version 8.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
733c28616c1891158bef1795b1d8b042f1e58ddc0cd0991868a9f08d50bd3559FireEye FX, AX, NX, and EX products suffer from an analysis bypass vulnerability.
449aafd21ac2669413a7bfe12b72b0a0409a12dace2cd2b57d2a5622aa29d505SAP PCo versions 2.2, 2.3, 15.0, and 15.1 suffer from a denial of service vulnerability.
39b8bca8d12d613256ed16b6471e91e8cda9378908f629e973648bcbe9a349beRed Hat Security Advisory 2016-0224-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
00ab730508d67ce6b518ba890134a1d1d8898a4574f922bc1006d89b31f85489Ubuntu Security Notice 2855-2 - USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem.
7086d756a9e42b4c4cfa8d6023f2eaf650513adb4854120cd3732d1c818288b0Red Hat Security Advisory 2016-0212-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
b771c9eefb04a0bae6b27307e6c6f3a2e4d927b2ee673b81a19677837f66263cRed Hat Security Advisory 2016-0189-01 - PolicyKit is a toolkit for defining and handling authorizations. A denial of service flaw was found in how polkit handled authorization requests. A local, unprivileged user could send malicious requests to polkit, which could then cause the polkit daemon to corrupt its memory and crash. All polkit users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
efad810d366fa419c7f930f6ba0aa4269866952ebe52b208004b87c85c809f77Red Hat Security Advisory 2016-0188-01 - The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging. An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their privileges on the system. This issue was discovered by Mateusz Guzik of Red Hat.
bc5198ce417bbf8b6ff4c2ab4d6b3b7fc3a15fa5477c2a6e22c83c8f617850c1Red Hat Security Advisory 2016-0185-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
1a2e527298ad69b36cf3c97378fa9634fd9b0bc9ef66a9c4a6fdf6769fb4a7cf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed