Category: Alert Feeds

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release. – Read More  – Packet Storm 

– Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as...

– Judge0 does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox. – Read More  – Packet Storm 

– This Metasploit module leverages an unauthenticated remote command execution vulnerability in Ivanti’s EPM Agent Portal where an RPC client can invoke a method which will run an attacker-specified string on the remote target as NT AUTHORITYSYSTEM. This vulnerability is present in versions prior to EPM 2021.1 Su4 and EPM 2022 Su2. – Read More  – Packet Storm 

– Ubuntu Security Notice 7119-1 – Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. – Read More  – Packet Storm 

– Ubuntu Security Notice 7121-1 – Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. – Read More  – Packet Storm 

– Ubuntu Security Notice 7120-1 – Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. – Read More  – Packet Storm 

– Ubuntu Security Notice 7120-2 – Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. – Read More  – Packet Storm 

– Ubuntu Security Notice 7122-1 – A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. – Read More  – Packet Storm 

– Ubuntu Security Notice 7121-2 – Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. – Read More  – Packet Storm 

– Ubuntu Security Notice 7123-1 – It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service or possibly expose sensitive information. Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered...

– Debian Linux Security Advisory 5816-1 – The Qualys Threat Research Unit discovered that libmodule-scandeps-perl, a Perl module to recursively scan Perl code for dependencies, allows an attacker to execute arbitrary shell commands via specially crafted file names. – Read More  – Packet Storm 

– Debian Linux Security Advisory 5815-1 – The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable (CVE-2024-48990) or running the Ruby...

– Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception....

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Ubuntu Security Notice 7113-1 – Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. – Read More  – Packet Storm 

– Ubuntu Security Notice 7015-5 – USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2024-6232 and CVE-2024-6923 for python2.7 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could...

– Ubuntu Security Notice 7114-1 – It was discovered that Glib incorrectly handled certain trailing characters. An attacker could possibly use this issue to cause a crash or other undefined behavior. – Read More  – Packet Storm 

– Ubuntu Security Notice 7104-1 – It was discovered that curl could overwrite the HSTS expiry of the parent domain with the subdomain’s HSTS entry. This could lead to curl switching back to insecure HTTP earlier than otherwise intended, resulting in information exposure. – Read More  – Packet Storm 

– Ubuntu Security Notice 7116-1 – It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated. – Read More  – Packet Storm 

– Proof of concept code to exploit an authentication bypass in Palo Alto’s PAN-OS that is coupled with remote command execution. – Read More  – Packet Storm 

– WordPress Really Simple Security plugin versions prior to 9.1.2 proof of concept authentication bypass exploit. – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Ubuntu Security Notice 7106-1 – It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. It was discovered that Tomcat had a vulnerability in its FORM authentication feature, leading to an open redirect attack. An...

– Debian Linux Security Advisory 5812-1 – Multiple security issues were discovered in PostgreSQL, which may result in the execution of arbitrary code, privilege escalation or log manipulation. – Read More  – Packet Storm 

– Ubuntu Security Notice 7108-1 – Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the extension info message. An attacker able to intercept communications could possibly use this issue to downgrade the algorithm used for client authentication. Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the user authentication request...

– Debian Linux Security Advisory 5814-1 – A security issue was discovered in Thunderbird, which could result in the disclosure of OpenPGP encrypted messages. – Read More  – Packet Storm 

– Debian Linux Security Advisory 5813-1 – Moritz Rauch discovered that the Symfony PHP framework implemented persisted remember-me cookies incorrectly, which could result in authentication bypass. – Read More  – Packet Storm 

– SOPlanning version 1.52.01 authenticated remote code execution exploit. – Read More  – Packet Storm 

– Gentoo Linux Security Advisory 202411-7 – A vulnerability has been discovered in Pillow, which may lead to arbitrary code execution. Versions greater than or equal to 10.3.0 are affected. – Read More  – Packet Storm 

– Gentoo Linux Security Advisory 202411-9 – Multiple vulnerabilities have been discovered in Perl, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 5.38.2 are affected. – Read More  – Packet Storm 

– Gentoo Linux Security Advisory 202411-8 – A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation. Versions greater than or equal to 21.1.14 are affected. – Read More  – Packet Storm 

– CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape the sandbox, bypass pyimport restrictions and execute arbitrary commands on the host....

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm