haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.
c4959d3cb1fa6391d16a3aa1ba4d82cd3a0d497206ae4b87d638088c0664e5aasqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
d7157df8ee39d6a90d0c9be726c9bbcad1a6fa856bec53283a4b93500b081f4eAnsvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
a45e7858e17f46a83a5612c75c070edff04dda6eab8f0a582f20f2ae5596d1d6This Metasploit module exploits a path traversal via Jetdirect to gain arbitrary code execution by writing a shell script that is loaded on startup to /etc/profile.d. Then, the printer is restarted using SNMP. A large amount of printers are impacted.
6d49ac5c1a048f446f5501a2e5655bb13c4c90e6dff4cd28f9778208c5d72b62Red Hat Security Advisory 2018-2566-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a client-side security defense vulnerability.
649f115a5ba63c8d907307cbe47bfc473e9c62f89295c50c0d2cf506f40c295dUbuntu Security Notice 3754-1 - Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel did not properly validate meta block groups. An attacker with physical access could use this to specially craft an ext4 image that causes a denial of service. It was discovered that an information disclosure vulnerability existed in the ACPI implementation of the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
2e3daae88eb6c229159a61e708a2ae19ecdc551119063721b0673a3449c498f9WordPress Plainview Activity Monitor plugin version 20161228 suffers from an OS command injection vulnerability.
cc18f6b6bbb91b393036a1b4f79ca9f2bacab314eba0b28ec164a11db7051572This Microsoft advisory notification includes advisories released or updated on August 24, 2018.
23a729943b7b7ec5371d451dc71f89be6139670a526961b09b9c9390bf5c10e4Dojo Toolkit version 1.13 suffers from a cross site scripting vulnerability.
f84edcee9a5e3daa0ab8b77ca5133492843ef287eff253e7a7157bf5d674faa8The Vox TG790 ADSL router suffers from a cross site request forgery vulnerability.
cf0c5982821b2381d92b4bfd71bb23596462dd8582882d6b1ffed27ccd71a9bdLibpango version 1.40.8 suffers from a denial of service vulnerability.
9de4a8c094aee6011bb2b1046332cce4382582792acbc7d8c9ca05ebcbea9df9Trend Micro Enterprise Mobile Security version 2.0.0.1700 suffers from a denial of service vulnerability.
d2e6fd03cfc41dcb6573466359ca1ef40f5768a30294e306aeebd7f7866013d3Red Hat Security Advisory 2018-2565-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include client-side defense vulnerabilities.
465541ea0c3b67ecdb7640e1849255b472b52b1d12a055c7a628fbee5ef23dc5Gleez CMS version 1.2.0 suffers from a cross site request forgery vulnerability.
25edeeff2ec76aff44c49296ece5486c6f83902cb02563dff24cf690ac79c760LiteCart version 2.1.2 suffers from a remote file upload vulnerability.
ed1e12bce52186df2f795ae04cadc87331293500e61d16468839c9658b1cf156CuteFTP version 5.0 suffers from a buffer overflow vulnerability.
8d48c92d675eede13f6dc2324399dc56d9c983a2925f80757652b7980e950ec9Sentrifugo HRMS version 3.2 suffers from a remote SQL injection vulnerability.
5de61c8d45187e8f83fe96c9df54d7274c33752049c49ebf1c6e4c841e9afde7The RICOH MP C4504ex printer suffers from a cross site request forgery vulnerability.
061e9d61207265ef6fa35e3c001a7ed054287b6641eaa1b49a818b874d11dcbdFirefox version 55.0.3 suffers from a denial of service vulnerability.
e636a720c5a272fefee20ac2e020b30196fbcd4ac5bd9aa58a5ace9cde9ac9e4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed