Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
2b9e96572a7002c3e53b79683cf92f8172217e64c17ecaaf612eb68c2a7556ecThis is a thorough write up of how to exploit a local privilege escalation vulnerability in iTunes for Windows version 12.13.2.3. Apple fixed this in version 12.13.3.
d695b4f1b1028346552105f4ee8239edee8add156e7b797895b5d5337070f75fThe Nitro PDF Pro application uses a .msi installer file (embedded into an executable .exe installer file) for installation. The MSI installer uses custom actions in repair mode in an unsafe way. Attackers with low-privileged system access to a Windows system where Nitro PDF Pro is installed, can exploit the cached MSI installer's custom actions to effectively escalate privileges and get a command prompt running in context of NT AUTHORITY\SYSTEM. Versions prior to 14.26.1.0 and 13.70.8.82 and affected.
a84e46e6f47edcfa84a24b20d405dc9009aef6635aeed2d4103f5c1e3b453e54Red Hat Security Advisory 2024-7436-03 - The components for Red Hat OpenShift for Windows Containers 10.17.0 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle.
f9f6a21021825712bf4746f21d3128dde3ff2cc370b717d9e3f6b54dc5961898VegaBird Vooki version 5.2.9 suffers from a dll hijacking vulnerability.
c5f33bc21c9e871866fcbc9aa668c73fe0ec052f868a7c993eb644b8d7aa159eVegaBird Yaazhini version 2.0.2 suffers from a dll hijacking vulnerability.
378aa772f21ffc902834ecaa037a742ac5bf2f8dbac879f976178e59558b4845A single command line can show you about 20,000 instances of CWE-73 issues with Microsoft Windows.
98cca0958bfbc8ebf3577e8e302960e439c3a7358827822332a2847dd420517eBackdoor.Win32.Benju.a malware suffers from a remote command execution vulnerability. This is the 700th release of a malvuln finding.
f79228aaf64af956558118e52f0cae8c6690433d9087c20cfbb14080997449f1Backdoor.Win32.Prorat.jz malware suffers from a buffer overflow vulnerability.
a1f2f2d06b92875d0d19569387aac4e9a1c23766a1289286cdc961ea4b1b0fd1Backdoor.Win32.Amatu.a malware suffers from a remote arbitrary file write vulnerability.
0ac4d1e102fa50d12c1ed2087d7d607e89de02d81742b58cfdd99a95944c55f4Backdoor.Win32.Agent.pw malware suffers from a buffer overflow vulnerability.
7fa82baa98ac10e7877b5d15186d291cc19793db34d1c44febf37e06a22af7aaBackdoor.Win32.Boiling malware suffers from a code execution vulnerability.
b666a8b57ce06bc159252f69fc3abb01c3f39d13ebb66f288c0201d4507a0a1eRed Hat Security Advisory 2024-6734-03 - The components for Red Hat OpenShift for Windows Containers 7.2.2 are now available.This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle.
be505ca2f3802cff25f63ab64134208833ab546ae1e49eddd55ed15bf211b2adBackdoor.Win32.CCInvader.10 malware suffers from a bypass vulnerability.
7f8fbab739d2fc6fb8f975250a5f1be05abc1adfae0b192591971bf6f66b9101Backdoor.Win32.BlackAngel.13 malware suffers from a code execution vulnerability.
717e62131924ca1af11ac62c8dd44bd60d6cffaaf4066df556a537c3442d678eBackdoor.Win32.Delf.yj malware suffers from an information leakage vulnerability.
145f23a8746541655af47b6cc26039a64ce706d01053710c1a2fcdd7dc5aa7a8CVE-2024-30088 is a Windows kernel elevation of privilege vulnerability which affects many recent versions of Windows 10, Windows 11 and Windows Server 2022. The vulnerability exists inside the function called AuthzBasepCopyoutInternalSecurityAttributes specifically when the kernel copies the _AUTHZBASEP_SECURITY_ATTRIBUTES_INFORMATION of the current token object to user mode. When the kernel performs the copy of the SecurityAttributesList, it sets up the list of the SecurityAttributes structure directly to the user supplied pointed. It then calls RtlCopyUnicodeString and AuthzBasepCopyoutInternalSecurityAttributeValues to copy out the names and values of the SecurityAttribute leading to multiple Time Of Check Time Of Use (TOCTOU) vulnerabilities in the function.
a4e521839032a10c16e91b79eb43b6f9620dcc27482be434b0d2b62d5ac92e66This Python script for Linux can analyze Microsoft Windows .msi Installer files and point out potential vulnerabilities.
5acb6c6d8634611b63c2c7dbe9d099afc2807b183f5f065ed3557bc52c57aa7dThis Metasploit module creates a RAR file that exploits CVE-2022-30333, which is a path-traversal vulnerability in unRAR that can extract an arbitrary file to an arbitrary location on a Linux system. UnRAR fixed this vulnerability in version 6.12 (open source version 6.1.7). The core issue is that when a symbolic link is unRARed, Windows symbolic links are not properly validated on Linux systems and can therefore write a symbolic link that points anywhere on the filesystem. If a second file in the archive has the same name, it will be written to the symbolic link path.
2df85540ffe31bd6abf8706295866ebd1d381d12c36e4680836b772ead8e9445Red Hat Security Advisory 2024-6461-03 - The components for Red Hat OpenShift for Windows Containers 8.1.3 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle.
a94249ed049993a7bc563b3b10bb0d96714766e31214ef508fe10f390b70cbb5Red Hat Security Advisory 2024-6460-03 - The components for Red Hat OpenShift for Windows Containers 9.0.3 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle.
a23d4b1cfe7359499fbd669db4aaa7f2ebfce5622158e6ecdf9cb51d4d649552Proof of concept code for the Microsoft Windows DWM Core library elevation of privilege vulnerability. The researcher shows how they reversed the patch, how the heap overflow is produced, and overall gives a complete walk through of their process.
ae21b7b798fa9141cefb1411db92e94dfef6796823599323e49ec4cfcc3f7c0dBackdoor.Win32.Symmi.qua malware suffers from a buffer overflow vulnerability.
0bc924461f903a4b4b69a0e094001ae59f6aed7881aa5a2aff5dfa55c34905b6HackTool.Win32.Freezer.br (WinSpy) malware suffers from an insecure credential storage vulnerability.
574e327046bc7ed7b91b795a2eebcc7e87a001021d334845c357d1bc082517f0Backdoor.Win32.Optix.02.b malware suffers from a hardcoded credential vulnerability.
8c8ad33e111ebd91632229baa25c24e2eb3101bf3951d070074c5b4618e78fcf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed