what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2024-06-10

American Fuzzy Lop plus plus 4.21c
Posted Jun 10, 2024
Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site github.com

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: 21 updates to afl-fuzz, 7 updates to afl-cc, 1 update to afl-cmin, and 2 updates to afl-showmap. Fixed a shmem mmap bug. Added script generate_libtoken_dict.sh to libtokencap.
tags | tool, fuzzer
systems | unix
SHA-256 | 11f7c77d37cff6e7f65ac7cc55bab7901e0c6208e845a38764394d04ed567b30
Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR
Posted Jun 10, 2024
Authored by C. Schwarz | Site sec-consult.com

Kiuwan SAST versions prior to 2.8.2402.3, Kiuwan Local Analyzer versions prior to master.1808.p685.q13371, and Kiuwan SaaS versions prior to 2024-02-05 suffer from XML external entity injection, cross site scripting, insecure direct object reference, and various other vulnerabilities.

tags | exploit, local, vulnerability, xss
advisories | CVE-2023-49110, CVE-2023-49111, CVE-2023-49112, CVE-2023-49113
SHA-256 | 6af5ef942877432434cbf024cf41b29e270c93717f04c0f42c420899c400c4ef
Ubuntu Security Notice USN-6821-1
Posted Jun 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6821-1 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-52434, CVE-2023-52447, CVE-2023-52620, CVE-2023-52640, CVE-2023-52641, CVE-2023-52645, CVE-2023-52650, CVE-2023-52662, CVE-2023-6270, CVE-2023-7042, CVE-2024-0841, CVE-2024-22099, CVE-2024-26583, CVE-2024-26603
SHA-256 | 6bfa3dcb7b71737d5c685bfda62b611297eb2a3e245d5048438c44e66d077a4e
Ubuntu Security Notice USN-6820-1
Posted Jun 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6820-1 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-52434, CVE-2023-52447, CVE-2023-52620, CVE-2023-52640, CVE-2023-52644, CVE-2023-52650, CVE-2023-52656, CVE-2023-52662, CVE-2023-6270, CVE-2023-7042, CVE-2024-0841, CVE-2024-21823, CVE-2024-22099, CVE-2024-26584
SHA-256 | 9bc0301ac27ff887fdb620ca4fbcaa8596d7b6662bdce340d62aeba59ff7d4cc
SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure
Posted Jun 10, 2024
Authored by T. Weber | Site cyberdanube.com

SEH utnserver Pro/ProMAX and INU-100 version 20.1.22 suffers from cross site scripting, denial of service, and file disclosure vulnerabilities.

tags | exploit, denial of service, vulnerability, xss
advisories | CVE-2024-5420, CVE-2024-5421, CVE-2024-5422
SHA-256 | 67806c2f4c3195737e32e0a53dfdc16ae12e9f9db70895d10ba1b259619c40f6
Ubuntu Security Notice USN-6819-1
Posted Jun 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6819-1 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service.

tags | advisory, remote, denial of service, kernel, tcp, protocol
systems | linux, ubuntu
advisories | CVE-2023-52443, CVE-2023-52444, CVE-2023-52447, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52455, CVE-2023-52457, CVE-2023-52462, CVE-2023-52463, CVE-2023-52465, CVE-2023-52467, CVE-2023-52469, CVE-2023-52472
SHA-256 | 6b5f365e0a9b1cc8353c9a51d4e012a3c1a46a05a4cee68676de2559d30b4103
Hardwear.io NL 2024 Call For Papers
Posted Jun 10, 2024
Authored by hardwear.io CFP | Site hardwear.io

The call for papers for Hardwear.io 2024 in the Netherlands is now open. It will take place October 24th through the 24th, 2024 at the Marriott Hotel, Amsterdam, The Netherlands.

tags | paper, conference
SHA-256 | 2893959f1b581f1f25b05d843a5ab9e8e184cb0c072365549e1995880a54b3e9
Ubuntu Security Notice USN-6818-1
Posted Jun 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6818-1 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52454, CVE-2023-52455, CVE-2023-52457, CVE-2023-52458, CVE-2023-52462, CVE-2023-52465
SHA-256 | 5778214f1c63875a06eab8b9dbcf68eb5655db57ccbc5ef60ce840cca70d6401
Ubuntu Security Notice USN-6817-1
Posted Jun 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6817-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-47233, CVE-2023-52647, CVE-2023-52648, CVE-2023-52649, CVE-2023-52652, CVE-2023-52653, CVE-2023-52659, CVE-2023-52662, CVE-2023-6270, CVE-2023-7042, CVE-2024-23307, CVE-2024-24861, CVE-2024-25739
SHA-256 | 6604cf7d78075746bf15297dc850ae136d73a67131906cfb428c3014fedcb907
FengOffice 3.11.1.2 SQL Injection
Posted Jun 10, 2024
Authored by Andrey Stoykov

FengOffice version 3.11.1.2 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a4d631d58217a0dbbc02735845f2ba3b26d4f99ae6e147a480b6f0cfcdae05fe
Ubuntu Security Notice USN-6816-1
Posted Jun 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6816-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-47233, CVE-2023-52644, CVE-2023-52647, CVE-2023-52648, CVE-2023-52652, CVE-2023-52662, CVE-2023-6270, CVE-2023-7042, CVE-2024-21823, CVE-2024-23307, CVE-2024-24861, CVE-2024-25739, CVE-2024-26651
SHA-256 | c5fa65870663ad980f388337e86e1ca1a5966279264bc74f07bc3f0b468406ce
Red Hat Security Advisory 2024-3741-03
Posted Jun 10, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3741-03 - An update for bind, bind-dyndb-ldap, and dhcp is now available for Red Hat Enterprise Linux 7.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-4408
SHA-256 | 1e1932147c205a1a2280ffc2c5b7db497230c44e6a9ee51941180e78674868dc
GNUnet P2P Framework 0.21.2
Posted Jun 10, 2024
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: Reworked TESTING API. Disabled many old-style tests. Introduced GNUNET_TESTING_command_new_ac. Changed return type to bool from GNUNET_is_zero(). Added GNUNET_GNS_parse_ztld helper API.
tags | tool, web, udp, tcp, peer2peer
systems | unix
SHA-256 | 8c2351268e9b8ba2ad288b8b337ce399f79c18e3ffd960803f4ed5de7dda9fa1
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close