All Hot News World. Public world blog, journal online reviewed.

Protocol File, PacketStorm Security

RSS feed: Protocol File, PacketStorm Security
Tue, 12 Feb 2019 18:18:33 GMT
Protocol Files ≈ Packet Storm
Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers [ + ]
Mon, 11 Feb 2019 16:13:15 GMT
Debian Security Advisory 4389-1
Debian Linux Security Advisory 4389-1 - Christian Reitter discovered that libu2f-host, a library implementing the host-side of the U2F protocol, failed to properly check for a buffer overflow. This would allow an attacker with a custom made malicious USB device masquerading as a security key, and physical access to a computer where PAM U2F or an application with libu2f-host integrated, to potentially execute arbitrary code on that computer. [ + ]
Fri, 01 Feb 2019 17:19:00 GMT
Debian Security Advisory 4387-1
Debian Linux Security Advisory 4387-1 - Harry Sintonen from F-Secure Corporation discovered multiple vulnerabilities in OpenSSH, an implementation of the SSH protocol suite. All the vulnerabilities are in found in the scp client implementing the SCP protocol. [ + ]
Fri, 01 Feb 2019 17:18:18 GMT
Red Hat Security Advisory 2019-0231-01
Red Hat Security Advisory 2019-0231-01 - The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Issues addressed include an off-by-one error. [ + ]
Wed, 30 Jan 2019 16:11:29 GMT
Red Hat Security Advisory 2019-0232-01
Red Hat Security Advisory 2019-0232-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Issues addressed include an off-by-one error. [ + ]
Tue, 29 Jan 2019 19:35:59 GMT
Debian Security Advisory 4375-1
Debian Linux Security Advisory 4375-1 - Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary code. [ + ]
Thu, 17 Jan 2019 00:14:02 GMT
Red Hat Security Advisory 2019-0194-01
Red Hat Security Advisory 2019-0194-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a crash related vulnerability. [ + ]
Thu, 17 Jan 2019 00:03:15 GMT
Red Hat Security Advisory 2019-0081-01
Red Hat Security Advisory 2019-0081-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include buffer over-read and assertion failure vulnerabilities. [ + ]
Tue, 08 Jan 2019 22:52:39 GMT
Red Hat Security Advisory 2019-0053-01
Red Hat Security Advisory 2019-0053-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include buffer over-read and assertion failure vulnerabilities. [ + ]
Thu, 03 Jan 2019 23:01:31 GMT
Wireshark Analyzer 2.6.6
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. [ + ]
Fri, 28 Dec 2018 21:54:04 GMT
Red Hat Security Advisory 2019-0022-01
Red Hat Security Advisory 2019-0022-01 - The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server kernel module providing layer-4 load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage a load balanced server pool according to the health of the servers. Keepalived also implements the Virtual Router Redundancy Protocol to achieve high availability with director failover. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities. [ + ]
Thu, 20 Dec 2018 18:18:00 GMT
Debian Security Advisory 4359-1
Debian Linux Security Advisory 4359-1 - Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code. [ + ]
Wed, 19 Dec 2018 21:09:26 GMT
Debian Security Advisory 4356-1
Debian Linux Security Advisory 4356-1 - Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, an implementation of the AppleTalk Protocol Suite, allowing an unauthenticated user to execute arbitrary code with root privileges. [ + ]
Wed, 19 Dec 2018 21:09:18 GMT
Red Hat Security Advisory 2018-3854-01
Red Hat Security Advisory 2018-3854-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities. [ + ]
Thu, 06 Dec 2018 02:28:31 GMT
Red Hat Security Advisory 2018-3853-01
Red Hat Security Advisory 2018-3853-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities. [ + ]
Sat, 01 Dec 2018 15:00:40 GMT
Kerio Control VPN Protocol 9.2.7 Inadequate Cryptography Implementation
Kerio Control VPN Protocol versions 9.2.7 and below have an issue where the cryptographic protocol employed exhibits severe design issues. [ + ]
Thu, 29 Nov 2018 02:32:44 GMT
TestSSL 3.0rc3
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets. [ + ]
Wed, 28 Nov 2018 18:07:38 GMT
Wireshark Analyzer 2.6.5
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. [ + ]
Tue, 27 Nov 2018 17:24:48 GMT
Unitrends Enterprise Backup bpserverd Privilege Escalation
It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system. This is very similar to exploits/linux/misc/ueb9_bpserverd however it runs against the localhost by dropping a python script on the local file system. Unitrends stopped bpserverd from listening remotely on version 10. [ + ]
Tue, 27 Nov 2018 17:24:35 GMT
Red Hat Security Advisory 2018-3681-01
Red Hat Security Advisory 2018-3681-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability. [ + ]
Mon, 26 Nov 2018 10:02:22 GMT
Red Hat Security Advisory 2018-3680-01
Red Hat Security Advisory 2018-3680-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability. [ + ]
Mon, 26 Nov 2018 04:44:44 GMT
Red Hat Security Advisory 2018-3653-01
Red Hat Security Advisory 2018-3653-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability. [ + ]
Fri, 23 Nov 2018 19:19:00 GMT
Red Hat Security Advisory 2018-3652-01
Red Hat Security Advisory 2018-3652-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability. [ + ]
Wed, 21 Nov 2018 02:16:27 GMT
Ubuntu Security Notice USN-3801-2
Ubuntu Security Notice 3801-2 - USN-3801-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass mixed content warnings, or execute arbitrary code. Multiple security issues were discovered with WebExtensions in Firefox. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit these to bypass domain restrictions, gain additional privileges, or run content scripts in local pages without permission. Various other issues were also addressed. [ + ]
Thu, 15 Nov 2018 17:51:00 GMT
OpenSSL Toolkit 1.1.1a
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. [ + ]

The Powerful Resource Of PHP Stream Wrappers
In this article, the author explores ways to bypass protection methods using the PHP Stream Wrappers, which are responsible for handling protocol related tasks like downloading data from a web or ftp server and exposing it in a way in that it can be handled with PHP's stream related functions. [ + ]
PacketStorm Security

2013 Copyright Techhap.com Mobile version 2015 | PeterLife & company
Skimlinks helps publishers monetize editorial content through automated affiliate links for products. Affiliate programm.
Link at is mandatory if site materials are using fully or particulary.
Were treated to the site administrator, a cup of coffee *https://paypal.me/peterlife
Yandex.ru