All Hot News World. Public world blog, journal online reviewed.

Protocol File, PacketStorm Security

RSS feed: Protocol File, PacketStorm Security
Thu, 06 Dec 2018 02:28:31 GMT
Protocol Files ≈ Packet Storm
Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers [ + ]
Sat, 01 Dec 2018 15:00:40 GMT
Kerio Control VPN Protocol 9.2.7 Inadequate Cryptography Implementation
Kerio Control VPN Protocol versions 9.2.7 and below have an issue where the cryptographic protocol employed exhibits severe design issues. [ + ]
Thu, 29 Nov 2018 02:32:44 GMT
TestSSL 3.0rc3
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets. [ + ]
Wed, 28 Nov 2018 18:07:38 GMT
Wireshark Analyzer 2.6.5
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. [ + ]
Tue, 27 Nov 2018 17:24:48 GMT
Unitrends Enterprise Backup bpserverd Privilege Escalation
It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system. This is very similar to exploits/linux/misc/ueb9_bpserverd however it runs against the localhost by dropping a python script on the local file system. Unitrends stopped bpserverd from listening remotely on version 10. [ + ]
Tue, 27 Nov 2018 17:24:35 GMT
Red Hat Security Advisory 2018-3681-01
Red Hat Security Advisory 2018-3681-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability. [ + ]
Mon, 26 Nov 2018 10:02:22 GMT
Red Hat Security Advisory 2018-3680-01
Red Hat Security Advisory 2018-3680-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability. [ + ]
Mon, 26 Nov 2018 04:44:44 GMT
Red Hat Security Advisory 2018-3653-01
Red Hat Security Advisory 2018-3653-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability. [ + ]
Fri, 23 Nov 2018 19:19:00 GMT
Red Hat Security Advisory 2018-3652-01
Red Hat Security Advisory 2018-3652-01 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Issues addressed include a denial of service vulnerability. [ + ]
Wed, 21 Nov 2018 02:16:27 GMT
Ubuntu Security Notice USN-3801-2
Ubuntu Security Notice 3801-2 - USN-3801-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass mixed content warnings, or execute arbitrary code. Multiple security issues were discovered with WebExtensions in Firefox. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit these to bypass domain restrictions, gain additional privileges, or run content scripts in local pages without permission. Various other issues were also addressed. [ + ]
Thu, 15 Nov 2018 17:51:00 GMT
OpenSSL Toolkit 1.1.1a
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. [ + ]
Thu, 08 Nov 2018 22:01:14 GMT
The Powerful Resource Of PHP Stream Wrappers
In this article, the author explores ways to bypass protection methods using the PHP Stream Wrappers, which are responsible for handling protocol related tasks like downloading data from a web or ftp server and exposing it in a way in that it can be handled with PHP's stream related functions. [ + ]
Tue, 06 Nov 2018 21:07:41 GMT
Red Hat Security Advisory 2018-3522-01
Red Hat Security Advisory 2018-3522-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Issues addressed include a buffer overflow vulnerability. [ + ]
Tue, 06 Nov 2018 21:04:28 GMT
Ubuntu Security Notice USN-3810-1
Ubuntu Security Notice 3810-1 - Ivan Gotovchits discovered that ppp incorrectly handled the EAP-TLS protocol. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly bypass authentication. [ + ]
Mon, 05 Nov 2018 21:01:31 GMT
Red Hat Security Advisory 2018-3507-01
Red Hat Security Advisory 2018-3507-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability. [ + ]
Wed, 31 Oct 2018 01:15:39 GMT
Red Hat Security Advisory 2018-3500-01
Red Hat Security Advisory 2018-3500-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a buffer over-read vulnerability. [ + ]
Wed, 31 Oct 2018 01:12:58 GMT
Red Hat Security Advisory 2018-3406-01
Red Hat Security Advisory 2018-3406-01 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability. [ + ]
Wed, 31 Oct 2018 00:58:24 GMT
Red Hat Security Advisory 2018-3347-01
Red Hat Security Advisory 2018-3347-01 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability. [ + ]
Wed, 31 Oct 2018 00:56:45 GMT
Red Hat Security Advisory 2018-3127-01
Red Hat Security Advisory 2018-3127-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability. [ + ]
Wed, 31 Oct 2018 00:53:38 GMT
Red Hat Security Advisory 2018-3221-01
Red Hat Security Advisory 2018-3221-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a denial of service vulnerability. [ + ]
Wed, 31 Oct 2018 00:46:33 GMT
Red Hat Security Advisory 2018-3249-01
Red Hat Security Advisory 2018-3249-01 - The setup package contains a set of important default system configuration and setup files. Examples include /etc/passwd, /etc/group, and /etc/profile. Other examples are the default lists of reserved user IDs, reserved ports, reserved protocols, allowed shells, allowed secure terminals. Issues addressed include a nologin listed in /etc/shells violating security expectations. [ + ]
Tue, 30 Oct 2018 20:22:22 GMT
Red Hat Security Advisory 2018-3157-01
Red Hat Security Advisory 2018-3157-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. The nss-pem package provides the PEM file reader for Network Security Services implemented as a PKCS#11 module. Issues addressed include denial of service, null pointer, and out of bounds write vulnerabilities. [ + ]
Tue, 30 Oct 2018 17:50:01 GMT
Red Hat Security Advisory 2018-3056-01
Red Hat Security Advisory 2018-3056-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a null pointer vulnerability. [ + ]
Tue, 30 Oct 2018 17:42:22 GMT
Red Hat Security Advisory 2018-3052-01
Red Hat Security Advisory 2018-3052-01 - The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Issues addressed include cookie injection. [ + ]
Wed, 24 Oct 2018 22:18:38 GMT
Red Hat Security Advisory 2018-3050-01
Red Hat Security Advisory 2018-3050-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include Lucky Thirteen and other attack mitigations. [ + ]

Ubuntu Security Notice USN-3801-1
Ubuntu Security Notice 3801-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass mixed content warnings, or execute arbitrary code. Various other issues were also addressed. [ + ]
PacketStorm Security

Booking.com B.V. is based in Amsterdam in the Netherlands. Ready for some statistics? Our 1,534,024 properties, including 860,482 holiday rentals, are located in 123,105 destinations in 229 countries and territories, and are supported internationally by 198 offices in 70 countries.
2013 Copyright Techhap.com Mobile version 2015 | PeterLife & company
Skimlinks helps publishers monetize editorial content through automated affiliate links for products. Affiliate programm.
Link at is mandatory if site materials are using fully or particulary.
Were treated to the site administrator, a cup of coffee *https://paypal.me/peterlife
Yandex.ru