Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
9ea9c82da9942194ebc8fc5c951a02e6d179afa7472cb6d96ca76154510de1a5
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
49fbaea7f4d5ea0606de68ebb270fc3d4380631ecfd5c9ad82ed9356e29df937
Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
308d8e2009a2ec4f9c31b9772a31ffb05e187054a4ef63b7de1987a33b76ebba
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
9022a0e1b3ee1dc9cd1323efcc0e5f8f24bc521e19e9779efd9d23a3aa3e5577
phpMyFAQ version 2.9.0 suffers from a persistent cross site scripting vulnerability.
689de19daf66f0242804f0df49c4ccacb8627d0a227c57d7faf13fa652c312e3
Apache CloudStack contains an authentication module providing "single sign-on" functionality via the SAML data format. Under certain conditions, a user could manage to access the user interface without providing proper credentials. As the SAML plugin is disabled by default, this issue only affects installations that have enabled and use SAML-based authentication.
a4b1186aed8d05b27ac281e1250d62a1a3033e39f9bb7e46c69a4ba4a43d9dd7
This Metasploit module exploits a stack buffer overflow in the Poison Ivy 2.1.x C&C server. The exploit does not need to know the password chosen for the bot/server communication.
4f558f9b55f9f8cc84972af4fc3f4cdbdcf5968234547a9e4d1b6b5291586cf8
IPFire, a free linux based open source firewall distribution, versions prior to 2.19 Update Core 101 contain a remote command execution vulnerability in the proxy.cgi page.
4455d8714ad0f2e393232ebc31503bf395db118a9964e731f57356a841e46f2a
IPFire, a free linux based open source firewall distribution, versions 2.15 Update Core 82 and below contain an authenticated remote command execution vulnerability via shellshock in the request headers.
72f8b0873dc11b2d3d2949fc7e34c4a2aa14b2eba24cd506e1e1251f6aec3dd2
This Metasploit module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled.
222463195053d60b430e6eb5f81be72703e72a3084a5e10459c90b86de104a1b
Debian Linux Security Advisory 3598-1 - Patrick Coleman discovered that missing input sanitising in the ADPCM decoder of the VLC media player may result in the execution of arbitrary code if a malformed media file is opened.
ef6e9f7013612db842224145000258841e752a70d48a8576bf41b2598f2f91c5
HP Security Bulletin HPSBGN03623 1 - A potential security vulnerability has been identified in HPE Universal CMDB. The vulnerability could be exploited remotely to allow remote disclosure of sensitive information. Revision 1 of this advisory.
bf0b9e29255730ffd5c04f56dbaba7e2b31bc907e20a67ba4ff34cdfea4e81a2
HP Security Bulletin HPSBGN03622 1 - A potential security vulnerability has been identified in the Apache Commons Collections (ACC) component in HPE Universal CMDB, HPE Universal Discovery, and HPE Universal CMDB Configuration Manager. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
0a5e7a76ae0e9dea6d218c8ae25b1839f0e9d03d09644f803c67b625efe83789
HP Security Bulletin HPSBGN03621 1 - Several potential security vulnerabilities have been identified in the OpenSSL library for HPE Universal CMDB. These vulnerabilities could be exploited remotely to allow disclosure of sensitive information. Revision 1 of this advisory.
6aafc05f1d11b18f3329c8dbdfe48519893d60f5e7b228f2e00ceff72c673efd
Ubuntu Security Notice 2995-1 - Yuriy M. Kaminskiy discovered that the Squid pinger utility incorrectly handled certain ICMPv6 packets. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly cause Squid to leak information into log files. Yuriy M. Kaminskiy discovered that the Squid cachemgr.cgi tool incorrectly handled certain crafted data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
19d45016c93c515ab0067629562c37bd5711e3322bb091870d52f61616af52a2
Debian Linux Security Advisory 3599-1 - Marcin 'Icewall' Noga of Cisco Talos discovered an out-of-bound read vulnerability in the CInArchive::ReadFileItem method in p7zip, a 7zr file archiver with high compression ratio. A remote attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running p7zip, if a specially crafted UDF file is processed.
626862b4be5bb093f1b8e89560a9b2b2111ae29fb01ecc8b1898acc507183f76
Ubuntu Security Notice 2993-1 - Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel, Sylvestre Ledru, Julian Seward, Olli Pettay, Karl Tomlinson, Christoph Diehl, Julian Hector, Jan de Mooij, Mats Palmgren, and Tooru Fujisawa discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. A buffer overflow was discovered when parsing HTML5 fragments in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.
2ff696ca4a756aacf9ad21083349f0d417485c427aad64ef4152513c33030755
Red Hat Security Advisory 2016-1218-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. Security Fix: A denial of service flaw was found in the way Spring processes inline DTD declarations. A remote attacker could submit a specially crafted XML file that would cause out-of-memory errors when parsed.
b78080d56977ee4d591eab05c983c3ead51bb79b4fccb0ec666c1fb31690f68a
Red Hat Security Advisory 2016-1219-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. Security Fix: A denial of service flaw was found in the way Spring processes inline DTD declarations. A remote attacker could submit a specially crafted XML file that would cause out-of-memory errors when parsed.
8b1adbf5a207ac5f62d367e6403b5a19686f9644563d19bddebc341e6715ec62
HP Security Bulletin HPSBMU03614 1 - Security vulnerabilities in Samba could potentially impact HPE Systems Insight Manager. These vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in unauthorized identification of valid users and unqualified configuration changes. Revision 1 of this advisory.
57050fb741cc6cede64fb1fa941893f6e42b2ac7316781e959344e9cfc600e90
HP Security Bulletin HPSBMU03584 2 - Multiple potential vulnerabilities have been addressed by HPE Network Node Manager I (NNMi). These vulnerabilities could be remotely exploited resulting in authentication bypass, Cross-Site Scripting (XSS), disclosure of information, or unauthorized access. Revision 2 of this advisory.
9d3210e006b78fa1a4ade7191659ecf926e882ebc76b0210925fc869c3037392
HP Security Bulletin HPSBGN03618 1 - Potential vulnerabilities have been identified in HPE Service Manager. These vulnerabilities could be remotely exploited to allow disclosure of information, unauthorized read access to files and server side request forgery. Revision 1 of this advisory.
770c838de2c7d6f981b3b4017d493a14868de6fedf78e5241c304a616bff3b3b
HP Security Bulletin HPSBGN03624 1 - A potential vulnerability has been identified in Project and Portfolio Management Center. This vulnerability could be exploited to remotely to allow execution of arbitrary commands and disclosure of sensitive information. Revision 1 of this advisory.
7c23964f5f63275c5b37a59f3aad150ebb8f9d880b0803c58664dcbe8c32c862
Red Hat Security Advisory 2016-1217-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.2.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
159d9f0cb18466fcbe9a71e38343d0456b48e9086cca2a6fad686eec1bd9eaf1
There's an integer overflow issue in get_node_path_locked in /system/bin/sdcard on Android, which results in a buffer overflow.
03bc08380fba4bccc4dcff7acf038b1a908c760c3558b538af25c67c1f49b3aa