Security Bulletin: Multiple packages as used in IBM Security QRadar Packet Capture are vulnerable to various security issues.

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2017-5461 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an...

Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Using Components with Known Vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2020-10711 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference while receiving...

Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Using Components with Known Vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2019-3855 DESCRIPTION: An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8....

The vulnerability of the tcpdump tool for capturing and analyzing network traffic arises from buffer overflows, which allow attackers to disclose sensitive information that is protected by security measures.

The vulnerability of the tcpdump tool for capturing and analyzing network traffic arises due to buffer overflow. Exploiting this vulnerability can allow a hacker to disclose sensitive information using a specially created pcap file...

GoAhead Web Server 5.1.1 - Digest Authentication Capture Replay Nonce Reuse

Exploit Title: GoAhead Web Server 5.1.1 - Digest Authentication Capture Replay Nonce Reuse Date: 2019-08-29 Exploit Author: LiquidWorm Software Link: https://www.embedthis.com Version: 5.1.1 !/usr/bin/env python3 -- coding: utf-8 -- EmbedThis GoAhead Web Server 5.1.1 Digest Authentication Capture...

[SECURITY] Fedora 33 Update: wireshark-3.2.7-2.fc33

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

NTLMRawUnHide - A Python3 Script Designed To Parse Network Packet Capture Files And Extract NTLMv2 Hashes In A Crackable Format

NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The tool was developed to extract NTLMv2 hashes from files generated by native Windows binaries like NETSH.EXE and PKTMON.EXE without conversion. The following bina...

CVE-2020-3585 Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to...

Shopify: Bypass For #997350 your-store.myshopify.com preview link is leak on third party website Via Online Store

Hi Security Team, Description Full Description in 997350 The owner of that website can perform a security compromise by grabbing those links. Solution: The solution is very very SIMPLE. Just include the following HTML code in the following in code between tags of the html of the page: This will n...

Fedora: Security Advisory for wireshark (FEDORA-2020-1bf4b97c16)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: wireshark-3.2.7-1.fc32

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

EmbedThis GoAhead Web Server 5.1.1 Digest Authentication Capture Replay Nonce Reuse

Summary GoAhead is the world's most popular, tiny embedded web server. It is compact, secure and simple to use. GoAhead is deployed in hundreds of millions of devices and is ideal for the smallest of embedded devices. Description A security vulnerability affecting GoAhead versions 2 to 5 has been...

SCREEN_KILLER - Tool To Track Progress For Reporting (Capture Screenshot, Commands And Outputs) During Pentest Engagement And OSCP

This script was to developed to capture screenshot during pentest engagment and OSCP. IMPORTANT: The screenshot feature is no longer allowed for exam but the terminal logging is allowed for exam. If you like the tool and for my personal motivation so as to develop other tools please a +1 star The...

smbAutoRelay - Provides The Automation Of SMB/NTLM Relay Technique For Pentesting And Red Teaming Exercises In Active Directory Environments

SMB AutoRelay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environments. Usage Syntax: ./smbAutoRelay.sh -i -t -q -d . Example: ./smbAutoRelay.sh -i eth0 -t ./targets.txt . Notice that the targets file should contain just the IP...

Debian: Security Advisory (DLA-2383-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-11129

u'During the error occurrence in capture request, the buffer is freed and later accessed causing the camera APP to fail due to memory use-after-free' in Snapdragon Consumer IOT, Snapdragon Mobile in Bitra, Kamorta, QCS605, Saipan, SDM710, SM8250, SXR2130...

Design/Logic Flaw

u'During the error occurrence in capture request, the buffer is freed and later accessed causing the camera APP to fail due to memory use-after-free' in Snapdragon Consumer IOT, Snapdragon Mobile in Bitra, Kamorta, QCS605, Saipan, SDM710, SM8250, SXR2130...

CVE-2020-11129

u'During the error occurrence in capture request, the buffer is freed and later accessed causing the camera APP to fail due to memory use-after-free' in Snapdragon Consumer IOT, Snapdragon Mobile in Bitra, Kamorta, QCS605, Saipan, SDM710, SM8250, SXR2130...

CVE-2020-11129

Technical details about CVE-2020-11129 are not publicly available in the provided connected documents; the initial entry notes a memory use-after-free in camera capture on Snapdragon devices. Monitor for updates.

Security Bulletin: Datacap Taskmaster Capture, Datacap Fastdoc Capture and Datacap Navigator is affected by vulnerability due to unexpected authentication behavior

Summary Datacap Taskmaster Capture, Datacap Fastdoc Capture and Datacap Navigator has addressed the vulnerability which could allow an authenticated user to bypass future authentication mechanisms once the initial login is completed. Vulnerability Details CVEID: CVE-2018-1773 DESCRIPTION: IBM...