SUSE SLES11 Security Update : wireshark (SUSE-SU-2016:1345-1)

This update to Wireshark 1 12.11 fixes a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file. - The PKTC dissector could crash wnpa-sec-2016-22...

Facebook CTF: Capture the Flag Platform

The Facebook CTF is a platform to host Jeopardy and “King of the Hill” style Capture the Flag competitions. Due to the high cost and technical requirements of building and running CTF environments, few publicly available resources exist for schools, students, and non-profit organizations to use...

Facebook Capture The Flag Platform Open Source

If you’ve been to DEF CON or any number of other technical hacker conferences, you’re familiar with Capture the Flag contests. These events pit teams of hackers and researchers against each other in a series of challenges until a winner is determined. Capture the Flag is also a valuable teaching...

Facebook Open Sources its Capture the Flag (CTF) Platform

Hacking into computer, networks and websites could easily land you in jail. But what if you could freely test and practice your hacking skills in a legally safe environment? Facebook just open-sourced its Capture The Flag CTF platform to encourage students as well as developers to learn about cyb...

Skydive - An Open Source Real-Time Network Topology and Protocols Analyzer

Skydive is an open source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure. Skydive agents collect topology informations and flows and forward them to a central agent for further analysis. Al...

Response Operation Collection Kit: ROCK NSM

MOCYBER’s open source Network Security Monitoring platform ROCK is a collections platform, in the spirit of Network Security Monitoring, designed by members of the Missouri National Guard’s Cyber Team. It’s primary focus is to provide a robust, scalable sensor platform for both enduring security...

Windows Packet Sniffing Library: Npcap

Nmap Project’s packet sniffing library for Windows, based on WinPcap/Libpcap improved with NDIS 6 and LWF Npcap is an update of WinPcap to NDIS 6 Light-Weight Filter LWF .aspx technique. It supports Windows Vista, 7, 8 and 10. It is sponsored but not officially supported by the Nmap Project and...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.

The vulnerability of the PageCaptureSaveAsMHTMLFunction::ReturnFailure function browser/extensions/api/pagecapture/pagecaptureapi.cc in the Google Chrome browser is related to code errors. Exploiting this vulnerability may allow an attacker to cause service failures or potentially other effects d...

Panorama 360 - VR capture - Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Panorama 360 - VR capture published at the 'play' market has multiple vulnerabilities...

Adobe Capture CC - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Adobe Capture CC published at the 'play' market has multiple vulnerabilities...

chromium-browser: various fixes from internal audits

The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/pagecapture/pagecaptureapi.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document...

Google Chrome PageCaptureSaveAsMHTMLFunction::ReturnFailure Denial of Service Vulnerability

Google Chrome is a web browsing tool developed by Google. Google Chrome versions prior to 49.0.2623.108, browser/extensions/api/pagecapture/pagecaptureapi.cc/PageCaptureSaveAsMHTMLFunction:. A denial of service vulnerability exists in the ReturnFailure implementation, which can be exploited by...

UBUNTU-CVE-2016-1650

The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/pagecapture/pagecaptureapi.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document...

CVE-2016-1650

Removed by vendor...

New Relic: https://rpm.newrelic.com/login vulnerable to host header attack

It appears that https://rpm.newrelic.com/login is vulnerable to a host header attack flaw whereas the HTTP Host header can be controlled by a malicious user. POC: curl -H "Host: rpm.newrelic.com" -H "X-Forwarded-Host: geeknik.com" https://rpm.newrelic.com/login Result: You are being redirected. A...

CVE-2016-2856

ptchown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10...

Design/Logic Flaw

ptchown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10...

CVE-2016-2856

CVE-2016-2856 affects glibc//pt_chown and related packages across Debian/Ubuntu releases. Root cause: pt_chown lacks a namespace check for file-descriptor passing, enabling a local attacker to capture keystrokes, spoof data, and potentially gain privileges via pts read/write. Affected: Debian jes...

CVE-2016-2856

ptchown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10...

UBUNTU-CVE-2016-2856

ptchown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10...