UPDATE: Prowler 2.0 Beta

PenTestIT RSS Feed My older post about Prowler was about a good NINE months ago. Since then, a lot has changed and hence, this post is about the recently released update made to the AWS CIS Benchmark tool – Prowler 2.0 Beta! This new beta version has lots of improvements which you shall read abou...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0122

An update of 'postgresql', 'linux', 'linux-esx' packages of Photon OS has been released...

[SECURITY] Fedora 28 Update: net-snmp-5.7.3-36.fc28

SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the...

[SECURITY] Fedora 27 Update: ntp-4.2.8p11-1.fc27

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in...

[SECURITY] Fedora 26 Update: ntp-4.2.8p11-1.fc26

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in...

Amazon Linux AMI : tomcat80 (ALAS-2018-973)

Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration : As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not...

SUSE-RU-2018:0821-1 Recommended update for drbd, drbd-utils

This update for drbd and drbd-utils provides the following fixes: Changes in drbd-utils: - Make sure the full bitmap gets properly propagated in drbdmeta. Also make sure the ID is kept when downgrading from v9 to v8. bsc1037109 - Support passing '--force' to drbdadm dump-md. bsc1077176 - Fix a...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0119

An update of 'nettle' packages of Photon OS has been released...

[SECURITY] Fedora 26 Update: net-snmp-5.7.3-27.fc26

SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the...

CVE-2018-0878

creationtimestamp| type| source ---|---|--- 2018-03-20 11:37:22+00:00| seen| https://t.me/canyoupwnme/3451 2018-03-20 12:16:02+00:00| seen| https://t.me/thebugbountyhunter/1218 2018-03-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44352 2025-04-04 21:36:33+00:00|...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0116

An update of 'systemd' packages of Photon OS has been released...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0026

An update of 'systemd', 'go' packages of Photon OS has been released...

HackerOne: Extra program metrics disclosed via /PROGRAM_NAME json response

Summary: The response to www.hackerone.com/PROGRAM.json includes slamissedcount slafailedcount and researchercount. Description: Viewing the response from a program's json endpoint includes the values for slamissedcount, slafailedcount and researchercount. With regards to the SLA metrics, these a...

[SECURITY] Fedora 27 Update: mailman-2.1.21-8.fc27

Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing list a webpage, and allows users to subscribe, unsubscribe, etc. over the Web. Even the list manager can administer his or her list entirely from...

[SECURITY] Fedora 27 Update: postgresql-9.6.8-1.fc27

PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...

[SECURITY] Fedora 26 Update: postgresql-9.6.8-1.fc26

PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...

Solaris 10 (sparc) : 138822-12

SunOS 5.10: PostgreSQL 8.3 documentation patch. Date this patch was last updated by Sun : Mar/29/13 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Solaris 10 (x86) : 138823-12

SunOS 5.10x86: PostgreSQL 8.3 documentation patch. Date this patch was last updated by Sun : Mar/29/13 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc';...

Solaris 10 (sparc) : 137000-08

SunOS 5.10: PostgreSQL 8.2 documentation patch. Date this patch was last updated by Sun : Jun/09/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Laravel: Persistent Cross-Site Scripting in default Laravel installation

Persistent XSS in default Laravel Installation I have been using the Laravel framework for quite a while now and discovered something odd. When following the installation instructions for the latest Laravel version 5.6.8 at the time of writing you will be up and running in a matter of minutes. Ev...