Lynis 2.7.3 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
6.8AI Score
[SECURITY] [DLA 1664-1] golang security update
Package : golang Version : 2:1.3.3-1+deb8u1 CVE ID : CVE-2019-6486 Debian Bug : #920548 It was discovered that there was a denial of service vulnerability or possibly even the ability to conduct private key recovery attacks within in the elliptic curve cryptography...
8.2CVSS
8.1AI Score
0.038EPSS
Marvell Avastar wireless SoCs have multiple vulnerabilities
Overview Some Marvell Avastar wireless system on chip (SoC) models have multiple vulnerabilities, including a block pool overflow during Wi-Fi network scan. Description A presentation at the ZeroNights 2018 conference describes multiple security issues with Marvell Avastar SoCs (models 88W8787,...
8.8CVSS
0.3AI Score
0.017EPSS
[SECURITY] [DSA 4380-1] golang-1.8 security update
Debian Security Advisory DSA-4380-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2019 https://www.debian.org/security/faq Package : golang-1.8 CVE ID : CVE-2018-6574 CVE-2018-7187...
8.8CVSS
8.5AI Score
0.379EPSS
[SECURITY] [DSA 4379-1] golang-1.7 security update
Debian Security Advisory DSA-4379-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2019 https://www.debian.org/security/faq Package : golang-1.7 CVE ID : CVE-2018-7187 CVE-2019-6486 A...
8.8CVSS
9AI Score
0.379EPSS
Security Bulletin: Multiple vulnerabilities in php affect IBM Flex System Manger (FSM)
Summary There are multiple vulnerabilities in php that is included in IBM Flex System Manager (FSM). This bulletin addresses these vulnerabilities. Vulnerability Details Summary There are multiple vulnerabilities in php that is included in IBM Flex System Manager (FSM). This bulletin addresses...
9.8CVSS
1AI Score
0.88EPSS
bind is vulnerable to denial of service (DoS) attacks. The vulnerability exists as ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a.....
8.1AI Score
0.877EPSS
Denial Of Service (DoS) Through Memory Consumption
OpenSSL is vulnerable to denial of service (DoS) attacks. These attacks are possible because there is a memory leak in d1_srtp.c which allows remote attackers to consume all the memory through a handshake...
4.3AI Score
0.823EPSS
OpenSSL is vulnerable to denial of service (DoS). A flaw in OpenSSL allows attackers to a double free to occur through DTLS...
5.4AI Score
0.889EPSS
php is vulnerable to denial of service (DoS) attacks. The vulnerability exists through an Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including...
6.3AI Score
0.97EPSS
Aircrack-ng 1.5 - Complete Suite Of Tools To Assess WiFi Network Security
Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks, deauthentication, fake access points and...
7.2AI Score
Making CVE-1999-0016 (landc) vulnerability detection script for Windows NT
The fair question is why in 2018 someone might want to deal with Windows NT and vulnerabilities in it. Now Windows NT is a great analogue of DVWA (Damn Vulnerable Web Application), but for operating systems. There are a lot of well-described vulnerabilities with ready-made exploits. A great tool...
6.8AI Score
0.001EPSS
Texas Instruments CC2640 and CC2650 microcontrollers vulnerable to heap overflow and insecure update
Overview Texas Instruments CC2640 and CC2650 microcontrollers are vulnerable to a heap overflow and may allow unauthenticated firmware installation. Description CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CVE-2018-16986 - also known as BLEEDINGBIT The following....
8.8CVSS
1.1AI Score
0.05EPSS
Lynis 2.7.0 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
6.8AI Score
testssl.sh - Testing TLS/SSL Encryption Anywhere On Any Port
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. Key features Clear output: you can tell easily whether anything is good or bad Ease of installation: It works for Linux,...
7.1AI Score
Aircrack-ng 1.4 - Complete Suite Of Tools To Assess WiFi Network Security
Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks, deauthentication, fake access points and...
7.3AI Score
Ettercap - A Comprehensive Suite For Man In The Middle Attacks
Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis. ETTERCAP.....
7.3AI Score
Automatic DNS registration and proxy autodiscovery allow spoofing of network services
Overview Automatic DNS registration and autodiscovery functionality provides an opportunity for the misconfiguration of networks, resulting in a loss of confidentiality and integrity of the network if an attacker on the network adds a specially configured proxy device. Description The Web Proxy...
7.5CVSS
0.3AI Score
0.947EPSS
Lynis 2.6.8 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
6.8AI Score
Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities
Overview Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary commands on a vulnerable system. Description Ghostscript contains an optional -dSAFER option, which is supposed to prevent unsafe PostScript...
7.8CVSS
0.2AI Score
0.973EPSS
Linux kernel IP fragment re-assembly vulnerable to denial of service
Overview The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets. Description CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') - CVE-2018-5391 The Linux kernel, versions 3.9+, is vulnerable to a....
7.5CVSS
0.3AI Score
0.017EPSS
Hashcat v4.2.1 - World's Fastest and Most Advanced Password Recovery Utility
hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable.....
7.5AI Score
Lynis 2.6.7 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
6.9AI Score
TCP implementations vulnerable to Denial of Service
Overview The Linux kernel versions 4.9+ and supported versions of FreeBSD are vulnerable to denial of service conditions with low rates of specially modified packets. Description CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') - CVE-2018-5390 Linux kernel versions 4.9+ can be...
7.5CVSS
0.3AI Score
0.783EPSS
Aircrack-ng 1.3 - Complete Suite Of Tools To Assess WiFi Network Security
Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks, deauthentication, fake access points and...
7.3AI Score
Lynis 2.6.6 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
6.7AI Score
Lynis 2.6.5 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
6.8AI Score
CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks
Overview CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4". Description Speculative execution is a technique used by many modern processors to improve performance by...
5.6CVSS
0.2AI Score
0.976EPSS
FreeRADIUS Server Configuration Tool
Developed for the Linux operating system and written in the python programming language. The purpose of the program is to configure the FreeRADIUS server easily and quickly. To get a grasp of what FreeRADIUS is, it would help to firstly understand what the concept RADIUS stands for: RADIUS :...
7.9AI Score
Hardware debug exception documentation may result in unexpected behavior
Overview In some circumstances, some operating systems or hypervisors may not expect or properly handle an Intel architecture hardware debug exception. The error appears to be due to developer interpretation of existing documentation for certain Intel architecture interrupt/exception instructions,....
7.8CVSS
0.2AI Score
0.001EPSS
Robert Foggia via NetBSD GNATS reports : The ipsec-tools racoon daemon contains a remotely exploitable computational complexity attack when parsing and storing isakmp fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly...
7.5CVSS
0.1AI Score
0.003EPSS
Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP...
9.8CVSS
7.8AI Score
0.179EPSS
Lynis 2.6.2 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
6.9AI Score
Lynis 2.6.1 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
6.9AI Score
Lynis 2.5.9 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
7.1AI Score
Oracle WebLogic Server WLS Security Component Deserialization Vulnerability
Added: 01/09/2018 BID: 101304 Background Oracle WebLogic Server (formerly BEA WebLogic Server) is a Java web application platform. Problem Oracle WebLogic Server has a vulnerability in the WLS Security (wls-wsat) component that could allow an unauthenticated remote attacker who has HTTP access...
0.6AI Score
Oracle WebLogic Server WLS Security Component Deserialization Vulnerability
Added: 01/09/2018 BID: 101304 Background Oracle WebLogic Server (formerly BEA WebLogic Server) is a Java web application platform. Problem Oracle WebLogic Server has a vulnerability in the WLS Security (wls-wsat) component that could allow an unauthenticated remote attacker who has HTTP access...
0.6AI Score
Oracle WebLogic Server WLS Security Component Deserialization Vulnerability
Added: 01/09/2018 BID: 101304 Background Oracle WebLogic Server (formerly BEA WebLogic Server) is a Java web application platform. Problem Oracle WebLogic Server has a vulnerability in the WLS Security (wls-wsat) component that could allow an unauthenticated remote attacker who has HTTP access...
7.3AI Score
CPU hardware vulnerable to side-channel attacks
Overview CPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as Meltdown and Spectre. Description CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. Both Spectre and Meltdown take...
5.6CVSS
7AI Score
0.976EPSS
Lynis 2.5.8 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
6.8AI Score
Unsupervised Coverage-Guided Kernel Fuzzer: syzkaller
syzkaller is an unsupervised coverage-guided kernel fuzzer. Linux kernel fuzzing has the most support, akaros, freebsd, fuchsia, netbsd and windows are supported to varying degrees. Initially, syzkaller was developed with Linux kernel fuzzing in mind, but now it’s being extended to support other...
-0.5AI Score
tnftp (savefile) Arbitrary Command Execution Exploit
This Metasploit module exploits an arbitrary command execution vulnerability in tnftp's handling of the resolved output filename - called "savefile" in the source - from a requested resource. If tnftp is executed without the -o command-line option, it will resolve the output filename from the last....
5AI Score
0.959EPSS
4.8AI Score
0.959EPSS
7.4AI Score
EPSS
tnftp "savefile" Arbitrary Command Execution
This module exploits an arbitrary command execution vulnerability in tnftp's handling of the resolved output filename - called "savefile" in the source - from a requested resource. If tnftp is executed without the -o command-line option, it will resolve the output filename from the last component.....
7.2AI Score
Hashcat v4.0 - World's Fastest and Most Advanced Password Recovery Utility
hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable.....
9.2AI Score
Lynis 2.5.7 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
9.1AI Score
Overview Wi-Fi Protected Access (WPA, more commonly WPA2) handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point (AP) or client. An attacker within range of an affected AP and client may leverage these vulnerabilities.....
8.1CVSS
7.5AI Score
EPSS
Google Warns of DoS and RCE Bugs in Dnsmasq
Seven flaws in what is known as Dnsmasq can be exploited by attackers who can use the bugs to carry out remote code execution, information exposure or a denial of service attacks against affected devices. Google researchers identified the flaws in a research paper published Monday, the same day a.....
0.7AI Score
0.923EPSS
[SECURITY] Fedora 26 Update: ejabberd-17.01-3.fc26
ejabberd is a Free and Open Source distributed fault-tolerant Jabber/XMPP server. It is mostly written in Erlang, and runs on many platforms (tested on Linux, FreeBSD, NetBSD, Solaris, Mac OS X and Windows...
1.6AI Score