alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.
6751f1d3585cf1dcf14eb61e39f3a705The PostNuke Subjects module 2.x is vulnerable to multiple SQL injection attacks. Detailed exploitation provided.
0c969699cb503a22d429b43ec459d072Proof of concept denial of service exploit for Halo: Combat Evolved versions 1.4 and below which suffer from an off-by-one vulnerability.
a209bcdbf59c23cdf87a5de474779cb6Halo: Combat Evolved versions 1.4 and below suffer from an off-by-one vulnerability that can result in a denial of service.
e9b809f4bc45956b5f8c99c07360e105Gentoo Linux Security Advisory GLSA 200409-14 - Samba is vulnerable to a remote denial of service attack due to out of sequence print change notification requests. Versions below 3.0.6 are affected.
c2233cb03c5e1864756ce096ff62d52bA huge list of IP space for various Federal agencies. Interesting to cross reference to logs and see who may be accessing your web sites, etc.
5d5736c50c7c383e3c25ea5e537231861n BBS E-Market Professional is susceptible to remote command execution vulnerabilities via remote file inclusion and also has a full path disclosure flaw.
e03ea9d6a54e8faeae3be555ce7dc52eMAC OS-X rootkit that has a lot of standard tools included, adds a TCP backdoor via inetd, does data recon, and more.
4d88ce2a44718703f5de06a26c26349achroot_safe is a alternative method for chrooting dynamically linked applications in a sane and safe manner. By using a little dynamic linking trick it delays the chrooting until after dynamic linking has completed, thereby eliminating the need to have a copy of the binary or libraries within the chroot. This greatly simplifies the process of chrooting an application, as you often do not need any files besides the data files within the chroot. In addition to chrooting the application, it also drops root privileges before allowing the application to start.
a1d876b6ac5efcf25c4050ee8e26258bBASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
dec9b098db9e737d49d745b5fb0134b4NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
a777a1d9b82a0d7b6cc8805e992ddb20ArpSpyX is an ARP packet sniffer that displays a list of IP and MAC addresses found by analyzing ARP traffic on your network. It can be used to easily gather MAC addresses of network machines remotely, quickly identify new clients on your wireless network, and identify ARP poisoning attacks by tracking multiple MAC addresses for a single IP address.
7b3b3bda879a0b7d1db34ae304a4fea2Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available to help measure the effectiveness and minimum requirements necessary to succeed.
63af4fb2286d9c62f98bd9a295c570dbSecunia Security Advisory - A vulnerability has been reported in F-Secure Internet Gatekeeper 6.x and F-Secure Anti-Virus for Microsoft Exchange 6.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the exception handling in the F-Secure Content Scanner Server component. This can be exploited to crash a process in the component via specially crafted packets.
768c5dae11a645111e0ff60cc1dee12fSecunia Security Advisory - A vulnerability has been reported in MailEnable Professional and Standard 1.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing DNS responses. This can be exploited to crash the SMTP service by returning a DNS response containing over 100 MX records.
dbbb09e5a784e60ee121b0893e1ec42eGentoo Linux Security Advisory GLSA 200409-13 - Several buffer overflows and a shell metacharacter command execution vulnerability have been found in LHa. These vulnerabilities can be used to execute arbitrary code. Versions 114i-r3 and below are affected.
11d30d44cbba336db87ddf42fa00e3b9Simple unix-based backdoor that is very compact and provides a bindshell.
b102aed4733efae0cd8de45938b514bcSecunia Security Advisory - A vulnerability has been reported in Emdros, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak in the CFeatureDeclaration::TypeTypeCompatibility() function. This can be exploited to consume available system resources by issuing a large amount of malformed CREATE OBJECT TYPE or UPDATE OBJECT TYPE statements. Versions below 1.1.20 are affected.
6f04cd1583e007b086f330a5d3aa6398Perl exploit that makes use of a flaw in PHP-Nuke 7.4 where an attacker can post to global home-page messages.
d3153083e777412eb3cfd2fd6b46eb4aA buffer overflow vulnerability in the Trillian basic edition version 0.74i occurs in the MSN module when receiving a string of around 4096 bytes ending with a newline character from an MSN messenger server. This vulnerability is remotely exploitable but requires the use of a man-in-the-middle attack. Full exploit included.
2b6d704d8a017393ce34ec3c5e61eb93Local root exploit for cdrecord, which fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable.
00639004e7b4b1726824c19988f20becMandrake Linux Security Update Advisory - The cdrecord program, which is suid root, fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable. This can be abused by a local attacker to obtain root privileges.
a0c2b7599e8ed69de4ad012b8376523aGentoo Linux Security Advisory GLSA 200409-11 - star contains a suid root vulnerability which could potentially grant unauthorized root access to an attacker. Versions below star-1.5_alpha46 are affected.
6002efa151ecaa94c38a14c932acd0bbGentoo Linux Security Advisory GLSA 200409-12 - ImageMagick, imlib and imlib2 contain exploitable buffer overflow vulnerabilities in the BMP image processing code.
dafc74e5dfcec6ea5818cf4bbf948decSecunia Security Advisory - A vulnerability in net-acct can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. The write_list() and dump_curr_list() functions create temporary files insecurely. This can be exploited via symlink attacks to overwrite or create arbitrary files with the privileges of a user executing net-acct. The vulnerability affects version 0.71 and prior.
886a83d82b6914e96b17e662ee2d78ab
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed