OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
b15754a7419592c57b8a98cc413eb873Security Enhanced (SE) Android is a project to identify and address critical gaps in the security of Android. Initially, the SE Android project is enabling the use of SELinux in Android in order to limit the damage that can be done by flawed or malicious apps and in order to enforce separation guarantees between apps. However, the scope of the SE Android project is not limited to SELinux.
d0e9d57728138ba5cfb9040d0be8b788Secunia Security Advisory - A vulnerability has been reported in PHP Membership Site Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.
48c44417d8cb7ffb3e0d7b7bef8a0e79Secunia Security Advisory - A vulnerability has been reported in McAfee SaaS Endpoint Protection, which can be exploited by malicious people to compromise a user's system.
b730503f262999b0d71101a0a1d39e37Secunia Security Advisory - A vulnerability has been reported in HP StorageWorks Modular Smart Array P2000, which can be exploited by malicious people to disclose sensitive information.
c4703064c4c43dda56f44300fa104aeaSecunia Security Advisory - A weakness has been reported in IBM WebSphere Application Server, which can be exploited by malicious, local users to manipulate certain data or disclose certain information.
59498119f189cc1b3fee8bf81f21483dSecunia Security Advisory - Stefan Schurtz has discovered two vulnerabilities in phpVideoPro, which can be exploited by malicious people to conduct cross-site scripting attacks.
71f5da4ef17f79ef34687682ce5753a9Secunia Security Advisory - A vulnerability has been discovered in the myEASYbackup plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.
0d60272fd5f02614afe84bbdb1f4eb56Secunia Security Advisory - A security issue has been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions.
5c6ac421758e889dd33d235b4a3715bdSecunia Security Advisory - Multiple vulnerabilities have been reported in Moodle, which can be exploited by malicious users and malicious people to bypass certain security restrictions.
f9b6a9345d1beaf35039ed2db28467a3Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in BoltWire, which can be exploited by malicious people to conduct cross-site scripting attacks.
7fafb7f927a83280af55474556cfd668Secunia Security Advisory - Multiple vulnerabilities have been reported in SonicWALL AntiSpam & EMail Security, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
7e1f5b57651a2528c5080393ac1e3efeSecunia Security Advisory - A vulnerability has been discovered in the Discussions component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
0b58b877fd1aafdd88f5ea4788d5dd0fSecunia Security Advisory - A vulnerability has been reported in phpMyDirectory, which can be exploited by malicious people to conduct SQL injection attacks.
a4dd8bdd27443b2bfc043d71084b1919Secunia Security Advisory - A vulnerability has been reported in Moodle, which can be exploited by malicious people to bypass certain security restrictions.
7382f65e26a6e8ac5502fe326b8a886cP0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
8a7ea1821b4599bdd1749b6112865c41Mandriva Linux Security Advisory 2012-007 - The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. The Server Gated Cryptography implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors. The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service via crafted data from a TLS client. The updated packages have been patched to correct these issues.
7ebf37dee057913b4d2750f4dd5dc640Mandriva Linux Security Advisory 2012-006 - The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. The Server Gated Cryptography implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors. The updated packages have been patched to correct these issues.
2fd6f51dc1f4babbd66e71799685ae43This is a very fast TCP port scanner for Linux that can scan multiple hosts and ports at once.
b5d0e5e019e3d6a9d81a48d0489ad883A small application built to test the performance of a pop3 authentication system using a lot of concurrent connections. It can also be used to try lots of password against a pop3 server. It is capable of using up to 1024 sessions (or more using multiple processes). However with this amount it is capable of reducing internet connections to a crawl and also greatly increasing the load on the server.
2080a9ffe1b5020963b555494ce64282This is a fake sshd which can be used to log common login attempts which are typically used by scammers / spammers / script kiddies to attempt to gain access to servers. It does not modify OpenSSH and uses libssh instead. There is no valid way to login to a shell, can be used to tarpit / delay attackers and can be used to steal the entries used in a dictionary attack.
e7d4f36de596e2a2e00b56015c6f0750This is a simple ICMP ping sweeping tool that takes in a range of IP addresses.
543666de6d9557dbd4451e5bf90b0ea9
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed