Crank is a project to provide a GUI toolkit to facilitate (and where possible, automate) the breaking of classical (pen-and-paper) cryptosystems. Initial focus is on the cryptanalysis of monoalphabetic substitution ciphers.
bf08c5e600f98082bec24ad70656dcb1e9b7e71bf2a24c4229ebe49f897064f7Bind-tsig.c is a trojan which pretends to be a Bind 8 exploit, but actually attacks dns1.nai.com.
10c2b4ca2df782e81fa88f0f3754c17edbda8d021f0e95790037e92d99e82698FreeBSD Security Advisory FreeBSD-SA-01:18 - An overflowable buffer related to the processing of transaction signatures (TSIG) exists in all versions of BIND prior to 8.2.3-RELEASE. The vulnerability is exploitable regardless of configuration options and affects both recursive and non-recursive DNS servers.
5e91111bb54539b59b65f448d0e27bdf893cd206dcbc161e9c6cb098614fea12SuSE Security Announcement SuSE-SA:2001:02 - Kdesu can give users the root password if the 'keep password' option is enabled.
56856c8ac9a58ae68d4160c526bcdd21a888930d51ba0e9c639b25ca63460e51FreeBSD Security Advisory FreeBSD-SA-01:17 - The exmh2 port, versions prior to 2.3.1, contains a local temp file vulnerability at startup.
96e5fe291b7642d9f29512df60460e31d894dace776d62f0a211213e29fe1b65FreeBSD Security Advisory FreeBSD-SA-01:16 - The mysql323-server port, versions prior to 3.23.22, and all mysql322-server ports contain remote vulnerabilities. Due to a buffer overflow, a malicious remote user can access to all databases and have the ability to leverage other local attacks as the mysqld user.
5042f4f9576393ff5bc422e393f0fbdaa672752e9ceb13bc6bcfd9a7faf4f68fFreeBSD Security Advisory FreeBSD-SA-01:15 - The tinyproxy port, versions prior to 1.3.3a, contains remote vulnerabilities: due to a heap overflow, malicious remote users can cause arbitrary code to be executed as the user running tinyproxy.
8ab124d8f193e2fd06bc0b8a238ccead0da8be819e9e440d63812f0b175b987fFreeBSD Security Advisory FreeBSD-SA-01:14 - The micq port, versions prior to 0.4.6.1, contains a remote vulnerability: due to a buffer overflow, a malicious remote user sending specially-crafted packets may be able to execute arbitrary code on the local system with the privileges of the micq process.
691e5322ca5bbc8ac5680820e80dcfdccf4028b1db7857e4b583b367041adc19FreeBSD Security Advisory FreeBSD-SA-01:07 - The XFree86-3.3.6 port, versions prior to 3.3.6_1, has multiple vulnerabilities that may allow local or remote users to cause a denial of service attack against a vulnerable X server. Additionally, local users can often obtain elevated privileges. A malformed packet to TCP port 6000 causes the X server to freeze for several minutes. Due to various coding flaws in libX11, privileged programs linked against libX11 allow local users to obtain privileged access. In addition, any application using libICE to listen on a network port can be crashed due to inadequate bounds checking in libICE.
f38b8c5e38dd0bfd7f6a70b76bcfecc7bdd44b20ce9d030ccf9afb74f2db810dMicrosoft Security Advisory MS01-004 - This vulnerability involves a new variant of the "File Fragment Reading via .HTR" vulnerability, previous variants of which were discussed in Microsoft Security Bulletins MS00-031 and MS00-044. Like the original variants, this enables attackers to at fragments of server-side files like .ASP files can be sent to the attacker. Microsoft FAQ on this issue available here.
291b51c24f6a7f084a9b6cb34d89b2cfd78b55d409cf594fa01dac860fe4593cISS X-Force is aware of several vulnerabilities in current versions of Internet Software Consortiums Berkeley Internet Name Domain (BIND). There is a buffer overflow present in BIND version 8 that an attacker could use to remotely execute arbitrary code. Version 4 of BIND contains three vulnerabilities, a buffer overflow and a format string vulnerability, both of which allow a remote attacker to execute arbitrary code, and a vulnerability which can expose the environment variables of the BIND server. BIND is the most popular implementation of the Domain Name Service (DNS) protocol. DNS is the Internet protocol that converts host and domain names into their corresponding IP addresses and vice-versa.
5e7225bf4a9af61e978fa9688324e60943dcb7419ee5c653d86f400962442dd1Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the News the past week. In this issue: Some thoughts on the NSA Linux release, and more.
b28a53f90b67b0ff93d996653c0f1a669499432ce00f55098bded4a2edc5b898
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed