GuppY versions 2.4p1 and below are susceptible to cross site scripting attacks.
2f0514a9a3fa459e3558f6b788b7b89322133fbab342c2b85cfd06203c1aac33CERT Advisory notice that clarifies the slew of recent vulnerabilities in OpenSSH. It covers the buffer management errors, PAM challenge authentication failures, and the PAM conversion stack corruption.
8449aa3e99be0546fbd8e7e2af73625b1196bbdd34a3db0ff39bbc6bb7a4050aSimple tone generator script that will play the 2600Hz blue box tone on an HP39G graphical calculator.
9bf3a037ffe01de3ed4f73753a1bff4dbfae8e03a78eba1a52e03d25492d6eebkses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML elements and attributes, no matter how malformed HTML input you give it. It also does several checks on attribute values. kses can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks, among other things.
650ffa702ed6c8d0c73b7c94d754b38660d482b371122c9d3809924aab1d6f76Nikto 1.31 is a PERL, open source web server scanner which supports SSL. Nikto checks for (and if possible attempts to exploit) over 2000 remote web server vulnerabilities and misconfigurations. It also looks for outdated software and modules, warns of any version specific problems, supports scans through proxies (with authentication), host Basic authentication and more. Data is kept in CSV format databases for easy maintenance, and supports the ability to automatically update local databases with current versions on the Nikto web site.
e659d4e34f697bd861c843571f8632c1cf0acc37372abe33af2f6c7ad8814846Stegtunnel is a tool written to hide data within TCP/IP header fields. It was designed to be undetectable, even by people familiar with the tool. It can hide the data underneath real TCP connections, using real, unmodified clients and servers to provide the TCP conversation. In this way, detection of odd-looking sessions is avoided. It provides covert channels in the sequence numbers and IPIDs of TCP connections.
11966b466a58cdf47871a9d251dd8d6cc2391268979f455414922b1a72b8a13dPacket Purgatory is a library the provides a portable API for intercepting, rewriting, and otherwise mangling flows of packets. It provides multiple mechanisms through the same interface for tweaking these packets, all without the local host's kernel being aware, or requiring any kernel modules. It enables odd packets to be modified in arbitrary streams without requiring the use of specialized client software.
e33b036f3f6e53cf86e1566a171ce75e7abe25f0e2054cf808d0b4f2b83cc211Debian Security Advisory DSA 392-1 - webfs has been found vulnerable to buffer overflows and multiple directory traversal attacks.
9443b8e1123e6cdc03ed05065c4960fe80ad9286e2141b58396091a3b511d50bVersion three of this paper discussing more shatter attacks that are possible using progress bars. Related information available here.
787e917da3242f5237e198f43f899c54f8b8719ed978cf8961d1090447b3c4c9Geeklog versions 2.x and below are susceptible to cross site scripting vulnerabilities and various SQL injection attacks.
00084a1aaef68a8f9088d25e72f314aded4e7fda302ffd1525cd89404e07df72Remote exploit for Cfengine versions 2.-2.0.3 that makes use of a stack overflow discussed here. Binds a shell to port 26112. Tested against RedHat.
3d6399d602afc8e1234d04097ff5ebf01664d6980f11dcdde0306ddfc376b787Contest ELF binary of arcs
615dc4fcd40c7f7d4123ecb43350ad08345f65e8de32e8c7d92f91c1ee49e6d3Contest file that has been encrypted with A.R.C.S. This file has a special message inside. Once cracked, utilize the instructions to redeem a free t-shirt.
e0d5eaeef711c7ec0bdbf227d50ccdb48fc4279a59d6e1743828a9699da2285a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed