alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.
513f8027101c4b71d47b66f0d5ac923f25cc01d337f140dbeb0b8d6830f214faThe PostNuke Subjects module 2.x is vulnerable to multiple SQL injection attacks. Detailed exploitation provided.
f2e43ce81a4b458af38d2996bd7bac9a704d17169dbb72af1dc7eb272204e227Proof of concept denial of service exploit for Halo: Combat Evolved versions 1.4 and below which suffer from an off-by-one vulnerability.
279e28068546b26d15850b461f9ae8cba371825079e3efe747efcb055aab12fbHalo: Combat Evolved versions 1.4 and below suffer from an off-by-one vulnerability that can result in a denial of service.
ab368723fc5910a5e72174769904c58f6bf0ed7dfd96ac0223fcb7fbb731516fGentoo Linux Security Advisory GLSA 200409-14 - Samba is vulnerable to a remote denial of service attack due to out of sequence print change notification requests. Versions below 3.0.6 are affected.
734c55be7f74b7105607ffc3f19c3b92fdd780cbdd9dac1ec2254fe1039e224dA huge list of IP space for various Federal agencies. Interesting to cross reference to logs and see who may be accessing your web sites, etc.
73f31ee9cf759edddd06e96a9c43a4ceedd2b123dbb9551c20ef02cde5a197131n BBS E-Market Professional is susceptible to remote command execution vulnerabilities via remote file inclusion and also has a full path disclosure flaw.
3d4f0cad3bf5909482a41b6cd90458a4c7d884937342ee058bb2ffbf732e9cd2MAC OS-X rootkit that has a lot of standard tools included, adds a TCP backdoor via inetd, does data recon, and more.
21e6ef5bbf484ae909d8e4ab55e0e47d82f7478c4941f5cca236f04306b9f98echroot_safe is a alternative method for chrooting dynamically linked applications in a sane and safe manner. By using a little dynamic linking trick it delays the chrooting until after dynamic linking has completed, thereby eliminating the need to have a copy of the binary or libraries within the chroot. This greatly simplifies the process of chrooting an application, as you often do not need any files besides the data files within the chroot. In addition to chrooting the application, it also drops root privileges before allowing the application to start.
a7edcb94d5151e85cfca6aa29e7fa53b02ba44a136a77ce6928f25e9fff09d1dBASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
5e2de03ae3a29fbeb42b795289a23f1f27bbb4e951203b99eef70a1694be5de3NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
0a355f80b17e169797c3ba872c4786c668cc8fa3dd3a3293e61372cb4899d27cArpSpyX is an ARP packet sniffer that displays a list of IP and MAC addresses found by analyzing ARP traffic on your network. It can be used to easily gather MAC addresses of network machines remotely, quickly identify new clients on your wireless network, and identify ARP poisoning attacks by tracking multiple MAC addresses for a single IP address.
a030c43f4e839d18e6f130674bc762c7831d43bed2bbf33cbd40797b64ef43bfWeplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available to help measure the effectiveness and minimum requirements necessary to succeed.
184e0a6a76c2d05f1b27f32e7c164f6a2b57a8361b644492a11ac52f86539ddaSecunia Security Advisory - A vulnerability has been reported in F-Secure Internet Gatekeeper 6.x and F-Secure Anti-Virus for Microsoft Exchange 6.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the exception handling in the F-Secure Content Scanner Server component. This can be exploited to crash a process in the component via specially crafted packets.
b3ca10c3e6df929147caeb5c692f7f7718af84037ebe064bdbe7ca9960545ca7Secunia Security Advisory - A vulnerability has been reported in MailEnable Professional and Standard 1.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing DNS responses. This can be exploited to crash the SMTP service by returning a DNS response containing over 100 MX records.
f5b8aa714888662a42f8bbfaaa1434adcc6dda119cf4c088df06fc3f53402ddcGentoo Linux Security Advisory GLSA 200409-13 - Several buffer overflows and a shell metacharacter command execution vulnerability have been found in LHa. These vulnerabilities can be used to execute arbitrary code. Versions 114i-r3 and below are affected.
3f6655c18e8e9c6b298a4899b7be30784a18b4b8ae9377ad8e50072ac22cd18eSimple unix-based backdoor that is very compact and provides a bindshell.
d2da29c47b3ffc365cc6f096647ffb62a5dbc2a4f8fd08c29068fed3eb20d0c9Secunia Security Advisory - A vulnerability has been reported in Emdros, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak in the CFeatureDeclaration::TypeTypeCompatibility() function. This can be exploited to consume available system resources by issuing a large amount of malformed CREATE OBJECT TYPE or UPDATE OBJECT TYPE statements. Versions below 1.1.20 are affected.
90af5467e7cf6e5b9248568c49e8662738511456e0f7b51b556f0b12a910b107Perl exploit that makes use of a flaw in PHP-Nuke 7.4 where an attacker can post to global home-page messages.
4cc09851766971746c5b08e98353c8b4df3cf74fec7ad589cdc3d141e138eea7A buffer overflow vulnerability in the Trillian basic edition version 0.74i occurs in the MSN module when receiving a string of around 4096 bytes ending with a newline character from an MSN messenger server. This vulnerability is remotely exploitable but requires the use of a man-in-the-middle attack. Full exploit included.
045f8b6357fcbfcb5e4a9b20c60a3c2a36c5c1fdbf410125e1aea34ddaf40e1aLocal root exploit for cdrecord, which fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable.
2871e27ea81a6a71a847badaf4a16cae0b8f374ea8a414b249ac51d9cffa940dMandrake Linux Security Update Advisory - The cdrecord program, which is suid root, fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable. This can be abused by a local attacker to obtain root privileges.
6f38c8ce8d76f1228e8d3ca2e1b81434d0f2613330175e2b3a098eeec3ceb160Gentoo Linux Security Advisory GLSA 200409-11 - star contains a suid root vulnerability which could potentially grant unauthorized root access to an attacker. Versions below star-1.5_alpha46 are affected.
0a764fb0ae2a0a1b04bf81b961a04d56e2ddd3be02fad962dccb42f9025e8af6Gentoo Linux Security Advisory GLSA 200409-12 - ImageMagick, imlib and imlib2 contain exploitable buffer overflow vulnerabilities in the BMP image processing code.
376ef73790324660fa24345695c0cd32047f99fa788ed69b7787d37def69f456Secunia Security Advisory - A vulnerability in net-acct can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. The write_list() and dump_curr_list() functions create temporary files insecurely. This can be exploited via symlink attacks to overwrite or create arbitrary files with the privileges of a user executing net-acct. The vulnerability affects version 0.71 and prior.
b396350780b8c1b8f374c9455b36472cd9ed1ffcecc1ac74c6273db16b32ce54
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed