Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do about the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
c9fa67406f02b7f871dc00385ed21ba1fb42e08bae60991955f0db9d59521acdAircrack is an 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough encrypted packets have been gathered. It implements the standard FMS attack along with some optimizations, thus making the attack much faster compared to other WEP cracking tools.
33c06212f8a5c5575920522d850f783a8d08e15939f57bd38b09562230c47f18Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
a42b97161f05fd8a3625ab1748a2a9eb05eada1bf15b9282a64c56a1d28983c6fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
0a520e3c38a739137e87994d28fde5a66577e3724f3f49d5b1a0a5e7d0c1d509Technical Cyber Security Alert TA05-221A - Multiple patches have been released for vulnerabilities in the Microsoft operating system. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code with SYSTEM privileges or with the privileges of the user.
7a567cd5f0f8df7a08111e48ea958213952a2a6c07bb1d6a087daef2c5c39c88iDEFENSE Security Advisory 08.09.05 - Remote exploitation of an input validation vulnerability in AWStats allows remote attackers to execute arbitrary commands. Versions below 6.4 are affected.
b551c080e6aa7f7a4b53c8b33df46b0f71c71c4a680b518e26ea51230e52cce6Ubuntu Security Notice USN-163-1 - xpdf and kpdf does not sufficiently verify the validity of the loca table in PDF files, a table that contains glyph description information for embedded TrueType fonts.
4cc20405aee985285628121077443cc64f7258c718a9298cc2d8e50f1194fb7eAirscanner Mobile Security Advisory #05080501 - Internet Explorer's inability to properly identify a file's contents lends itself to being tricked.
3ee8ee87870d672a2790985cb33610241d1dde08a3670862b3e5f41f70f68c06XMB forum version 1.9.1 suffers from a SQL injection and a variable poisoning attack.
87357585db9dc1fdfd3f440a1b798b0845e2824a2095cfac77065fbbc22c3455User-defined functions in MySQL allow a user in the database to call binary libraries on the operating system. Creating a user-defined function requires insert privileges on the mysql.func table. The UDF creation functions attempt to filter out directory traversal characters, restricting access to libraries only in system and MySQL directories. The problem exists in the fact that MySQL only uses the forward slash (/) as a path separator. Windows machines use the backslash (\) character to separate directories in paths. This allows an attacker to bypass directory traversal checks and include arbitrary files.
674f81575ff9e5226e4d02a3eb9dbd1176cd2e31d63875e4f4ed0ddcda9dda63User-defined functions in MySQL allow a user in the database to call binary libraries on the operating system. Creating a user-defined function requires insert privileges on the mysql.func table. The init_syms() function uses an unsafe string function to copy a user specified string into a stack based buffer.
4d63c667c776bb72d37e4b400942a065db0acec367c4458fed884ae5490a0240User-defined functions in MySQL allow a user in the database to call binary libraries on the operating system. Creating a user-defined function requires insert privileges on the mysql.func table. By using specially crafted CREATE FUNCTION requests it may be possible for attackers to halt the system or execute remote code on some systems.
721b6a539eb4519effe56980f0fc77228bb0b78cd46cf174c069c2693049e87bSynedit 2.0.1 has a null byte insertion / code obfuscation flaws.
db192550b50828c6a674a11b7ce0d09bcf2711b3bde09aad38aebd14ec305e52FunkBoard version 0.66CF suffers from multiple cross site scripting flaws, remote code execution, and more. Full exploitation details provided.
341cba6f628ae217204ed8a035ecc83e03e3ffab6efd0cb1a31bbc68a2a46724Open Bulletin Board is susceptible to multiple SQL injection attacks. All versions are affected. Sample exploitation provided.
f5a7171817cf22609c88ce76409a34caa6d626023c800f8fdf9d045e99bc3d1cSysCP versions 1.2.10 and below suffer from a remote code execution flaw.
74f93ac0c8e698e8488ceaa69c829fad95c392171617215ab0f11272340044e7VegaDNS suffers from a cross site scripting flaw, amongst others.
e12edad8d0932192fe07350fcb728d12e504dccef4aff68770e927dccaa2a428Gravity Board X version 1.1 suffers from multiple vulnerabilities that can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, or compromise a vulnerable system.
ec37b4ef13ab549c90e03d5f8aee07bfe1aa4c23fda47a199c5aa3d9e1f0360aSecunia Security Advisory - Some vulnerabilities have been reported in XOOPS, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
7aa2fef24a2866f51667d55154cbb0a730949805478112777f1b14aee6c3970cSecunia Security Advisory - rgod has discovered some vulnerabilities in Gravity Board X, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, or compromise a vulnerable system.
5dac367ef0e2274da23c8e4741bc40739ca11e52f860cf71ce8693b9d591015bSecunia Security Advisory - V[i]RuS has discovered a vulnerability in Invision Power Board, which can be exploited by malicious people to conduct script insertion attacks.
9cd0449beb317a1f82f08a7415484df59f81d35ef24fa719846546bf1b82590bSecunia Security Advisory - Two vulnerabilities have been reported in Calendar Express, which can be exploited by malicious people to conduct SQL injection or cross-site scripting attacks.
973ec89c9581f1d4ecbcd146e3de2cd5ff0afac147109e36a4468edfe879ebc3Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a vulnerable system.
5beaeccfa83fda7c5309c73072b90ebe5d5574a1374545870afe642f67c59b38Secunia Security Advisory - Some vulnerabilities have been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
44d19893b477c7990e32dcd6db0b2257c5f9200314694968b4ec7ced325053edSecunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
1923eb04e586f8d0a556a310c2ad1bf108e24761f499f306da83c121969b08e5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed