Winamp versions 5.12 and below remote buffer overflow universal exploit that makes use of the PLS file handing buffer overflow flaw.
da39fb74316372b26791276c6d55da9f1eb0f5ea23213bbbf6a3cf15301ee5dbCisco Aironet wireless access point ARP replies remote denial of service exploit. Takes advantage of the flaw originally discovered by Eric Smith.
b17826ff1372241f7c5dd19ac37d536c1e6b60c8feb6a1cbd15c76477bfd0310Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.
8f6950d721fcc1e39c08e8dec358596029456a4cc955d18ec22938688b21cc6aScapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
f7f5626cafe4354a298937de65107260b67668c21706361913b2db99d08ce458John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported as well.
5fc569c95bcef92522f9cd81cdda01fcfabc4c2f226197ba108fa7fd5af07f3dmpscan is a parallel network scanner that checks for open ports. It uses select() to increase its speed and was designed for rapidly scanning large networks, but also works with a single IP.
a3beaf6671c94ba672b6c9be285a7c464e624e7ede8ffaa5e2e457fa7a0f3bdaMIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
ca3588e4b0ca7c4525f449078aa9b21c880c76783465fed4844451386a54f3fdOpenSC consists of a SmartCard library that uses any common transport API (e.g. PC/SC, CT-API, OpenCT) as its backend and applications that use the library. It has been tested extensively on Finnish Electronic Identity (FINEID) cards, but a number of other PKCS #15 and ISO 7816 compatible cards work too. Also implemented are a PKCS #11 module (e.g. for Mozilla Web/email usage), a PAM module, somewhat working OpenSSH support, an OpenSSL engine, a few basic tools, and a PKCS #15 structure generation tool for supported cards.
0dfb546fd9a8c3fea3d65d710f5c780825ad8b52cd6b1fdc6f1cf54eb7e9503astrongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.
a531094db27558ef8e75984548612ded4fb0a261b8591a3f91185a1ed2844399Simple utility that allows a user to switch applications while keeping a TCP connection established.
a0c182bcd496f827d938424a3fac78ce510a38178ebc89fa5b9559c6a4ef10a9Gentoo Linux Security Advisory GLSA 200601-15 - Andrew Christensen discovered that in older versions of Paros the database component HSQLDB is installed with an empty password for the database administrator sa. Versions less than or equal to 3.2.5 are affected.
872f21d9d135884bad3393b867af39b9e71bfca1f5d2f1edcdb2b44e8329b03dGentoo Linux Security Advisory GLSA 200601-14 - Michael Jennings discovered an exploitable buffer overflow in the configuration engine of LibAST. Versions less than 0.7 are affected.
6f389af4b0b1137bc30a424b2e0a3668b49c50e0fa1ac4a67aa39e45af48e512Whitepaper discussing three fairly interesting flaws in how HTTP cookies were designed and later implemented in various browsers.
d849035a1f06e3a9cad55a9295d2a7c43b7d6123119210ab738c87baad77219bThe file hosting company rapidshare.de suffers from cross site scripting vulnerabilities.
bd92187f385cdf9689b10bb4b8e8bea8324006a843561d8b1fd5cc608f5d4001
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed