Vinetto is a tool intended for forensics examinations. It is a console program to extract thumbnail images and their metadata from those thumbs.db files generated under Microsoft Windows. Vinetto works under Linux, Cygwin(win32) and Mac OS X.
6e80e1f1e854bf73507fd122a85a405832ccd122a979b8774612f92a468fd939combina is a password generator that uses three different algorithms based on combinatorial analysis. It implements the permutation without repetition, permutation with repetition (the famous brute force), and combination without repetition. It supports an unlimited number of characters in the input and MD5 password hashes.
f4f839004ad233f896c7e7db673a6c5f72c5e42af415571ad2ab3493fe0dccbcNuface is a Web-based administration tool that generates Edenwall, NuFW, or simple Netfilter firewall rules. It features a high level abstraction on the security policy set by the administrator, and works internally on an XML data scheme. Its philosophy is to let you agglomerate subjects, resources, or protocols into meta-objects, and use those meta objects to generate ACLs, which are then interpreted as netfilter rules by Nupyf, the internal XML parser. This tool may easily be extended to support firewall implementations other than Netfilter.
9290a88831678a15d0361428fc162206eca29e243e12ae7ea5283898f6a33d1bGentoo Linux Security Advisory GLSA 200605-09 - Several vulnerabilities were found and fixed in Mozilla Thunderbird. Versions less than 1.0.8 are affected.
f7838d3b2ef760aae0d5b268714bd43cf0928c40c8b54623182870918adaf047Gentoo Linux Security Advisory GLSA 200605-08 - Several vulnerabilities were discovered on PHP4 and PHP5 by Infigo, Tonu Samuel and Maksymilian Arciemowicz. These included a buffer overflow in the wordwrap() function, restriction bypasses in the copy() and tempname() functions, a cross-site scripting issue in the phpinfo() function, a potential crash in the substr_compare() function and a memory leak in the non-binary-safe html_entity_decode() function. Versions less than 5.1.4 are affected.
9d13e5a186587a253d3c96a80403f56da396ad68673d4d2118a3a56f61061f02Secunia Research has discovered a vulnerability in Anti-Trojan version 5.5.421, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in UNACEV2.DLL when extracting an ACE archive containing a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when a user scans a specially crafted ACE archive.
b004e09b97667279cf951bdcf7c770c81f941af8129fc0aa335826759577e51cSecunia Research has discovered a vulnerability in TZipBuilder version 1.79.03.01, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when listing the contents of a ZIP archive that contains a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when a specially crafted ZIP archive is opened. Successful exploitation allows execution of arbitrary code with the privileges of an application that uses the library.
d82a5e72087c2ff64ade5023af3e50aef3b2192651f8f09e5fb8213dcdd4bc82Ubuntu Security Notice 283-1 - Stefano Di Paola discovered an information leak in the login packet parser. By sending a specially crafted malformed login packet, a remote attacker could exploit this to read a random piece of memory, which could potentially reveal sensitive data. Stefano Di Paola also found a similar information leak in the parser for the COM_TABLE_DUMP request.
e8cd7bab51b75522d4800d3388509a457a0c30807305f15339b0fb4f92a3b049Ubuntu Security Notice 282-1 - The nagios CGI scripts did not sufficiently check the validity of the HTTP Content-Length attribute. By sending a specially crafted HTTP request with a negative Content-Length value to the Nagios server, a remote attacker could exploit this to execute arbitrary code with web server privileges.
c8e26228db75b2700a79eb87a14c7a3c0caf44cd8e6a05d0f9dac1fd23d939bfphpRaid versions 3.0.b3 through 2.9.5 suffer from a remote file inclusion vulnerability when used with SMF.
2620f6b73912889ef72c682aec30b6af9d36a3e71e44e7bbc5ec1afa2a6f434fphpRaid versions 3.0.b3 through 2.9.5 suffer from a remote file inclusion vulnerability when used with the phpBB portal.
1b570e9cbe4f1c200d5caaf97c6f192c279a31a248d587bf4d7c2a50d0389311INFIGO IS Security Advisory #ADV-2006-05-03 - New vulnerabilities have been discovered in ArgoSoft FTP server version 1.4.3.6, Golden FTP server version 2.70, FileZilla version 2.2.22, and WarFTP Daemon / Guild FTP server version 0.999.13.
f7e189f0655ec928de2b27d398b63004754ae6497a019f787feea012621c36f3Singapore version 0.9.7 suffers from cross site scripting vulnerabilities.
96b5b40603c1ebeda4080fa0910b9c9820504a0c6b0d5b47a7a4aadc07f0275eIdealBB ASP Bulletin Board versions 1.5.4a and below suffer from file reading, file upload, and cross site scripting flaws.
7fcc9d4b17811aa2b9759b668c666de7be25b522adfcc2632cfcfd19d30a59b2Dokeos Learning Management System version 1.6.4 remote file inclusion exploit.
a65551cfb4daaff3020c323e85bd1c34a82ba4b0333bf1c16b2bdf8a706bcb45Debian Security Advisory 1052-1 - Several buffer overflows have been discovered in cgiirc, a web-based IRC client, which could be exploited to execute arbitrary code.
51b887a45d3140f358a310ac21dc5c63cb40e7833f982a2f821361aaedaa1a91100 byte portbinding shellcode for Linux/x86.
44bc9490ce1bacc73b32414915fbc2b3470926e9375cebee893ba2a19b64a31882 byte connectback shellcode for Linux/x86.
ab637b4adc168c0332027973da2c91c9285c3abbf8641f9140cd5fa6539d5034EQdkp versions 1.3.0 and below suffer from a remote file inclusion flaw.
c79d69680a79632b7a7bac18e5fbe9a184a5f820b9d8167a04e11509f94e21d5Gentoo Linux Security Advisory GLSA 200605-07 - Sebastian Krahmer of the SuSE security team discovered a buffer overflow vulnerability in the handling of a negative HTTP Content-Length header. Versions less than 1.4 are affected.
e46d44c18be98ba4510029ce5638ef162f65783b2f2b57ffe282e5a24cce1f14OpenEngine CMS versions 1.8 Beta 2 and below are susceptible to directory traversal attacks.
90a511712002f7589378c74448862f3f2e6638f15ca0e988b4047c51dc24e9a7Phil's Bookmark script allows for direct administrative access without authentication.
3d0a25423fc2198866a5bb2cb42f1119703cecf02bb6b59e811063b5e8f047d1Limbo CMS remote SQL injection exploit.
5efc47a796f44499977624bd822304165155f3e561af15fd1b2dfb122e3691cbISPConfig versions 2.2.2 and below suffer from a remote command execution vulnerability.
3afa11d4e09943f0e83eb84d90ebb26e401ddc3d3d28c6ac7b0108d1353be2521ASPHost and Domain DLX hosting services suffer from cross site scripting flaws.
23381a3f72a1a116ebfbcc9d32d752b2cf5d56957a239a28aadd37be6c9f6248
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed