what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 77 RSS Feed

Files Date: 2006-06-27

Posted Jun 27, 2006
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: Couple of bug fixes.
tags | tool, remote, firewall
systems | unix
SHA-256 | 20dbbcd69c62b1f0298146a9642f811d7d3a30a1d6079a63e11b33a9f93a90ae
Posted Jun 27, 2006
Site aircrack-ng.org

aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).

Changes: Multiple bug fixes and some improvements.
tags | tool, wireless
SHA-256 | 2b846933f4f803ae5112ed9d8e41b6aaeb793f50867a4ed9dc58c9043e9cdddc
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Jun 27, 2006
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: Denial of service bug fixed.
tags | kernel, encryption
systems | linux
SHA-256 | afe4e2fb822512da8fc1df052775d2f171045beaee0ec8146444c4ff4ffa0c00
Posted Jun 27, 2006
Authored by Jerome Athias | Site securinfos.info

XM Easy Personal FTP server version 5.0.1 remote overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
SHA-256 | e871e58abd0876e23cb061e1576a4237670b226ee100db0208fcfe9af59e80f5
Posted Jun 27, 2006
Authored by Kw3rLN | Site h4cky0u.org

The CBSMS Mambo module versions 1.0 and below are susceptible to a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 0597a8eb69bf54b2c11f80e65c17512cc2da862ff8fbe28ec307096e0fb68d81
Debian Linux Security Advisory 1103-1
Posted Jun 27, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1103-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2005-3359, CVE-2006-0038, CVE-2006-0039, CVE-2006-0456, CVE-2006-0554, CVE-2006-0555, CVE-2006-0557, CVE-2006-0558, CVE-2006-0741, CVE-2006-0742, CVE-2006-0744, CVE-2006-1056, CVE-2006-1242, CVE-2006-1368, CVE-2006-1523, CVE-2006-1524, CVE-2006-1525, CVE-2006-1857
SHA-256 | 0a2c54ad196f2cfa9218116b3bb0c6f5563fc7cba60ca178312a91393ea19b11
Gentoo Linux Security Advisory 200606-26
Posted Jun 27, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200606-26 - A bug in EnergyMech fails to handle empty CTCP NOTICEs correctly, and will cause a crash from a segmentation fault. Versions less than 3.0.2 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 9c1a77a9cc04b7dbab3b6df2d779d889c43fd9253d25127bbb48610c3c38eaa4
Gentoo Linux Security Advisory 200606-25
Posted Jun 27, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200606-25 - Andreas Seltenreich has reported a possible heap overflow in the array_push() function in hashcash.c, as a result of an incorrect amount of allocated memory for the ARRAY structure. Versions less than 1.21 are affected.

tags | advisory, overflow
systems | linux, gentoo
SHA-256 | 0794e1216598192b7faa2e37b6d5c7afd1e45d142030ef613239d3cadef0a55b
Posted Jun 27, 2006
Authored by bug | Site securitynews.ir

Claroline version 1.7.7 suffers from cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 527e9653b808b6e4a406c0d9068e7977f88f686cc4e2f86849c34574150a37a9
Ubuntu Security Notice 304-1
Posted Jun 27, 2006
Authored by Ubuntu | Site ubuntu.com

Ubuntu Security Notice 304-1 - Evgeny Legerov discovered that GnuPG did not sufficiently check overly large user ID packets. Specially crafted user IDs caused a buffer overflow. By tricking an user or remote automated system into processing a malicious GnuPG message, an attacker could exploit this to crash GnuPG or possibly even execute arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2006-3082
SHA-256 | 8ce403909a08d5842575ce2c355e64f139717df41eaa70e0dc91eebc2d07d874
Posted Jun 27, 2006
Authored by Andries Bruinsma

The MyMail script from codingclick.com suffers from directory traversal and cross site scripting flaws.

tags | exploit, xss
SHA-256 | 24411c42600f120a197684951caecfa6a99f16c5f84cf155383a61d1f1ca8ced
Posted Jun 27, 2006
Authored by tugr, AlpEren | Site ayyildiz.org

Planetnews suffers from a php shell upload vulnerability.

tags | advisory, shell, php
SHA-256 | ef667306450c5b8bd9a3d7cf601f6fbcfb6711e350fbe2e22f6ca46b1872f3ab
Posted Jun 27, 2006
Authored by Michael Thumann | Site ernw.de

The Online Registration Facility of Algorithmic Research PrivateWire VPN Software does not do proper bounds checking handling normal GET requests. Sending an overly long page or script name, it causes a buffer overflow and an attacker can control the EIP to run arbitrary code on the victims machine.

tags | advisory, overflow, arbitrary
SHA-256 | ed57108705046fce7f0788c8851c13a21b39073e06a3b2e3cc8860b156e305dd
Posted Jun 27, 2006
Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.010 - According to a vendor security release note, a memory allocation attack possibility exists in the GnuPG cryptography tool, versions 1.4.3 and earlier.

tags | advisory
advisories | CVE-2006-3062
SHA-256 | ea3e7fc582b6e512e44abc057870fae611e22a2034321248199f5314e97c3c3b
Debian Linux Security Advisory 1102-1
Posted Jun 27, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1102-1 - Steve Kemp from the Debian Security Audit project discovered that pinball, a pinball simulator, can be tricked into loading level plugins from user-controlled directories without dropping privileges.

tags | advisory
systems | linux, debian
advisories | CVE-2006-2196
SHA-256 | d71066c86798b30c24f5675f615a795a5fbdaaa5cf3fa7a86a19717324d08dca
Posted Jun 27, 2006
Authored by PRETH00NKER | Site MexHackTeam.org

Cpanel is susceptible to code injection attacks that allow for cross site scripting.

tags | exploit, xss
SHA-256 | f2c87e25fbcec1c60bc3fc2d7b6513698e76e621a925ec14c540693b63458cb2
Posted Jun 27, 2006
Authored by Maksymilian Arciemowicz | Site securityreason.com

It appears that there may be a safe mode bypass via error_log() in PHP versions 5.1.4 and 4.4.2.

tags | advisory, php
SHA-256 | c6f9c7254b26d331e6110e668cae4d3caae2f637d4f4cd180b3663b45d4a142d
Posted Jun 27, 2006
Authored by Hessam-x | Site h4ckerz.com

DeluxeBB versions 1.07 and below Create Admin exploit that utilizes cp.php.

tags | exploit, php
SHA-256 | 396573fa2da3ec314b74797f7bab74f27b01e03226629f3faf005fb127992782
Posted Jun 27, 2006
Authored by Simo64 Moroccan Security Team

OpenGuestbook version 0.5 is susceptible to cross site scripting and SQL injection flaws.

tags | exploit, xss, sql injection
SHA-256 | 2b065c9e0bddbe8487358e0a491f3ed4ca8a65459d9c3c6c969db4f9b80362f0
Posted Jun 27, 2006
Authored by Federico L. Bossi Bonin

BitchX (epic) versions 1.1-final and below do_hook() boundary check error remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 630ada8bce05ed0127632504da1341c7d28a164d6c1ff230287cbabf03900ad7
Posted Jun 27, 2006
Authored by Justin M. Forbes | Site issues.rpath.com

In previous kernel 2.6 versions, systems that use the SCTP protocol are vulnerable to remote denial of service attacks including remotely-triggered kernel crashes, and all systems are vulnerable to local denial of service including locally-triggered kernel hangs.

tags | advisory, remote, denial of service, kernel, local, protocol
advisories | CVE-2006-2445, CVE-2006-2448, CVE-2006-3085
SHA-256 | 0a184d8c9cd14cdfc29f7f2d78a66c38915f67721aee3a75be265bfc14048501
Mandriva Linux Security Advisory 2006.111
Posted Jun 27, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-111 - Mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function. MySQL 4.0.18 in Corporate 3.0 and MNF 2.0 is not affected by this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2006-3081
SHA-256 | f8ed87c094831924481b8145d31f992ec2b91591761234bc0da068928d88502d
Posted Jun 27, 2006
Authored by CrAsh_oVeR_rIdE, Drago84 | Site lezr.com

DreamAccount version 3.1 remote command execution exploit.

tags | exploit, remote
SHA-256 | f84e289412499815851982bb738080ec1122804134e5f00883743e171f7578b0
Gentoo Linux Security Advisory 200606-24
Posted Jun 27, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200606-24 - A boundary checking error was found in wv2, which could lead to an integer overflow. Versions less than 0.2.3 are affected.

tags | advisory, overflow
systems | linux, gentoo
SHA-256 | 64c9f199bfac9b81f814694c184b26d870f4a30569c979370e170a6f4452da03
Posted Jun 27, 2006
Authored by Darren Bounds

A vulnerability has been identified in the Cisco Secure ACS session management architecture which could be exploited by an attacker to obtain full administrative access to the web interface and thus all managed assets (routers, switches, 802.1x authenticated networks, etc). Cisco Secure ACS 4.x for Windows is affected. Legacy versions may also be affected.

tags | advisory, web
systems | cisco, windows
SHA-256 | fbf80693021296569355b9ad54cadd3aa96fd503cd199519dd68a9b42c2c781e
Page 1 of 4

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By