the original cloud security
Showing 1 - 25 of 47 RSS Feed

Files Date: 2007-05-15

rsbac-common-1.3.3.tar.bz2
Posted May 15, 2007
Site rsbac.org

Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.

Changes: Various updates and code fixes.
tags | kernel
systems | linux
MD5 | 82af3502ef2eab1bc4b40a86505deced
authforce-0.9.9.tar.gz
Posted May 15, 2007
Site kapheine.hypa.net

Authforce is an HTTP authentication brute forcer. Using various methods, it attempts brute force username and password pairs for a site. It has the ability to try common usernames and passwords, username derivations, and common username/password pairs. It is used both to test the security of your site and to highlight the insecurity of HTTP authentication due to the fact that users just don't pick good passwords.

Changes: Various bug fixes.
tags | web, cracker
MD5 | a24f48fc27c3d626f77009a24a619f11
aircrack-ng-0.9.tar.gz
Posted May 15, 2007
Site aircrack-ng.org

aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).

Changes: Multiple bug fixes and some enhancements.
tags | tool, wireless
MD5 | 0fbf52827132d2996fc64afaef19cf68
nipper-0.9.5.tgz
Posted May 15, 2007
Authored by Ian Ventura-Whiting | Site sourceforge.net

nipper is a Network Infrastructure Configuration Parser. nipper takes a network infrastructure device configuration, processes the file and details security-related issues with the configuration together with detailed recommendations. nipper was previous known as CiscoParse. nipper currently supports Cisco switches (IOS), Cisco Routers (IOS), Cisco Firewalls (PIX/ASA/FWSM) and Juniper NetScreen (ScreenOS). Output is in HTML, Latex, XML and Text. Encrypted passwords can be output to a John-the-Ripper file for strength testing.

Changes: Multiple bug fixes.
systems | cisco, juniper
MD5 | a1d171709336a1cfd4a0784a9a7d9640
ssh3291-offbyone.txt
Posted May 15, 2007
Authored by Kingcope

The sftp server in ssh-3.2.9.1 from ssh.com may suffer from a remote off by one vulnerability.

tags | advisory, remote
MD5 | b5a0ba67433630592a2dc97b44d37f01
Mandriva Linux Security Advisory 2007.104
Posted May 15, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of bugs were discovered in the NDR parsing support in Samba that is used to decode MS-RPC requests. A remote attacker could send a carefully crafted request that would cause a heap overflow, possibly leading to the ability to execute arbitrary code on the server. A remote authenticated user could trigger a flaw where unescaped user input parameters were being passed as arguments to /bin/sh. Finally, on Samba 3.0.23d and higher, when Samba translated SID to/from name using the Samba local list of user and group accounts, a logic error in smbd's internal security stack could result in a transition to the root user id rather than the non-root user.

tags | advisory, remote, overflow, arbitrary, local, root
systems | linux, mandriva
advisories | CVE-2007-2446, CVE-2007-2447
MD5 | 3eec7b3218dacabfa577cc59717b5c64
Ubuntu Security Notice 459-1
Posted May 15, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 459-1 - A flaw was discovered in the PPTP tunnel server. Remote attackers could send a specially crafted packet and disrupt established PPTP tunnels, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2007-0244
MD5 | 7735e3b7dab6d4dbbaddddf02559d151
akismet-xss.txt
Posted May 15, 2007
Authored by beNi

WordPress Akismet suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f65b8dda3a7be3333eaf1c8ee61a4799
iDEFENSE Security Advisory 2007-05-14.1
Posted May 15, 2007
Authored by iDefense Labs | Site idefense.com

Remote exploitation of a command injection vulnerability within Samba Project's Samba could allow an attacker to execute arbitrary code with nobody privileges. The vulnerability exists within the code responsible for updating a user's password in the SAM database. Unfiltered user input is passed to "/bin/sh". This allows an attacker to execute arbitrary shell commands with the privileges of the nobody user. iDefense has confirmed the existence of this vulnerability in Samba version 3.0.24. Previous versions of Samba release 3 may be vulnerable. Release version 2 and below did not have this feature.

tags | advisory, remote, arbitrary, shell
advisories | CVE-2007-2447
MD5 | 629add6846a069a66788467f82a3a333
0x82-x1_fc6.c
Posted May 15, 2007
Authored by Xpl017Elz | Site x82.inetcop.org

Fedora Core 6 (exec-shield) based Webdesproxy version 0.0.1 remote root exploit.

tags | exploit, remote, root
systems | linux, fedora
MD5 | 9f1800894ead4793a02e0a1bfcaa650f
sbb-xss.txt
Posted May 15, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

SonicBB version 1.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2007-1903
MD5 | 56d6fc430fef4243cc975d2072a8b77f
sbb-path.txt
Posted May 15, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

SonicBB version 1.0 suffers from multiple path disclosure vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2007-1901
MD5 | 66a9c93f81ab42e26b5defe14f4c428b
sbb-sql.txt
Posted May 15, 2007
Authored by Jesper Jurcenoks | Site netvigilance.com

SonicBB version 1.0 suffers from multiple SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
advisories | CVE-2007-1902
MD5 | ccbbe73b5ee972964e9b3bd11b39f32f
fbspam-0.2.tar.gz
Posted May 15, 2007
Authored by Cody "CypherXero" Rester | Site cypherxero.net

Proof of concept code that demonstrates spamming vulnerabilities in Facebook.

tags | exploit, vulnerability, proof of concept
MD5 | ae5958c3ce6f4de0adf8f91feb9799c7
facebook_spam_flaw.pdf
Posted May 15, 2007
Authored by Cody "CypherXero" Rester | Site cypherxero.net

Facebook is vulnerable to a flaw that could allow an attacker to use Facebook to send mass emails to any victim address.

tags | advisory
MD5 | 8cf0c85f627be08be987e50588f58bf8
BTCrack-1.1.zip
Posted May 15, 2007
Site nruns.com

BTCrack is a pairing handshake cracker against Bluetooth versions 1.0 through 2.0.

tags | tool, wireless
MD5 | 5af1b8d99d81488e2005a5f4f15ebba7
smb-inject.txt
Posted May 15, 2007
Site samba.org

In Samba versions 3.0.0 through 3.0.25rc3, unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution.

tags | advisory, remote
advisories | CVE-2007-2447
MD5 | a928f773292067758093af90d525a248
smb-exec.txt
Posted May 15, 2007
Site samba.org

In Samba versions 3.0.0 through 3.0.25rc3, various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data.

tags | advisory
advisories | CVE-2007-2446
MD5 | 29d7d70512147589e6d1e472eab78920
smb-escalate.txt
Posted May 15, 2007
Site samba.org

In Samba versions 3.0.23d through 3.0.25pre2, a bug in the local SID/Name translation routines may potentially result in a user being able to issue SMB/CIFS protocol operations as root.

tags | advisory, local, root, protocol
advisories | CVE-2007-2444
MD5 | ca4a30f29739192bcb1b51dc97640a60
Gentoo Linux Security Advisory 200705-14
Posted May 15, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200705-14 - XScreenSaver incorrectly handles the results of the getpwuid() function in drivers/lock.c when using directory servers during a network outage. Versions less than 5.02 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-1859
MD5 | 1448bbd17400d09798d97fe1700775d2
ifdate-bypass.txt
Posted May 15, 2007
Authored by Liz0ziM | Site expw0rm.com

iFdate 2.x suffers from an unauthorized administrative access vulnerability.

tags | exploit, bypass
MD5 | 095a60ca7d18f2b4cc7965da25584601
Debian Linux Security Advisory 1290-1
Posted May 15, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1290-1 - It was discovered that the webmail package Squirrelmail performs insufficient sanitising inside the HTML filter, which allows the injection of arbitrary web script code during the display of HTML email messages.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2007-1262
MD5 | 380801c28dc6877788aa739cf229138e
Debian Linux Security Advisory 1289-1
Posted May 15, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1289-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2007-1496, CVE-2007-1497, CVE-2007-1861
MD5 | aa26a2d339a1d2e6a053d8edeb795ca5
exim-spamd-overflow.txt
Posted May 15, 2007
Authored by calcite

spamd as included with Exim version 4.66 suffers from a buffer overflow vulnerability.

tags | advisory, overflow
MD5 | 23cdf78dacd95a89050a9c0b4d08d65a
xnotepad.c
Posted May 15, 2007
Authored by vade79

notepad++ version 4.1 ruby file processing buffer overflow exploit for win32.

tags | exploit, overflow, ruby
systems | windows
MD5 | 7d9f4e6f0fe368c14e601e299c42f65d
Page 1 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close