Twenty Year Anniversary
Showing 1 - 25 of 47 RSS Feed

Files Date: 2007-05-15

Posted May 15, 2007

Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.

Changes: Various updates and code fixes.
tags | kernel
systems | linux
MD5 | 82af3502ef2eab1bc4b40a86505deced
Posted May 15, 2007

Authforce is an HTTP authentication brute forcer. Using various methods, it attempts brute force username and password pairs for a site. It has the ability to try common usernames and passwords, username derivations, and common username/password pairs. It is used both to test the security of your site and to highlight the insecurity of HTTP authentication due to the fact that users just don't pick good passwords.

Changes: Various bug fixes.
tags | web, cracker
MD5 | a24f48fc27c3d626f77009a24a619f11
Posted May 15, 2007

aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).

Changes: Multiple bug fixes and some enhancements.
tags | tool, wireless
MD5 | 0fbf52827132d2996fc64afaef19cf68
Posted May 15, 2007
Authored by Ian Ventura-Whiting | Site

nipper is a Network Infrastructure Configuration Parser. nipper takes a network infrastructure device configuration, processes the file and details security-related issues with the configuration together with detailed recommendations. nipper was previous known as CiscoParse. nipper currently supports Cisco switches (IOS), Cisco Routers (IOS), Cisco Firewalls (PIX/ASA/FWSM) and Juniper NetScreen (ScreenOS). Output is in HTML, Latex, XML and Text. Encrypted passwords can be output to a John-the-Ripper file for strength testing.

Changes: Multiple bug fixes.
systems | cisco, juniper
MD5 | a1d171709336a1cfd4a0784a9a7d9640
Posted May 15, 2007
Authored by Kingcope

The sftp server in ssh- from may suffer from a remote off by one vulnerability.

tags | advisory, remote
MD5 | b5a0ba67433630592a2dc97b44d37f01
Mandriva Linux Security Advisory 2007.104
Posted May 15, 2007
Authored by Mandriva | Site

Mandriva Linux Security Advisory - A number of bugs were discovered in the NDR parsing support in Samba that is used to decode MS-RPC requests. A remote attacker could send a carefully crafted request that would cause a heap overflow, possibly leading to the ability to execute arbitrary code on the server. A remote authenticated user could trigger a flaw where unescaped user input parameters were being passed as arguments to /bin/sh. Finally, on Samba 3.0.23d and higher, when Samba translated SID to/from name using the Samba local list of user and group accounts, a logic error in smbd's internal security stack could result in a transition to the root user id rather than the non-root user.

tags | advisory, remote, overflow, arbitrary, local, root
systems | linux, mandriva
advisories | CVE-2007-2446, CVE-2007-2447
MD5 | 3eec7b3218dacabfa577cc59717b5c64
Ubuntu Security Notice 459-1
Posted May 15, 2007
Authored by Ubuntu | Site

Ubuntu Security Notice 459-1 - A flaw was discovered in the PPTP tunnel server. Remote attackers could send a specially crafted packet and disrupt established PPTP tunnels, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2007-0244
MD5 | 7735e3b7dab6d4dbbaddddf02559d151
Posted May 15, 2007
Authored by beNi

WordPress Akismet suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f65b8dda3a7be3333eaf1c8ee61a4799
iDEFENSE Security Advisory 2007-05-14.1
Posted May 15, 2007
Authored by iDefense Labs | Site

Remote exploitation of a command injection vulnerability within Samba Project's Samba could allow an attacker to execute arbitrary code with nobody privileges. The vulnerability exists within the code responsible for updating a user's password in the SAM database. Unfiltered user input is passed to "/bin/sh". This allows an attacker to execute arbitrary shell commands with the privileges of the nobody user. iDefense has confirmed the existence of this vulnerability in Samba version 3.0.24. Previous versions of Samba release 3 may be vulnerable. Release version 2 and below did not have this feature.

tags | advisory, remote, arbitrary, shell
advisories | CVE-2007-2447
MD5 | 629add6846a069a66788467f82a3a333
Posted May 15, 2007
Authored by Xpl017Elz | Site

Fedora Core 6 (exec-shield) based Webdesproxy version 0.0.1 remote root exploit.

tags | exploit, remote, root
systems | linux, fedora
MD5 | 9f1800894ead4793a02e0a1bfcaa650f
Posted May 15, 2007
Authored by Jesper Jurcenoks | Site

SonicBB version 1.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2007-1903
MD5 | 56d6fc430fef4243cc975d2072a8b77f
Posted May 15, 2007
Authored by Jesper Jurcenoks | Site

SonicBB version 1.0 suffers from multiple path disclosure vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2007-1901
MD5 | 66a9c93f81ab42e26b5defe14f4c428b
Posted May 15, 2007
Authored by Jesper Jurcenoks | Site

SonicBB version 1.0 suffers from multiple SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
advisories | CVE-2007-1902
MD5 | ccbbe73b5ee972964e9b3bd11b39f32f
Posted May 15, 2007
Authored by Cody "CypherXero" Rester | Site

Proof of concept code that demonstrates spamming vulnerabilities in Facebook.

tags | exploit, vulnerability, proof of concept
MD5 | ae5958c3ce6f4de0adf8f91feb9799c7
Posted May 15, 2007
Authored by Cody "CypherXero" Rester | Site

Facebook is vulnerable to a flaw that could allow an attacker to use Facebook to send mass emails to any victim address.

tags | advisory
MD5 | 8cf0c85f627be08be987e50588f58bf8
Posted May 15, 2007

BTCrack is a pairing handshake cracker against Bluetooth versions 1.0 through 2.0.

tags | tool, wireless
MD5 | 5af1b8d99d81488e2005a5f4f15ebba7
Posted May 15, 2007

In Samba versions 3.0.0 through 3.0.25rc3, unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution.

tags | advisory, remote
advisories | CVE-2007-2447
MD5 | a928f773292067758093af90d525a248
Posted May 15, 2007

In Samba versions 3.0.0 through 3.0.25rc3, various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data.

tags | advisory
advisories | CVE-2007-2446
MD5 | 29d7d70512147589e6d1e472eab78920
Posted May 15, 2007

In Samba versions 3.0.23d through 3.0.25pre2, a bug in the local SID/Name translation routines may potentially result in a user being able to issue SMB/CIFS protocol operations as root.

tags | advisory, local, root, protocol
advisories | CVE-2007-2444
MD5 | ca4a30f29739192bcb1b51dc97640a60
Gentoo Linux Security Advisory 200705-14
Posted May 15, 2007
Authored by Gentoo | Site

Gentoo Linux Security Advisory GLSA 200705-14 - XScreenSaver incorrectly handles the results of the getpwuid() function in drivers/lock.c when using directory servers during a network outage. Versions less than 5.02 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-1859
MD5 | 1448bbd17400d09798d97fe1700775d2
Posted May 15, 2007
Authored by Liz0ziM | Site

iFdate 2.x suffers from an unauthorized administrative access vulnerability.

tags | exploit, bypass
MD5 | 095a60ca7d18f2b4cc7965da25584601
Debian Linux Security Advisory 1290-1
Posted May 15, 2007
Authored by Debian | Site

Debian Security Advisory 1290-1 - It was discovered that the webmail package Squirrelmail performs insufficient sanitising inside the HTML filter, which allows the injection of arbitrary web script code during the display of HTML email messages.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2007-1262
MD5 | 380801c28dc6877788aa739cf229138e
Debian Linux Security Advisory 1289-1
Posted May 15, 2007
Authored by Debian | Site

Debian Security Advisory 1289-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2007-1496, CVE-2007-1497, CVE-2007-1861
MD5 | aa26a2d339a1d2e6a053d8edeb795ca5
Posted May 15, 2007
Authored by calcite

spamd as included with Exim version 4.66 suffers from a buffer overflow vulnerability.

tags | advisory, overflow
MD5 | 23cdf78dacd95a89050a9c0b4d08d65a
Posted May 15, 2007
Authored by vade79

notepad++ version 4.1 ruby file processing buffer overflow exploit for win32.

tags | exploit, overflow, ruby
systems | windows
MD5 | 7d9f4e6f0fe368c14e601e299c42f65d
Page 1 of 2

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    10 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By