what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 34 RSS Feed

Files Date: 2007-09-10

nufw-2.2.5.tar.gz
Posted Sep 10, 2007
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: Multiple bug fixes including a race condition.
tags | tool, remote, firewall
systems | unix
SHA-256 | cc101b286ce4c1bc5d3b5088e5b69e1377ce5e7a7f5ced1832e967fc8a2e5a7d
nuface-1.2.6.tar.gz
Posted Sep 10, 2007
Authored by Vincent Deffontaines | Site inl.fr

Nuface is a web-based administration tool that generates Edenwall, NuFW, or simple Netfilter firewall rules. It features a high level abstraction on the security policy set by the administrator, and works internally on an XML data scheme. Its philosophy is to let you agglomerate subjects, resources, or protocols into meta-objects, and use those meta objects to generate ACLs, which are then interpreted as netfilter rules by Nupyf, the internal XML parser. This tool may easily be extended to support firewall implementations other than Netfilter.

Changes: VPN (ipsec) networks are now supported in ACLs. Other minor bug fix.
tags | tool, web, firewall, protocol
systems | unix
SHA-256 | fed6776736106c76df50ecf9c82353a23a72fadf3afd707d4c98feb96c79b869
opensc-0.11.4.tar.gz
Posted Sep 10, 2007
Site opensc-project.org

OpenSC consists of a SmartCard library that uses any common transport API (e.g. PC/SC, CT-API, OpenCT) as its backend and applications that use the library. It has been tested extensively on Finnish Electronic Identity (FINEID) cards, but a number of other PKCS #15 and ISO 7816 compatible cards work too. Also implemented are a PKCS #11 module (e.g. for Mozilla Web/email usage), a PAM module, somewhat working OpenSSH support, an OpenSSL engine, a few basic tools, and a PKCS #15 structure generation tool for supported cards.

Changes: Various improvements. Check changelog for more info.
tags | web, library
SHA-256 | 8534e82dd53208c82a29961455f29d8f3b6350fa2be721e537463d8f6f9d6164
pikt-1.19.0.tar.gz
Posted Sep 10, 2007
Authored by Robert Osterlund | Site pikt.org

PIKT is a cross-platform, multi-functional toolkit for monitoring systems, reporting and fixing problems, security management, and updating system configurations. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.

Changes: Substantially revised the PIKT Reference, various additions and minor bug fixes.
tags | tool
systems | unix
SHA-256 | d4e7e79172c4e4ad322fe3149abe7020ece9cda7fba3a132fb62d41bf8b01642
openct-0.6.14.tar.gz
Posted Sep 10, 2007
Authored by Andreas Jellinghaus | Site opensc-project.org

OpenCT is a library for accessing smart card terminals. It provides a rich set of functions for driver writers, protocol drivers for T=0 and T=1, serial and USB functionality, including USB hotplugging. The main user of OpenCT is the OpenSC smart card framework, but OpenCT can of course be used by other applications as well. OpenCT provides a native OpenCT, CT-API and PC/SC Lite IFD interface with an OpenCT ifdhandler resource manager.

Changes: Various updates.
tags | protocol, library
SHA-256 | 3df187f63eb6694652098238bdf967b304dad8f62e9219be4cf3b6d5ec5db58b
ultra-acquire.txt
Posted Sep 10, 2007
Authored by shinnai | Site shinnai.altervista.org

Ultra Crypto Component remote buffer overflow exploit that makes use of CryptoX.dll versions 2.0 and below using the AcquireContext() function.

tags | exploit, remote, overflow, crypto
SHA-256 | 450971ae74450e851185f89b5554d88740d1fe72a4772cb6352c0e12c2a0b971
ultra-cryptox20.txt
Posted Sep 10, 2007
Authored by shinnai | Site shinnai.altervista.org

Ultra Cryto Component suffers from an insecure method vulnerability in CryptoX.dll versions 2.0 and below in the SaveToFile() function.

tags | exploit
SHA-256 | e8687e48dac974bdfc0377f2c94670e30ad964a3bf5470a35bab7072db434d28
auracms21-lfi.txt
Posted Sep 10, 2007
Authored by k1tk4t

AuraCMS version 2.1 suffers from remote file attachment and local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion
SHA-256 | 701c6da9045815b7b14d3950421c198c9ea721b4f767519a29d154f07e3791eb
phpreality-rfi.txt
Posted Sep 10, 2007
Authored by QTRinux | Site root-qtr.com

phpReality version 0.02 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | e0d2c50c6b6a5fdbe0d8fdfb1de6deb6c2bfa86658be2a967fdf4bfbeef2cfcc
PUPET-SisfoKampus2006.txt
Posted Sep 10, 2007
Authored by k-one

Sisfo Kampus 2006 suffers from a remote file download vulnerability in dwoprn.php.

tags | exploit, remote, php
SHA-256 | 952a5d673a3fae37ce2b7eaec8820cf8750e7e9c31d6d50a7326cdb406376bc4
ymsg8boot.tgz
Posted Sep 10, 2007
Authored by slick | Site rstzone.org

Yahoo! Messenger booting exploit that makes use of a malformed code presented during file transfer.

tags | denial of service
SHA-256 | 0f25f802b23d56ffae0ce643b178de303c3eb8ede122c6997faf9fdfed3b6651
Secunia Security Advisory 26755
Posted Sep 10, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for xorg-server. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, debian
SHA-256 | f48500a5adad121dd8d05532734f25f9d8f0bd34f68581cf52d56eda74859ff9
Secunia Security Advisory 26743
Posted Sep 10, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in X.org X11, which potentially can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | 9ec46dc0287cef869dd9a4fb5f93ed12199130316564c3b9c1c4201a507e53ba
Secunia Security Advisory 26746
Posted Sep 10, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for snort. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, fedora
SHA-256 | 4f89d3261e818bbae1d9e8c1fc409cd9005e55a91e2aff56999aeb17c51bbb60
Secunia Security Advisory 26749
Posted Sep 10, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ZhenHan.Liu has discovered some vulnerabilities in Baofeng Storm, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 271aad7c5ae92b46cfda379a9ae39920c84e448cc1fe630877e16187de87821c
Secunia Security Advisory 26751
Posted Sep 10, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for clamav. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, fedora
SHA-256 | fce4bf32fd6c1197b54132fe354b40ada8e9cab86f2ef914685a2d32f76b3455
SYM07-024.txt
Posted Sep 10, 2007
Authored by Matousec-Transparent | Site symantec.com

Symantec was notified of a potential denial of service vulnerability in the device driver SYMTDI.SYS. A specially crafted IRP sent to an IOCTL handler function could allow memory to be overwritten because the address space was not properly validated in some versions of the driver. A potential attacker must be logged into the computer to attempt an exploit. A successful exploit of this vulnerability could potentially allow that user to crash their computer.

tags | advisory, denial of service
advisories | CVE-2007-1476
SHA-256 | e3faa8ab20a31dd129a8644f9134348b722cf64cb7381a0fae571dd600f36645
ShmooConCFP-2008.txt
Posted Sep 10, 2007
Site shmoocon.org

Call For Papers for ShmooCon IV. This conference will be held February 15th through the 17th, 2008. It will take place at the Wardman Park Marriot in Washington D.C., USA.

tags | paper, conference
SHA-256 | 9fad0922cfccdc6158223ad26a2a7ec369efae6851f56ea002578d60ce708cce
php524-basedir.txt
Posted Sep 10, 2007
Authored by laurent gaffie

PHP versions 5.2.4 and below suffer from open_basedir bypass, code execution, and denial of service vulnerabilities.

tags | exploit, denial of service, php, vulnerability, code execution
SHA-256 | 2ac0579947b814ecf20ce6a033b7d1899cca4e970cbaa827e83bd802003aa599
Debian Linux Security Advisory 1370-1
Posted Sep 10, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1370-1 - Several remote vulnerabilities have been discovered in phpMyAdmin, a program to administrate MySQL over the web.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2006-6942, CVE-2006-6944, CVE-2007-1325, CVE-2007-1395, CVE-2007-2245
SHA-256 | 93f6567ba744954674e9d9ae373992eb4a83951dfb09c3ae279e026fb56a4972
Debian Linux Security Advisory 1365-2
Posted Sep 10, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1365-2 - Nikolaus Schulz discovered that a programming error in id3lib, an ID3 Tag Library, may lead to denial of service through symlink attacks.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2007-4460
SHA-256 | 1c24a73e9acc226703f7b159db841005bdd926073cc2ca4226f1b7f8ce7222a7
socialnet-sql.txt
Posted Sep 10, 2007
Site aria-security.net

The myprofile.php code from www.social-networking.tv is susceptible to a SQL injection vulnerability.

tags | exploit, php, sql injection
SHA-256 | 4a720ed70c47432efe2b96f90e741b918f0acef4f8aa0a48184062df1b662734
husrev-sql.txt
Posted Sep 10, 2007
Authored by Yollubunlar | Site yollubunlar.org

Husrev Forums version 2.0.1:PoWerBoard suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | c11410b8284dd3770e86a637f3b774c80a9da104fe6097a02dc030c470d23cf4
proxyanket-sql.txt
Posted Sep 10, 2007
Authored by Yollubunlar | Site yollubunlar.org

Proxy Anket version 3.0.1 suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 9957895b7afb2c01268af97b5c9c0a9bc02e84621a5e8f6aa1af238f62527ece
phpmyquote-sqlxss.txt
Posted Sep 10, 2007
Authored by Yollubunlar | Site yollubunlar.org

phpMyQuote version 0.20 suffers from multiple SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | df2f8d15e870ddedf3e13d288ae129f1a6a32e933c45f055ef248ebf26a4f56b
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close