what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 50 RSS Feed

Files Date: 2007-12-13

lidstools-2.2.7.2.tar.gz
Posted Dec 13, 2007
Site lids.org

This is the lidstools source package. It contains the source for the lidsconf and lidsadm utilities used to administrate systems enhanced with the Linux Intrusion Detection System kernel patch. These tools are useless without a LIDS enhanced kernel.

Changes: Multiple bug fixes and enhancements.
tags | kernel
systems | linux
SHA-256 | cc3f000869360abe657fb5983386ec6ad2278d6c8c3f26cb4e80cd2a34dd116d
Nmap Scanning Utility 4.50
Posted Dec 13, 2007
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.

Changes: This is the first stable release since 4.20 (more than a year ago), and the first major release since 4.00 almost two years ago. Dozens of development releases led up to this. Major new features since 4.00 include the Zenmap cross-platform GUI, 2nd Generation OS Detection, the Nmap Scripting Engine, a rewritten host discovery system, performance optimization, advanced traceroute functionality, TCP and IP options support, and and nearly 1,500 new version detection signatures. More than 300 other improvements were made as well.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | efc986ad0288c71cdaf690b17d4a5a08445bbda1c1ab4c560f8e575a1dd7f6e5
lids-2.2.3rc1-2.6.21.patch
Posted Dec 13, 2007
Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Updated for 2.6.21.
tags | kernel, root
systems | linux
SHA-256 | 93b7374c32ad1d4530b04a2aee544e95c23d97e7b0f9febb5481915180233655
Secunia Security Advisory 28081
Posted Dec 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the mod_imap module for Apache, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 9af3362c5400bc8cd637232ee1731b3f735747e064c083c08285940c3ea357f0
adult-access.txt
Posted Dec 13, 2007
Authored by Liz0ziM | Site biyo.tk

Adult Script unauthorized administrative access exploit.

tags | exploit
SHA-256 | 40ee0f22dece88845192adbb71ceb8e17056522e2ce13f53fabe330bdc7b64be
trivantis-sql.txt
Posted Dec 13, 2007
Authored by sasquatch | Site securestate.com

The Trivantis CourseMill Enterprise Learning Management System version 4.1 SP4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2007-6338
SHA-256 | f8dbf8a62a7dc36781710bb72467a01e9e68c22253bacbe85e202a59c1d569b4
Mandriva Linux Security Advisory 2007.245
Posted Dec 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Stack-based buffer overflow in driver_wext.c in wpa_supplicant 0.6.0 allows remote attackers to cause a denial of service (crash) via crafted TSF data.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2007-6025
SHA-256 | 326f022248fb612a59499c6139f916bbccf96a827a3d52c923c8061485cee9be
xml2owl-lfi.txt
Posted Dec 13, 2007
Authored by GolD_M | Site tryag.cc

xml2owl version 0.1.1 suffers from a remote file disclosure vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | c1d621ff12b68aba01813b5de294d8315942cc1de7d537ee55cd87b077eb685c
mms-lfi.txt
Posted Dec 13, 2007
Authored by GolD_M | Site tryag.cc

MMS Gallery in PHP version 1.0 suffers from a remote file disclosure vulnerability.

tags | exploit, remote, php, file inclusion
SHA-256 | 81fd428f9343ff6be1df1b34234a99a2b89c94444f4c219b1af5e624d8aca41d
cmsgalaxie-sql.txt
Posted Dec 13, 2007
Authored by MurderSkillz

CMS Galaxie Software suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d3f3d55a6e805ffac6b1631e35f9ac78ed748f12253a1c6205e2140006cca326
citywriter-rfi.txt
Posted Dec 13, 2007
Authored by RoMaNcYxHaCkEr

CityWriter version 0.9.7 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | c7d848602ae90b973f244de290d523908acaf5e45d0fd3550659f6cb1405923f
Gentoo Linux Security Advisory 200712-12
Posted Dec 13, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-12 - loverboy reported that the default_encrypt() function in file encrypt.c does not properly handle overly long passwords. Versions less than 5.0.63 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-6122
SHA-256 | 7f3660c6997df1e0fbe1f78f60454147a35e8fa1449d19287da2e8d9089ef1fb
Secunia Security Advisory 28026
Posted Dec 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - mrhinkydink has reported a security issue in Websense, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 83416d25b32e70f2b9f5d98f3c25dfc2f56f9644fa255ddd519fe96bd5977eae
Secunia Security Advisory 28048
Posted Dec 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - mu-b has reported a vulnerability in Mac OS X, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | apple, osx
SHA-256 | 536494c7930cbcb504902e2b4eaec45f4982801ce25d10f5e81bf1c16c7eb364
Secunia Security Advisory 28071
Posted Dec 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - GoLd_M has discovered a vulnerability in xml2owl, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | f67a1f507b828090ca227e7f32fe38b9f3ecc821ddc978f1fb78f3d019a3f693
Secunia Security Advisory 28077
Posted Dec 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in JBoss Seam, which potentially can be exploited by malicious people to conduct SQL injection attacks against applications using the framework.

tags | advisory, sql injection
SHA-256 | 3b5c3aa52aeb67346f1a48bd0579883b9f88ba321ff2e0670054aee7eb2e41bb
Secunia Security Advisory 28080
Posted Dec 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Robocode, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | ca20c74ddac0656aa56c017067a11e9435f018e84f2097664b17f6f59d7eefa0
Secunia Security Advisory 28082
Posted Dec 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Hitachi has acknowledged some vulnerabilities in the Hitachi Web Server, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, vulnerability, xss
SHA-256 | 9b71cc8e36d28c40bcbf8925cc18fca4d980f905d65848efa8ec215434ce5197
Gentoo Linux Security Advisory 200712-11
Posted Dec 13, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200712-11 - Mike Frysinger reported that the etc-update utility uses temporary files with the standard umask, which results in the files being world-readable when merging configuration files in a default setup. Versions less than 2.1.3.11 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-6249
SHA-256 | b079bf50bde36a56982489b809fb7f70516df67d0c7572464b41c90046f8bcb4
openoffice-signature.txt
Posted Dec 13, 2007
Authored by Henrich C. Poehls, Dong Tran, Finn Petersen, Frederic Pscheid

OpenOffice versions 2.3.0 and 2.2.0 fail to protect certificate information in signed ODF documents.

tags | advisory
SHA-256 | e789309a3ef2dc6a169a094efc856d75de3ae1184ed5b11292c57394399862e9
msoffice-hyper.txt
Posted Dec 13, 2007
Authored by Henrich C. Poehls, Dong Tran, Finn Petersen, Frederic Pscheid

Microsoft Office 2007 fails to protect hyperlinks with the use of digital signatures on a document.

tags | advisory
SHA-256 | bca868f38217254076e297323a9729c6d95e47c979e1765c6880bc24451f68fc
HP Security Bulletin 2007-15.4
Posted Dec 13, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running OpenSSL. The vulnerability could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary
systems | hpux
advisories | CVE-2007-4995
SHA-256 | 11b7fa8be5a8647cf0d17688095f41e921b6b6c89dda9098b77c88256dcb410f
HP Security Bulletin 2007-14.51
Posted Dec 13, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX applications running DCE such as Software Distributor (SD). The vulnerability could be exploited remotely to create a denial of service (DoS).

tags | advisory, denial of service
systems | hpux
advisories | CVE-2007-6195
SHA-256 | a16540ecf8f33085e24e145369499a113c42aff723d72615eb54b15f906d36d9
hc-multi.txt
Posted Dec 13, 2007
Authored by AmnPardaz Security Research Team | Site bugreport.ir

Hosting Controller versions 6.1 Hot fix through 3.3 suffer from multiple vulnerabilities including administrative takeover and SQL injection.

tags | exploit, vulnerability, sql injection
SHA-256 | 460c4d681a9fab2d4f3f565fdcc64e818dd13324a6d143f1fcbe4b7ed76d10fd
Ubuntu Security Notice 550-3
Posted Dec 13, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 550-3 - USN-550-1 fixed vulnerabilities in Cairo. A bug in font glyph rendering was uncovered as a result of the new memory allocation routines. In certain situations, fonts containing characters with no width or height would not render any more. This update fixes the problem. Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-5503
SHA-256 | fde98b6de45bea4444101246c3b1c8d2eb8c38bf2b3e9d872694441b7e4f72d9
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close