OpenStego is a tool implemented in Java for image based steganography, with support for password-based encryption of the data. It currently supports embedding of messages/files in a 24bpp images.
0e37d0f208d8a7bba8ad2e9bba60fec0f95d0e607d9f8dbb0fd784541e31949eSecunia Security Advisory - Cold z3ro has discovered a vulnerability in osDate, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
1b120b53beadf6fa55ea299ad080f58f9e563352980b0db3e7d1ffe15f787e52Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in MaxDB, which can be exploited by malicious people to compromise a vulnerable system.
158de747918ee47eb80231fe82c2af939d18d200c9f43f485e9695be35fe5430Ubuntu Security Notice 567-1 - It was discovered that in very rare configurations using LDAP, Dovecot may reuse cached connections for users with the same password. As a result, a user may be able to login as another if the connection is reused. The default Ubuntu configuration of Dovecot was not vulnerable.
10edd7dfa552e081a9efdf0456b8b2e790f1e5e3ae9656b8eb5ae5af1f8914cbDebian Security Advisory 1458-1 - A race condition in the OpenAFS fileserver allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.
5180ac699d9ea80ee50b0c73321d1f53f9681d2216ece286275ee402e6eebdfcMandriva Linux Security Advisory - An integer overflow in the Exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
70fbc581a044cc32554907f321efaaabce87631eb2a2ae9602a232016225049bThe Apple Quicktime Player versions 7.3.1.70 and below suffer from a buffer overflow vulnerability during the filling of the LCD-like screen containing info about the status of the connection.
f26a1f120bf5f59a3f5ead9fa37499d578dc7f17d95a04199b428150d31705dfSunOS version 5.10 remote ICMP kernel crash exploit that uses a null pointer dereference.
4f502a1609d22fb4487af70f3928426c4d43ffa37155fbfbc203d14ead1d9fb3ID-Commerce suffers from a blind SQL injection vulnerability in liste.php.
d0c244dc23bcb41e8703696b8e6c066d68d3e6f82e75ce062cf989db2c2bcba9Information on pwning the BT Home Hub regarding the exploitation of IGDs remotely via UPnP.
cc12e6ccf90e535582c2741f87e8c2594e1580a93c102655f8b333c03ce6240fEvilsentinel versions 1.0.9 and below disable exploit.
0595c9d3763d5054a1f2942824f6534b5cf192f5ec8514bc8743db39e1fd1a7dDomPHP version 0.81 suffers from a remote file inclusion vulnerability.
053357975922c330c36cb948a52e0a78003a4c661402f0f348eaed977b148ce2MTCMS versions 2.0 and below suffer from remote SQL injection vulnerabilities.
a8d5ec538dcdd832a4e6b49e1acbed4324ac43c07cf4eeecd3c4e1b40e88b757Sun Java System Identity Manager version 6.0, Sun Java System Identity Manager version 7.0, and Sun Java System Identity Manager version 7.1 are susceptible to cross domain redirection, cross site scripting, and frame injection vulnerabilities.
d6006a16a69c00bd066f6cb36ecb14b95ece02d9fc7932ef0a831f29ef9988fdCALL FOR PARTICIPATION uCon 2008 - uCon will be a totally informal and non-profit conference (actually a small gathering of friends, hackers, computer security enthusiasts and idiots alike) taking place in Recife, Pernambuco, in 9th of February 2008 -- three days after the best street carnival in the world. The conference aims to bring together academics, hackers and information security enthusiasts to share cutting-edge ideas and thoughts about their latest developments and techniques in the field.
56b2fc25a332c019fad771f0c6d0dcaa4ae83b9f3ccbd2e76d66b00aa2c9e53fSecunia Security Advisory - Some vulnerabilities have been reported in Xen, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
944e383f361585e18d023271c87626378329e99d242962591152f91ebd32462cSecunia Security Advisory - A vulnerability has been reported in vtiger CRM, which can be exploited by malicious people to disclose potentially sensitive information.
ddfa138b5aafdd4e9339fd64f777f3f3520db3e7c6b602e80439fce7b43628a9Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in VLC Media Player, which can potentially be exploited by malicious people to compromise a user's system.
8b38a95aedacb3f85c3d87c01badd61bc4afa60397d2c5488e5d40217235eb20Secunia Security Advisory - j0j0 has discovered a vulnerability in DomPHP, which can be exploited by malicious people to conduct SQL injection attacks.
5e367fe8d90b117d9f3e71e2deab3ec82babdeaeaf3131054f42b76e429a9518Secunia Security Advisory - Ingate has acknowledged a vulnerability in Ingate Firewall and SIParator, which can be exploited by malicious people to cause a DoS (Denial of Service).
7eb0bbb8134d188757e0b956283837ce52154f0cab0bf2929b54506178ae7f91Secunia Security Advisory - Debian has issued an update for dovecot. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.
179bb36280904c17f9aa674411794bf5f5bcf4a754d56ea2c5e57b8c26a6cf89Secunia Security Advisory - Some vulnerabilities have been reported in Kolab Server, where one vulnerability has an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
753759cdecac84b9e7e2899fc307837bc5c293e919d0a22e6757e286a8c2deb0NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
c183e27457b7b8ad1e4394b63b761255bef9ab9117ed78332c749ab2060ec586Ubuntu Security Notice 566-1 - Jan Pechanec discovered that ssh would forward trusted X11 cookies when untrusted cookie generation failed. This could lead to unintended privileges being forwarded to a remote host.
723ac7ad630c442447baba415ce306f18a8eedcd2fef5ba9b32127a0d187d85cUbuntu Security Notice 565-1 - It was discovered that Squid did not always clean up cache memory correctly. A remote attacker could manipulate cache update replies and cause Squid to use all available memory, leading to a denial of service.
fbb9452e0c8107c455ae7948edcffa61a8c4fc843e406b3dc1479c76067aee88
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed