Exploit the possiblities
Showing 1 - 25 of 892 RSS Feed

Files Date: 2009-03-01 to 2009-03-31

strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Mar 30, 2009
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: New server-side EAP RADIUS plugin. A vulnerability in Dead Peer Detection has been fixed. Other tweaks have been implemented.
tags | kernel, encryption
systems | linux
advisories | CVE-2009-0790
MD5 | 545c95168deaa6a93d66acf5b939d2e6
Mobius Forensic Toolkit
Posted Mar 30, 2009
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: The part catalogue now imports and exports catalogues. Minor bugs were fixed.
tags | tool, python, forensics
MD5 | 815c360eee7e6b9ff0e918e7137a9adf
OpenSSL Toolkit
Posted Mar 30, 2009
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Three security flaws of moderate severity were fixed - Printing the contents of an ASN1 certificate with an illegal encoded length could cause an application crash. CMS verification could cause an invalid set of signed attributes to appear valid. A malformed ASN1 structure could cause invalid memory access. Further minor modifications were made.
tags | encryption, protocol
advisories | CVE-2009-0590, CVE-2009-0591, CVE-2009-0789
MD5 | e555c6d58d276aec7fdc53363e338ab3
Openswan / Strongswan Denial Of Service
Posted Mar 30, 2009
Authored by Paul Wouters

Openswan versions 2.6.20 and below and Strongswan versions 4.2.13 and below suffer from a Dead Peer Detection denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2009-0790
MD5 | b5049a790fa2751072b7804c22935621
Check Point Firewall-1 Overflow
Posted Mar 30, 2009
Authored by BugsNotHugs

The Check Point Firewall-1 PKI Web Service, running by default on TCP port 18264, is vulnerable to a remote overflow in the handling of very long HTTP headers. This was discovered during a pen-test where the client would not allow further analysis and would not provide the full product/version info. Initial testing indicates the 'Authorization' and 'Referer' headers were vulnerable.

tags | exploit, remote, web, overflow, tcp
MD5 | a2a9311c6c2cf88904901184d2b57c7a
Mandriva Linux Security Advisory 2009-082
Posted Mar 30, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-082 - The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via invalid ContextFlags data in the reqFlags field in a negTokenInit token. This update provides the fix for that security issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-0845
MD5 | a6693111b5be52a33f29b63b1518e35e
Debian Linux Security Advisory 1757-1
Posted Mar 30, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1757-1 - It was discovered that auth2db, an IDS logger, log viewer and alert generator, is prone to an SQL injection vulnerability, when used with multibyte character encodings.

tags | advisory, sql injection
systems | linux, debian
MD5 | 3986302ba5562b73971fe8fdfb3c2ba0
Family Connection 1.8.1 SQL Injection
Posted Mar 30, 2009
Authored by Salvatore Fresta

Family Connection version 1.8.1 suffers from a create administrative user vulnerability and multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | c7dfa2b15509b61d89b64bf80db9a387
JobHut 1.2 SQL Injection
Posted Mar 30, 2009
Authored by M.Hasran Addahroni | Site advisories.echo.or.id

JobHut versions 1.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e45ee718c9927fecf045ba99e0508df5
Sami HTTP Server 2.x Denial Of Service
Posted Mar 30, 2009
Authored by Jonathan Salwan | Site shell-storm.org

Sami HTTP Server 2.x remote denial of service with HEAD request exploit.

tags | exploit, remote, web, denial of service
MD5 | 07f9bbd8417cf38cb971d902a039a7d8
Technical Cyber Security Alert 2009-88A
Posted Mar 30, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-088A - US-CERT is aware of public reports indicating a widespread infection of the Conficker worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across a network if the host is not patched with MS08-067.

tags | advisory, worm
systems | windows
MD5 | 11f2942a818aea1b0588694b2e6fb165
Gentoo Linux Security Advisory 200903-40
Posted Mar 30, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-40 - A Denial of Service vulnerability was discovered in Analog. Diego E. Petteno reported that the Analog package in Gentoo is built with its own copy of bzip2, making it vulnerable to CVE-2008-1372 (GLSA 200804-02). Versions less than 6.0-r2 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2008-1372
MD5 | 61d954072f36172e15734e73f2ce0ff0
Wine 1.0.1 Buffer Overflow
Posted Mar 30, 2009
Authored by Jonathan Salwan | Site shell-storm.org

Linux Wine version 1.0.1 local buffer overflow proof of concept code.

tags | exploit, overflow, local, proof of concept
systems | linux
MD5 | 7c41333cfac05d6a61385c29edffbb3a
From Win32 User-Land Through Native API To Kernel
Posted Mar 30, 2009
Authored by cross | Site x1machine.com

Whitepaper called From Win32 User-Land through Native API to Kernel. Includes demonstration code.

tags | paper, kernel
systems | windows
MD5 | 2850b46fa8d6679464eb53efefc006a9
iWare CMS 5.0.4 SQL Injection
Posted Mar 30, 2009
Authored by boom3rang | Site khq-crew.ws

iWare CMS version 5.0.4 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 7dc28a4760cd1fc917974b6d6f30ee85
Arcadwy Arcade Script Authentication Bypass
Posted Mar 30, 2009
Authored by ZoRLu

Arcadwy Arcade Script suffers from an authentication bypass vulnerability due to insecure cookie handling.

tags | exploit, bypass, insecure cookie handling
MD5 | 58ba2fe5adb3c7799ecd4ffad33e2009
Amaya 11.1 Stack Overflow
Posted Mar 30, 2009
Authored by Alfons Luja

Proof of concept exploit for a stack overflow in the W3C editor/browser in Amaya 11.1.

tags | exploit, overflow, proof of concept
MD5 | dba258569151f7e397456272e8889499
Firefox 3.0.x XML Parser Memory Corruption
Posted Mar 30, 2009
Authored by Wojciech Pawlikowski

Firefox version 3.0.x XML parser memory corruption denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | c32f8281d5c3d1ffa90857648939b58b
Nokia Siemens FlexiISN GGSN Authentication Bypass
Posted Mar 30, 2009
Authored by TaMBaRuS

Nokia Siemens FlexiISN GGSN suffers from multiple authentication bypass vulnerabilities.

tags | exploit, vulnerability, bypass
MD5 | d477bce733ce15cd717e1ea7feddcae9
L-Forum 2.4.0 SQL Injection / Command Execution
Posted Mar 30, 2009
Authored by Osirys | Site y-osirys.com

L-Forum version 2.4.0 local file inclusion and command injection via SQL injection exploit.

tags | exploit, local, sql injection, file inclusion
MD5 | 4b471fa98109029110c0ecb40bceedbb
X-Forum 0.6.2 Authentication Bypass
Posted Mar 30, 2009
Authored by Osirys | Site y-osirys.com

X-Forum version 0.6.2 remote command execution exploit that performs authentication bypass via a cookie handling vulnerability. SQL injection vulnerabilities also exist.

tags | exploit, remote, vulnerability, sql injection, bypass
MD5 | 0c87ca84d633864b19a70df9d29c1ef7
Debian Linux Security Advisory 1756-1
Posted Mar 30, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1756-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2009-1169, CVE-2009-1044
MD5 | 01b68871d3aca37b2094769664240daf
glFusion 1.1.2 SQL Injection
Posted Mar 30, 2009
Authored by Nine:Situations:Group | Site retrogod.altervista.org

glFusion versions 1.1.2 and below COM_applyFilter()/order SQL injection exploit.

tags | exploit, sql injection
MD5 | 0425be862ae5c292a667d7ee247a2f40
Ubuntu Security Notice 745-1
Posted Mar 30, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-745-1 - It was discovered that Firefox did not properly perform XUL garbage collection. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS and 8.10. A flaw was discovered in the way Firefox performed XSLT transformations. If a user were tricked into opening a crafted XSL stylesheet, an attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-1044, CVE-2009-1169
MD5 | 33ca4da77f43674bf872663b7d0f7097
Gravy Media CMS 1.07 SQL Injection
Posted Mar 30, 2009
Authored by X0r

Gravy Media CMS version 1.07 suffers from file download and SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
MD5 | fa62acca77cc606b346208a338f6ae30
Page 1 of 36
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close