dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.
6aa5c7bee5feba563d7a4c7e7153dd36d919758b69278e3d235c5ed61adc7bbbnetsniff-ng is a high performance linux network sniffer for packet inspection. Basically, it is similar to tcpdump, but it doesn't need syscalls for fetching packets. Instead, it uses an memory mapped area within kernelspace for accessing packets without the need of copying them to userspace ('zero-copy' mechanism). Therefore, netsniff-ng is libpcap independent. netsniff-ng can be used for protocol analysis and reverse engineering, network debugging, measurement of performance throughput or network statistics creation of incoming packets on central network nodes like routers or firewalls.
d31e8724e6e37c55352f57e32e959bb6bdd8a95aa3e3a9b63f1818e4b3a5fac9Core Security Technologies Advisory - This advisory describes multiple vulnerabilities based on quirks in how Windows handles file names. Nginx, Cherokee, Mongoose, and LightTPD webservers suffer from related vulnerabilities. Details are provided.
d14c8eb014b778de314270ccadfa10820be40c7e4cb58c2ae40cd08b564722b4Flex MySQL Connector suffers from a remote SQL injection vulnerability.
7d5283010c579cc16c42092f05c8c7b76bdd3562d76363dc51e5fde0db0d15f6Core Security Technologies Advisory - A security vulnerability was discovered in LANDesk Management Suite: a cross-site request forgery which allows an external remote attacker to make a command injection that can be used to execute arbitrary code using the webserver user. As a result, an attacker can remove the firewall and load a kernel module, allowing root access to the appliance. It also can be used as a non-persistent XSS.
503f2b9ce130e8c9fd7df36be1f7004846c5609f67a25cc3666a370cdbd97a49Wippien suffers from a flawed key negotiation vulnerability.
1fea0eab05d989b17d3a4de24b417422ef10def3d47b9dfcb7daba641c1851b8This Metasploit module exploits a stack buffer overflow in the yaSSL (1.9.8 and earlier) implementation bundled with MySQL. By sending a specially crafted client certificate, an attacker can execute arbitrary code. This vulnerability is present within the CertDecoder::GetName function inside ./taocrypt/src/asn.cpp. However, the stack buffer that is written to exists within a parent function stack frame. NOTE: This vulnerability requires a non-default configuration. First, the attacker must be able to pass the host-based authentication. Next, the server must be configured to listen on an accessible network interface. Lastly, the server must have been manually configured to use SSL. The binary from version 5.5.0-m2 was built with /GS and /SafeSEH. During testing on Windows XP SP3, these protections successfully prevented exploitation. Testing was also done with mysql on Ubuntu 9.04. Although the vulnerable code is present, both version 5.5.0-m2 built from source and version 5.0.75 from a binary package were not exploitable due to the use of the compiler's FORTIFY feature. Although suse11 was mentioned in the original blog post, the binary package they provide does not contain yaSSL or support SSL.
868f484555ca4e2ef05eee6be5d7e2e2ec89c6ff75cf71a830c02560e0887213This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing a specially crafted date/time string via certain parameters to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.
d7a900baf7b2a1781f51cf39aaa60a9ff5c046184121c6bec715419a7d4484f4This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing an overly long string via the "target-frame" parameter to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.
2f8085ff43c3d34d0a072cc5968db8e5067ac13f456d0d219eb9a570a2f06338
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed