Moscrack is intended to facilitate the use of a WPA cracker on a cluster. Currently, it has only been used with Mosix (clustering software) and SSH nodes. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to separate processes that run in parallel. The parallel processes can then execute on different nodes in your cluster. All results are checked (to a degree) and recorded on your master node. Logging, error handling, etc. are all handled for you. Moscrack is designed to be run for long periods of time (days, weeks, or more).
985aceb4a402b0e03e0ee23d6fa5dd9c61cb8ad0fe211a22a5db5c3547ed3972
Ubuntu Security Notice 1098-1 - It was discovered that vsftpd incorrectly handled certain glob expressions. A remote authenticated user could use a crafted glob expression to cause vftpd to consume all resources, leading to a denial of service.
069ed5ee94ecf7be1a9e9660c508d1df643b11ee2a9f85007c94090cdd00fb32
The XOOPS JOBs module suffers from database disclosure and cross site scripting vulnerabilities.
e6f7b69ca39f113e542da04a07b9c042cf8cb5348e4113cc11d3c4be4ccdb15e
The ISSA Ireland Security Conference (IISC) 2011 call for papers has been announced. It will be held from May 11th through the 12th, 2011 in The Royal College of Physicians Ireland on Kildare Street, Dublin.
cc742e348803b4bebccc7e0c52ac2c3b04a64d189f3658425747a6b6c29779ab
IDEAL Administration 2011 version 11.4 local SEH buffer overflow exploit that binds a shell to port 4444.
a2205ff75ac16e41c0d959abdf59f6428e9908fee53656bf350ee7b0796ee06c
Enano CMS versions 1.1.7 and below and 1.0.6 and below suffer from a cross site scripting vulnerability.
d571fee22d5a09bcc9d89f487634700a9dde68a4debe97b0a28647b6a0353046
Adobe Omniture suffers from a vulnerability where a malicious cookie can hijack secure connections to the domain by injecting malicious javascript into the page via the cookie.
867e790d12052d21305ffeaf4682a50de4c09e3a702babdcf130ce2820d2e241
Whitepaper called Hacking the Skiddies.
3610f5af940459d0f9772372a3ff9dc213bca95a57b0cebe37d73f4edd86bf38
Whitepaper called Bypassing Anti-Virus Scanners.
8919103e539f8e08d30103803a77e6ad632dce79dedb8e58ee5be3b8dbcbf8c6
Tracks version 1.7.2 suffers from a cross site scripting vulnerability.
0e9afb6d0f5ba2d4b1518a64d2c034a1836ded19120b4ca68150dd5d16c2fd1a
Ubuntu Security Notice 1097-1 - It was discovered that the Tomcat SecurityManager did not properly restrict the working directory. An attacker could use this flaw to read or write files outside of the intended working directory. It was discovered that Tomcat did not properly escape certain parameters in the Manager application which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. It was discovered that Tomcat incorrectly enforced the maxHttpHeaderSize limit in certain configurations. A remote attacker could use this flaw to cause Tomcat to consume all available memory, resulting in a denial of service.
affa18051becc121040b13af705845364918ff2478b4a20b6a34eadba75cede8
DCS Self MNS Product suffers from a remote SQL injection vulnerability.
c2ca0b40610205b927f98747653fb637237ba8db2df139fc58769aafcf5c8a23
Ubuntu Security Notice 1096-1 - Philip Martin discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests containing a lock token. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service.
caf09d37d15cd9024d30be254cdbcd8d0dec859eca34954ae6628f15010273e9
Whitepaper called Writing Manual Shellcode by Hand.
061997e84eadf0ea80fa13c73f114ab9cb5632b12b77b660304a855a3f885f72
This is a whitepaper called the Beginner's Guide To Cross Site Scripting.
15ce1410ad4bb0fb2095406b506cffa4cbd1bd7787c82707575a1d8dcf5f7258
Spitfire CMS version 1.0.436 suffers from a cross site scripting vulnerability.
8560506e77b07ec1cb96f7f2ebf871e667ed02212de56bc5c5a58d5c27f135e3
Ubuntu Security Notice 1095-1 - It was discovered that Quagga incorrectly parsed certain malformed extended communities. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. It was discovered that Quagga resets BGP sessions when encountering malformed AS_PATHLIMIT attributes. A remote attacker could use this flaw to disrupt BGP sessions, resulting in a denial of service. This update removes AS_PATHLIMIT support from Quagga. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and 10.10.
ace92018aca8cb5f956fcdd7df537578af7168e4da59950e1a0e8cf32c374692
Ubuntu Security Notice 1094-1 - Petr Matousek discovered that libvirt did not always honor read-only connections. An attacker who is authorized to connect to the libvirt daemon could exploit this to cause a denial of service via application crash.
6dd8ec7382009c91aee9deaa35b3fc69dbaca15baed81f8c368a15c73a863ca6
WESPA PHP Newsletter version 3.0 suffers from a remote administrative password changing vulnerability when the install script is left in place.
8967ba02e7bee6dbbd12538c41fde3fc9096ae06d10335d62f3cf4e0d8d3794c
Simple PHP Newsletter suffers from a remote administrative password changing vulnerability when the install script is left in place.
6156bed607c247ce156c38d3a514e9b119d3dc5eea5758f60ee0a71ddce5ee47
Solaris 10 suffers from a port stealing vulnerability that can be leveraged to enable denial of service and man-in-the-middle attacks.
48675e27be933162ec7baa7aa594498059d2ec27697cce05e158de2eb0bcbf53
Secunia Security Advisory - John Leitch has discovered a vulnerability in PyroCMS, which can be exploited by malicious people to conduct script insertion attacks.
f0c0672532564446fcce2c6cd50676d8c652589ecf7decf12faa3fe60718d3eb
Secunia Security Advisory - Luigi Auriemma has reported multiple vulnerabilities in ICONICS GENESIS32 and GENESIS64, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
5d6d4f865f6de3359152e5d6ef149bfb9a71d61d3173febc11bad781a08b421c
Secunia Security Advisory - John Leitch has discovered a vulnerability in Easy File Sharing Web Server, which can be exploited by malicious people to bypass certain security restrictions.
dc281f9cbc65856fdf802bde8e23567d51206e02af065ef79da292cdf1ca2eb4
Secunia Security Advisory - A vulnerability has been discovered in Ays Blog, which can be exploited by malicious people to conduct SQL injection attacks.
6ae7065e60762110eb66aac5141e5b05b642fe79a97bffc2cfe33f057c418d84