exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files Date: 2011-11-27

Stunnel SSL Wrapper 4.48
Posted Nov 27, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: FIPS-compliant OpenSSL DLLs are supplied with the Windows installer. FIPS mode can be disabled with the "fips = no" configuration file option. The stability of the Windows GUI was also improved.
tags | tool, arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
SHA-256 | 9fa723595726806cbf6547a2c453e695e33bf635f2d4771e80d110a06f27ea37
John The Ripper 1.7.9
Posted Nov 27, 2011
Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.

Changes: OpenMP parallelization of MD5-crypt and bitslice DES has been added. DES key setup has been reworked. x86-64 assembly code for DES S-boxes has been optimized. Support for DES-based tripcodes has been added. Larger hash table sizes for faster processing of millions of hashes per salt have been added. Detection of Intel AVX and AMD XOP with fallback to an alternate program binary has been added. Fallback to a non-OpenMP build has been added. A benchmark result comparison tool has been added. The bundled common passwords list has been updated. Many minor enhancements and a few bugfixes were made.
tags | tool, cracker
systems | windows, unix, beos
SHA-256 | 0d376320b6cc92b0f1341f4a06a79a989c9848e56da8018108b68c0dd6723e05
Mandriva Linux Security Advisory 2011-179
Posted Nov 27, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-179 - The addmntent function in the GNU C Library 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296. Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. crypt_blowfish before 1.1, as used in glibc on certain platforms, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, overflow, local
systems | linux, osx, mandriva
advisories | CVE-2011-1089, CVE-2011-1659, CVE-2011-2483
SHA-256 | 28900655297d1ea4816e5de8820317856a37994a5877afdb6697329afc3ec425
Debian Security Advisory 2353-1
Posted Nov 27, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2353-1 - David Wheeler discovered a buffer overflow in ldns's code to parse RR records, which could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-3581
SHA-256 | 30834ae6dd79c9c782b27e64bf7d40a0b116914d4d1800c26f3abff17771d053
ARP Toxin Cache Poisoner
Posted Nov 27, 2011
Authored by infodox

ARP Toxin is a simple Perl script designed to ARP poison a host on the LAN. It uses Nemesis as a packet crafting tool to create and send the ARP packets. It is NOT original code, merely a slightly improved version of the sample arpredirect script from the book "Hacking: The Art of Exploitation". This variant allows one to set their own poisoning interval and interface to poison on.

tags | tool, perl
systems | unix
SHA-256 | aaa815740a2967208c32389034fd22ddc713b8769ad0c27475d119c8fbeb276d
Titan FTP Server 8.40 Denial Of Service
Posted Nov 27, 2011
Authored by Houssam Sahli

Titan FTP Server version 8.40 suffers from a denial of service condition that leads to a kernel crash.

tags | exploit, denial of service, kernel
SHA-256 | 63a8fb14cd6960d0567ab112f079bffb34f96fff18a95cef2eb2832dd45cdb0b
PHP Video Script SQL Injection
Posted Nov 27, 2011
Authored by longrifle0x

PHP Video Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 853eb5286c79cf9e5e91ab553b21226f4ac833df597dee8272f8dae63b1082f1
#breaking80211 Whitepaper
Posted Nov 27, 2011
Authored by Aetsu

This whitepaper goes into detail on how to break 802.11 detailing the various attack methodologies and tools needed to perform the attacks. Written in Spanish.

tags | paper
SHA-256 | db2e01888753073cc48af12d04fdc0fce7a3a6f5d76f0cf0f4036c28964010c6
Ubuntu Security Notice USN-1281-1
Posted Nov 27, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1281-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that an mmap() call with the MAP_PRIVATE flag on "/dev/zero" was incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-2183, CVE-2011-2479, CVE-2011-2491, CVE-2011-2494, CVE-2011-2495, CVE-2011-2496, CVE-2011-2517, CVE-2011-2905, CVE-2011-2909, CVE-2011-3363
SHA-256 | 872fb0971665c7f419fc03b97528a458416b56407dc592de5dc20aa1368746fa
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close