OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
7a710756f5593965954aa6cffdd0aa7bded7b48f4cb807821b927d8c70bf689cSecurity Enhanced (SE) Android is a project to identify and address critical gaps in the security of Android. Initially, the SE Android project is enabling the use of SELinux in Android in order to limit the damage that can be done by flawed or malicious apps and in order to enforce separation guarantees between apps. However, the scope of the SE Android project is not limited to SELinux.
fd58220d089e59918851c79a2dc9cf05064f6523abf950376cc9d3bfde453602Secunia Security Advisory - A vulnerability has been reported in PHP Membership Site Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.
9a49cf327527d042d5858c430ee26af981894e7dc89fc6cbca276d4e77203054Secunia Security Advisory - A vulnerability has been reported in McAfee SaaS Endpoint Protection, which can be exploited by malicious people to compromise a user's system.
c37aaade9cb71da86c7ceee835979d45ac9b0bf1a6985348aa89f929a2b008e0Secunia Security Advisory - A vulnerability has been reported in HP StorageWorks Modular Smart Array P2000, which can be exploited by malicious people to disclose sensitive information.
ad5992bb3150e1b38938c1fb8e6323a50844bcff511961d5219109156ec7d04eSecunia Security Advisory - A weakness has been reported in IBM WebSphere Application Server, which can be exploited by malicious, local users to manipulate certain data or disclose certain information.
b020b3e0ef40bec367aa29823df66adf1abe8bfec53a07c5429c0b2f48e7c6c8Secunia Security Advisory - Stefan Schurtz has discovered two vulnerabilities in phpVideoPro, which can be exploited by malicious people to conduct cross-site scripting attacks.
8221c5e0c40e8c10edf48b0bf8d6358bafede4d15b37b882c091b2101b1cbc85Secunia Security Advisory - A vulnerability has been discovered in the myEASYbackup plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.
ccf2dfb4cf2ee9066cd2e28412fc42b58bcc6ae0a7f21fb5600a232b39fe4185Secunia Security Advisory - A security issue has been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions.
68bbf82ea8f50e63801250a213717b7338566acbb71e038fe08416f5630882abSecunia Security Advisory - Multiple vulnerabilities have been reported in Moodle, which can be exploited by malicious users and malicious people to bypass certain security restrictions.
6509879b8d68ecb7617fb77d84e020dcc4c5269358f4f8f3ecd57e399040b5f3Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in BoltWire, which can be exploited by malicious people to conduct cross-site scripting attacks.
4d9ca76d0df701c69a2ebd6fd3444b5199462de96edac72dced6a435f12944fbSecunia Security Advisory - Multiple vulnerabilities have been reported in SonicWALL AntiSpam & EMail Security, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
c59aa13cb1d2c72e7fbfd7bb05dc782dfabd1b4be52f445959686f3ebf9da65dSecunia Security Advisory - A vulnerability has been discovered in the Discussions component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
0d14943d4534f7ffd316349daabe5f923c94c134f99f8fe6a50f24d02a51e7eaSecunia Security Advisory - A vulnerability has been reported in phpMyDirectory, which can be exploited by malicious people to conduct SQL injection attacks.
bff92284265f9a4c2bd41ec49477d1c6eb068e36b234ba8d5c5d7e27ef4eeb7eSecunia Security Advisory - A vulnerability has been reported in Moodle, which can be exploited by malicious people to bypass certain security restrictions.
94af05e6bf54bdf7df8656eecbc8e91eb7d80bf00cedef6abe1b4e325c350208P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
b4d041b7f5b2f8accca3d9e64e5e1f672057d30337b51ea621cfebdf78c6beaeMandriva Linux Security Advisory 2012-007 - The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. The Server Gated Cryptography implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors. The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service via crafted data from a TLS client. The updated packages have been patched to correct these issues.
33297fff20727775628ebfb8e80a51c11d2cb085c4af9ee958c7cbcbd758dc6eMandriva Linux Security Advisory 2012-006 - The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. The Server Gated Cryptography implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors. The updated packages have been patched to correct these issues.
8546d8cc7082077b12848e834cf179f04e50bc8754ce2f0344bad607506f77b0This is a very fast TCP port scanner for Linux that can scan multiple hosts and ports at once.
532b12c345a9b6c259dd867d345eb609f6e285aa29aed0c38f393a0f7247b67aA small application built to test the performance of a pop3 authentication system using a lot of concurrent connections. It can also be used to try lots of password against a pop3 server. It is capable of using up to 1024 sessions (or more using multiple processes). However with this amount it is capable of reducing internet connections to a crawl and also greatly increasing the load on the server.
9656eba6276599aea703b4aa47b69f55bd69c00ef0b2c038630bff66db930ca5This is a fake sshd which can be used to log common login attempts which are typically used by scammers / spammers / script kiddies to attempt to gain access to servers. It does not modify OpenSSH and uses libssh instead. There is no valid way to login to a shell, can be used to tarpit / delay attackers and can be used to steal the entries used in a dictionary attack.
2cae65ecac170b8d18902634e1d32ed99b5ad3fc094c4e1979ffdde16083f3edThis is a simple ICMP ping sweeping tool that takes in a range of IP addresses.
f42e0187f536097a0191dec4e7b0d24b97b53a7add5c373fe34cd95f26a39102
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed