OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
7a710756f5593965954aa6cffdd0aa7bded7b48f4cb807821b927d8c70bf689c
Security Enhanced (SE) Android is a project to identify and address critical gaps in the security of Android. Initially, the SE Android project is enabling the use of SELinux in Android in order to limit the damage that can be done by flawed or malicious apps and in order to enforce separation guarantees between apps. However, the scope of the SE Android project is not limited to SELinux.
fd58220d089e59918851c79a2dc9cf05064f6523abf950376cc9d3bfde453602
Secunia Security Advisory - A vulnerability has been reported in PHP Membership Site Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.
9a49cf327527d042d5858c430ee26af981894e7dc89fc6cbca276d4e77203054
Secunia Security Advisory - A vulnerability has been reported in McAfee SaaS Endpoint Protection, which can be exploited by malicious people to compromise a user's system.
c37aaade9cb71da86c7ceee835979d45ac9b0bf1a6985348aa89f929a2b008e0
Secunia Security Advisory - A vulnerability has been reported in HP StorageWorks Modular Smart Array P2000, which can be exploited by malicious people to disclose sensitive information.
ad5992bb3150e1b38938c1fb8e6323a50844bcff511961d5219109156ec7d04e
Secunia Security Advisory - A weakness has been reported in IBM WebSphere Application Server, which can be exploited by malicious, local users to manipulate certain data or disclose certain information.
b020b3e0ef40bec367aa29823df66adf1abe8bfec53a07c5429c0b2f48e7c6c8
Secunia Security Advisory - Stefan Schurtz has discovered two vulnerabilities in phpVideoPro, which can be exploited by malicious people to conduct cross-site scripting attacks.
8221c5e0c40e8c10edf48b0bf8d6358bafede4d15b37b882c091b2101b1cbc85
Secunia Security Advisory - A vulnerability has been discovered in the myEASYbackup plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.
ccf2dfb4cf2ee9066cd2e28412fc42b58bcc6ae0a7f21fb5600a232b39fe4185
Secunia Security Advisory - A security issue has been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions.
68bbf82ea8f50e63801250a213717b7338566acbb71e038fe08416f5630882ab
Secunia Security Advisory - Multiple vulnerabilities have been reported in Moodle, which can be exploited by malicious users and malicious people to bypass certain security restrictions.
6509879b8d68ecb7617fb77d84e020dcc4c5269358f4f8f3ecd57e399040b5f3
Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in BoltWire, which can be exploited by malicious people to conduct cross-site scripting attacks.
4d9ca76d0df701c69a2ebd6fd3444b5199462de96edac72dced6a435f12944fb
Secunia Security Advisory - Multiple vulnerabilities have been reported in SonicWALL AntiSpam & EMail Security, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
c59aa13cb1d2c72e7fbfd7bb05dc782dfabd1b4be52f445959686f3ebf9da65d
Secunia Security Advisory - A vulnerability has been discovered in the Discussions component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
0d14943d4534f7ffd316349daabe5f923c94c134f99f8fe6a50f24d02a51e7ea
Secunia Security Advisory - A vulnerability has been reported in phpMyDirectory, which can be exploited by malicious people to conduct SQL injection attacks.
bff92284265f9a4c2bd41ec49477d1c6eb068e36b234ba8d5c5d7e27ef4eeb7e
Secunia Security Advisory - A vulnerability has been reported in Moodle, which can be exploited by malicious people to bypass certain security restrictions.
94af05e6bf54bdf7df8656eecbc8e91eb7d80bf00cedef6abe1b4e325c350208
P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
b4d041b7f5b2f8accca3d9e64e5e1f672057d30337b51ea621cfebdf78c6beae
Mandriva Linux Security Advisory 2012-007 - The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. The Server Gated Cryptography implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors. The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service via crafted data from a TLS client. The updated packages have been patched to correct these issues.
33297fff20727775628ebfb8e80a51c11d2cb085c4af9ee958c7cbcbd758dc6e
Mandriva Linux Security Advisory 2012-006 - The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. The Server Gated Cryptography implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors. The updated packages have been patched to correct these issues.
8546d8cc7082077b12848e834cf179f04e50bc8754ce2f0344bad607506f77b0
This is a very fast TCP port scanner for Linux that can scan multiple hosts and ports at once.
532b12c345a9b6c259dd867d345eb609f6e285aa29aed0c38f393a0f7247b67a
A small application built to test the performance of a pop3 authentication system using a lot of concurrent connections. It can also be used to try lots of password against a pop3 server. It is capable of using up to 1024 sessions (or more using multiple processes). However with this amount it is capable of reducing internet connections to a crawl and also greatly increasing the load on the server.
9656eba6276599aea703b4aa47b69f55bd69c00ef0b2c038630bff66db930ca5
This is a fake sshd which can be used to log common login attempts which are typically used by scammers / spammers / script kiddies to attempt to gain access to servers. It does not modify OpenSSH and uses libssh instead. There is no valid way to login to a shell, can be used to tarpit / delay attackers and can be used to steal the entries used in a dictionary attack.
2cae65ecac170b8d18902634e1d32ed99b5ad3fc094c4e1979ffdde16083f3ed
This is a simple ICMP ping sweeping tool that takes in a range of IP addresses.
f42e0187f536097a0191dec4e7b0d24b97b53a7add5c373fe34cd95f26a39102