Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.
2f1ba76561161a4b1b0a817d76cb62c817dd94f5aeb98806a1a2cb79ca795bb4
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
9c16c6cc30e22732c7b928b01088f86c4f085521f0bfb79c1767d04fbea1d1c6
IrfanView version 4.33 suffers from a format plugin ECW decompression heap overflow vulnerability. Proof of concept included.
c43538eed93169fc8652f2b6ea9ae40400dd1b5be469cc38d6a0f59a42a293b4
4PSA VoipNow Professional version 2.5.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
6f5a45b8600e8fe533adf584a387a64dd2a198c144c1b393b77d1686dad0cee0
Digital Whisper Electronic Magazine issue 32. Written in Hebrew.
95f665946446fad919e1f1a847cd9147bde668692ece1bb16c1412e8c8b18535
Chrome 18 suffers from an anti-cross site scripting filter bypass vulnerability.
1a04320110c70fb68d3701680cb02f2d67e96726a3c9acb59bc2023389354ab8
This archive includes two exploits, one metasploit and one not, for the Gimp Script-Fu buffer overflow that affects versions 2.6.11.
e3ee9638af229ed6aa5180a0fb3e878840830b2522da449e5f24b626cf12dc82
This Metasploit module exploits a buffer overflow in the script-fu server component on GIMP <= 2.6.12. By sending a specially crafted packet, an attacker may be able to achieve remote code execution under the context of the user. This Metasploit module has been tested on GIMP for Windows from installers provided by Jernej Simoncic.
639458a065dfbd4eece13f18e4a4a8606ca0ea7c1392c33c55adb20317d1bdad
This Metasploit module exploits a remote buffer overflow in the Citrix Provisioning Services 5.6 SP1 (without Hotfix CPVS56SP1E043) by sending a malformed packet with the opcode 0x40020006 (GetObjetsRequest) to the 6905/UDP port. The module, which allows code execution under the context of SYSTEM, has been successfully tested on Windows Server 2003 SP2 and Windows XP SP3.
e3c0a6f5b3a3f26ed4fb9bebaf9f0c8831cc32e99feb9f9583bae8d17e4829c2
This Metasploit module exploits a remote buffer overflow in the Citrix Provisioning Services 5.6 SP1 (without Hotfix CPVS56SP1E043) by sending a malformed packet with the opcode 0x40020002 (GetFooterRequest) to the 6905/UDP port. The module, which allows code execution under the context of SYSTEM, has been successfully tested on Windows Server 2003 SP2 and Windows XP SP3.
95742b6130c01a360fcb07725b756b00b4f683ebbfffb07615e116c0dbccde5f
This Metasploit module exploits a remote buffer overflow in the Citrix Provisioning Services 5.6 SP1 (without Hotfix CPVS56SP1E043) by sending a malformed packet with the opcode 0x40020004 (GetBootRecordRequest) to the 6905/UDP port. The module, which allows code execution under the context of SYSTEM, has been successfully tested on Windows Server 2003 SP2 and Windows XP SP3.
48a0910b2afcd24f3d4c665d8c997a2e0fe577dffb6bca3c0ecace91c10b120f