accept no compromises
Showing 1 - 25 of 756 RSS Feed

Files Date: 2012-10-01 to 2012-10-31

Entropy Broker RNG 2.0
Posted Oct 30, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: Entropy broker is now fully multi-threaded so that no client can block the broker, and higher bitrates can now be achieved. The OpenSSL dependency has been replaced by the crypto++ library. A 'configure' script has been added. This release has been checked for software defects with Coverity. The network protocol has been adapted for bigger block sizes. Ciphers/hashes are now fully user selectable. There is reduced broker entropy usage.
tags | tool, encryption
systems | linux
MD5 | 87e3bde461e6dafa8fee692541955cb9
I2P
Posted Oct 30, 2012
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: This release includes extensive low-level changes to the queuing of messages in the router. It implements the CoDel Active Queue Management (AQM) algorithm. It unifies the queuing and priority mechanisms in the transports to aid diagnosis and reduce network latency. Work continues on fixing UDP transport bugs and making UDP more resistant to attacks. There are more changes to improve the performance of the router and reduce its memory usage. This release enables i2psnark's DHT support, introduced in the previous release, by default.
tags | tool
systems | unix
MD5 | e0eda2f40a81206c773aff127c29f585
WordPress FoxyPress 0.4.2.5 XSS / CSRF / SQL Injection
Posted Oct 30, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress FoxyPress plugin version 0.4.2.5 suffers from cross site request forgery, cross site scripting, path disclosure, remote shell upload, open redirect, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection, csrf
MD5 | e44f54fc880cd61618e25f10fa7a4eb6
HP Security Bulletin HPSBUX02825 SSRT100974
Posted Oct 30, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02825 SSRT100974 - A potential security vulnerability has been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. This could allow remote unspecified indirect vulnerabilities. Revision 1 of this advisory.

tags | advisory, java, remote, vulnerability
systems | hpux
advisories | CVE-2012-0547
MD5 | 9f2730fe9e25336a8fee683f97500f88
Endpoint Protector 4.0.4.2 Cross Site Scripting
Posted Oct 30, 2012
Authored by Juan Manuel Garcia | Site cybsec.com

CYBSEC Security Advisory - Endpoint Protector version 4.0.4.2 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9e30aa23cff7ece71856b9c2985d08d1
Red Hat Security Advisory 2012-1416-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1416-01 - The kdelibs packages provide libraries for the K Desktop Environment. Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-4512, CVE-2012-4513
MD5 | e8c5ce088d0d745cd689d3515251f6b9
Red Hat Security Advisory 2012-1418-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1418-01 - The kdelibs packages provide libraries for the K Desktop Environment. Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-4512, CVE-2012-4513
MD5 | 8922635f504677f9a8550052d8581491
Red Hat Security Advisory 2012-1417-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1417-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 6.0 will end on 30th November, 2012.

tags | advisory
systems | linux, redhat
MD5 | f915f74c069f7f91993886e260bbba0c
PG Dating Pro CMS 1.0 Cross Site Scripting / SQL Injection
Posted Oct 30, 2012
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

PG Dating Pro CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 4cc3e4a27b513dbf71098d5af95bf2e6
Citrix XenServer 6.0.2 Privilege Escalation
Posted Oct 30, 2012
Authored by James Forshaw, Context Information Security Ltd | Site contextis.co.uk

Citrix XenServer version 5.0 through 6.0.2 suffer from a privilege escalation vulnerability.

tags | advisory
advisories | CVE-2012-4606
MD5 | fc97283d76c9558cee6b0af7236ae621
VaM Shop 1.69 Cross Site Scripting / SQL Injection
Posted Oct 30, 2012
Authored by Security Effect | Site vulnerability-lab.com

VaM Shop version 1.69 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | b14fb8ae4f8e42e35e96117362b8d4e8
Joomla Quiz Cross Site Scripting / SQL Injection
Posted Oct 30, 2012
Authored by Daniel Barragan

The Joomla Quiz component suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 96493e2ca460de737ff4ea37e93753f6
NetCat CMS 5.0.1 Cross Site Scripting / HTTP Parameter Pollution
Posted Oct 30, 2012
Authored by Security Effect | Site vulnerability-lab.com

NetCat CMS version 5.0.1 suffers from cross site scripting and HTTP parameter pollution vulnerabilities.

tags | exploit, web, vulnerability, xss
MD5 | 49723bf8f757bb9d1179eaff1857f333
Secunia Security Advisory 51130
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in EMC Avamar Client for VMware, which can be exploited by malicious users to disclose sensitive information.

tags | advisory
MD5 | 955577111252d59d8d095f4b2a061b95
Secunia Security Advisory 51116
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in the Formhandler extension for TYPO3, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | ad917349dde4616382af3d481a2a960c
Secunia Security Advisory 51127
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MozillaFirefox, MozillaThunderbird, xulrunner, and seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, suse
MD5 | 376050545deca95175cba79827443da0
Secunia Security Advisory 51123
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, redhat
MD5 | 954765417666998ef91ce9e7b8888eca
Secunia Security Advisory 51075
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Craig has reported a vulnerability in D-Link Wireless N300 Cloud Router, which can be exploited by malicious people to compromise a vulnerable device.

tags | advisory
MD5 | 9fabc9fd9b536abd360100a67db1de99
Ubuntu Security Notice USN-1620-2
Posted Oct 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1620-2 - USN-1620-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Please note that Thunderbird is only affected by window.location issues through RSS feeds and extensions that load web content. Mariusz Mlynski and others discovered several flaws in Firefox that allowed a remote attacker to conduct cross-site scripting (XSS) attacks. Antoine Delignat-Lavaud discovered a flaw in the way Firefox handled the Location object. If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections and perform cross-origin reading of the Location object. Various other issues were also addressed.

tags | advisory, remote, web, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2012-4196, CVE-2012-4194, CVE-2012-4195, CVE-2012-4196
MD5 | e2fdb162e511b9fddd00306133a234e0
Secunia Security Advisory 51121
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, ubuntu
MD5 | fa59444c6f04d1c6caabaead02da65ac
Secunia Security Advisory 51105
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for icedove. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, debian
MD5 | b139450b0f0377c8ef6963c6ce88d940
Secunia Security Advisory 51108
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has reported a vulnerability in CorePlayer, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | d3df489fe141991ee67eb34209372432
Secunia Security Advisory 51135
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in the Slideshow plugin for WordPress, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 5a74a10b89a154f461498addbdc750f0
Red Hat Security Advisory 2012-1413-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1413-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Multiple flaws were found in the location object implementation in Thunderbird. Malicious content could be used to perform cross-site scripting attacks, bypass the same-origin policy, or cause Thunderbird to execute arbitrary code.

tags | advisory, arbitrary, xss
systems | linux, redhat
advisories | CVE-2012-4194, CVE-2012-4195, CVE-2012-4196
MD5 | a19fe85153d4303c966ba36a51934999
Debian Security Advisory 2569-1
Posted Oct 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2569-1 - Multiple vulnerabilities have been discovered in Icedove, Debian's version of the Mozilla Thunderbird mail client.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-3982, CVE-2012-3986, CVE-2012-3990, CVE-2012-3991, CVE-2012-4179, CVE-2012-4180, CVE-2012-4182, CVE-2012-4186, CVE-2012-4188
MD5 | a87476f76b619fabb443b17cda219fda
Page 1 of 31
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close