what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 756 RSS Feed

Files Date: 2012-10-01 to 2012-10-31

Entropy Broker RNG 2.0
Posted Oct 30, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: Entropy broker is now fully multi-threaded so that no client can block the broker, and higher bitrates can now be achieved. The OpenSSL dependency has been replaced by the crypto++ library. A 'configure' script has been added. This release has been checked for software defects with Coverity. The network protocol has been adapted for bigger block sizes. Ciphers/hashes are now fully user selectable. There is reduced broker entropy usage.
tags | tool, encryption
systems | linux
SHA-256 | 39eaa71765d33198222497e34aab245d65b3b844120d11bec809f454b85721ad
I2P
Posted Oct 30, 2012
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: This release includes extensive low-level changes to the queuing of messages in the router. It implements the CoDel Active Queue Management (AQM) algorithm. It unifies the queuing and priority mechanisms in the transports to aid diagnosis and reduce network latency. Work continues on fixing UDP transport bugs and making UDP more resistant to attacks. There are more changes to improve the performance of the router and reduce its memory usage. This release enables i2psnark's DHT support, introduced in the previous release, by default.
tags | tool
systems | unix
SHA-256 | 39a7d6859bf4bd9ac56fd83a5e32d47d1b24ba06f912a027804492ca941936dd
WordPress FoxyPress 0.4.2.5 XSS / CSRF / SQL Injection
Posted Oct 30, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress FoxyPress plugin version 0.4.2.5 suffers from cross site request forgery, cross site scripting, path disclosure, remote shell upload, open redirect, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection, csrf
SHA-256 | de830eed195cbfc1599a0dbca00d8fe76804c6bb2f451f88dcf2319725caba6a
HP Security Bulletin HPSBUX02825 SSRT100974
Posted Oct 30, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02825 SSRT100974 - A potential security vulnerability has been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. This could allow remote unspecified indirect vulnerabilities. Revision 1 of this advisory.

tags | advisory, java, remote, vulnerability
systems | hpux
advisories | CVE-2012-0547
SHA-256 | 547ceb4ef1c1d89b9d16d647e2865c0306004252d0f2fa561617c7dfa92310e2
Endpoint Protector 4.0.4.2 Cross Site Scripting
Posted Oct 30, 2012
Authored by Juan Manuel Garcia | Site cybsec.com

CYBSEC Security Advisory - Endpoint Protector version 4.0.4.2 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | ef0092389df049ef7eb3985f4d8f532b6da2398a44b2cb06c67d4c0a037ddab5
Red Hat Security Advisory 2012-1416-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1416-01 - The kdelibs packages provide libraries for the K Desktop Environment. Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-4512, CVE-2012-4513
SHA-256 | 101cacfd82c7dac3ea6d3f99a4197eed000e0c42051e56aed16c17208f1c73a8
Red Hat Security Advisory 2012-1418-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1418-01 - The kdelibs packages provide libraries for the K Desktop Environment. Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-4512, CVE-2012-4513
SHA-256 | 6582863cde9c49a0e0bc85184224c6048197a56271a1b5c82822fe8778621d7f
Red Hat Security Advisory 2012-1417-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1417-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 6.0 will end on 30th November, 2012.

tags | advisory
systems | linux, redhat
SHA-256 | c9451315b1ce5338a1748fe923873d9af637d3dfa78f3e93176d908e4589506b
PG Dating Pro CMS 1.0 Cross Site Scripting / SQL Injection
Posted Oct 30, 2012
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

PG Dating Pro CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 2d29ab841271349d3f70693eec7abef53734b54ed8c65588674506854c6b0f6e
Citrix XenServer 6.0.2 Privilege Escalation
Posted Oct 30, 2012
Authored by James Forshaw, Context Information Security Ltd | Site contextis.co.uk

Citrix XenServer version 5.0 through 6.0.2 suffer from a privilege escalation vulnerability.

tags | advisory
advisories | CVE-2012-4606
SHA-256 | eb3974e68da4195443054f477c4bf3f18f7d35f86b9ec8a0799c51acbb0c4459
VaM Shop 1.69 Cross Site Scripting / SQL Injection
Posted Oct 30, 2012
Authored by Security Effect, Vulnerability Laboratory | Site vulnerability-lab.com

VaM Shop version 1.69 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | b0b18e474c417fd1c040915d886eccf373c7e089f4abd9ab7ba5574762eb53ac
Joomla Quiz Cross Site Scripting / SQL Injection
Posted Oct 30, 2012
Authored by Daniel Barragan

The Joomla Quiz component suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | a4cf9598978b4e508c4901011742af5b2e071f4e07687b1393bd4f8be7d61956
NetCat CMS 5.0.1 Cross Site Scripting / HTTP Parameter Pollution
Posted Oct 30, 2012
Authored by Security Effect, Vulnerability Laboratory | Site vulnerability-lab.com

NetCat CMS version 5.0.1 suffers from cross site scripting and HTTP parameter pollution vulnerabilities.

tags | exploit, web, vulnerability, xss
SHA-256 | 21d9c58badf1220d20cd3097eafaba785483ba2bd3262191fdded25eb9733d84
Secunia Security Advisory 51130
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in EMC Avamar Client for VMware, which can be exploited by malicious users to disclose sensitive information.

tags | advisory
SHA-256 | deaac988fa770fc458028bfe0f9f9fe35562dd4d3b67ff7be8a2db044a58ea6f
Secunia Security Advisory 51116
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in the Formhandler extension for TYPO3, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 875d2cfd25178a58dac0e234b2838f0c47b3d7181a052e23bc535c818b8f624a
Secunia Security Advisory 51127
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MozillaFirefox, MozillaThunderbird, xulrunner, and seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, suse
SHA-256 | 1fea2bbae517baa23ca053dc1ae64c82fd9e15994a3ee08e24ff219495c1aea5
Secunia Security Advisory 51123
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, redhat
SHA-256 | bdd901343c88160ef5544078a6448e4c838f7ff514f18d3b165c9ba0bf1acd98
Secunia Security Advisory 51075
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Craig has reported a vulnerability in D-Link Wireless N300 Cloud Router, which can be exploited by malicious people to compromise a vulnerable device.

tags | advisory
SHA-256 | 0c755c044ff7818095b8456ebfb819b7501699f81f43a2f50268485322346eca
Ubuntu Security Notice USN-1620-2
Posted Oct 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1620-2 - USN-1620-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Please note that Thunderbird is only affected by window.location issues through RSS feeds and extensions that load web content. Mariusz Mlynski and others discovered several flaws in Firefox that allowed a remote attacker to conduct cross-site scripting (XSS) attacks. Antoine Delignat-Lavaud discovered a flaw in the way Firefox handled the Location object. If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections and perform cross-origin reading of the Location object. Various other issues were also addressed.

tags | advisory, remote, web, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2012-4196, CVE-2012-4194, CVE-2012-4195, CVE-2012-4196
SHA-256 | f2e4e764d882fd6bbb7f865b89f77a72bcbe31d45eecbc5b68c1ddb8b974ee7d
Secunia Security Advisory 51121
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, ubuntu
SHA-256 | 5b38e09956f586c935b4630b82e2cbe5589bc7e004a970632e953834c2293b8f
Secunia Security Advisory 51105
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for icedove. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 930fea3ca9f7afe619635f17bc6af000f510550568de2821a2f436d3f6684732
Secunia Security Advisory 51108
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has reported a vulnerability in CorePlayer, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 870733fc405b5be026a1fc2b6bf94d2bace074f3968dc0d1414a4b513b9f048f
Secunia Security Advisory 51135
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in the Slideshow plugin for WordPress, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | cae362d210f74443ff8b56bb92abeac5f7ae52f94e4b5fc060ecb07b665e3b0e
Red Hat Security Advisory 2012-1413-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1413-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Multiple flaws were found in the location object implementation in Thunderbird. Malicious content could be used to perform cross-site scripting attacks, bypass the same-origin policy, or cause Thunderbird to execute arbitrary code.

tags | advisory, arbitrary, xss
systems | linux, redhat
advisories | CVE-2012-4194, CVE-2012-4195, CVE-2012-4196
SHA-256 | ccae172d860a3458ffe08c0e4d3601ae3a7c6d83f4023e8cca647e1d72557f01
Debian Security Advisory 2569-1
Posted Oct 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2569-1 - Multiple vulnerabilities have been discovered in Icedove, Debian's version of the Mozilla Thunderbird mail client.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-3982, CVE-2012-3986, CVE-2012-3990, CVE-2012-3991, CVE-2012-4179, CVE-2012-4180, CVE-2012-4182, CVE-2012-4186, CVE-2012-4188
SHA-256 | 5a06bd2116ba702863aef57845ec332601a1a47904f725f8392f9f557e438fe5
Page 1 of 31
Back12345Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close