what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-08-05

THC-IPv6 Attack Tool 2.3
Posted Aug 5, 2013
Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: 2 new tools added as well as 2 new scripts. Various updates to existing tools.
tags | tool, protocol
systems | unix
MD5 | 4771be6aa69cc3ab57c9b9672651df6f
Hydra Network Logon Cracker 7.5
Posted Aug 5, 2013
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Moved the license from GPLv3 to AGPLv3. Added module for Asterisk Call Manager. Added support for Android where some functions are not available. Various other updates.
tags | tool, web, imap
systems | cisco, unix
MD5 | a4a5d65fe4f29f57e57808c39cdaaf66
Ruby Gem Rgpg 0.2.2 Command Injection
Posted Aug 5, 2013
Authored by Larry W. Cashdollar

Ruby Gem Rgpg version 0.2.2 suffers from a remote command injection vulnerability.

tags | exploit, remote, ruby
advisories | CVE-2013-4203
MD5 | b5bd06f8f4d1679adf87ce7dca408283
Joomla SectionEx 2.5.96 SQL Injection
Posted Aug 5, 2013
Authored by Matias Fontanini

Joomla SectionEx component version 2.5.96 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2ac9b3a342dc035b986a41ff6513e91f
Red Hat Security Advisory 2013-1137-01
Posted Aug 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1137-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in Ruby's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that to exploit this issue, an attacker would need to obtain a carefully-crafted certificate signed by an authority that the client trusts. All users of Red Hat OpenShift Enterprise 1.2.2 are advised to upgrade to these updated packages, which resolve this issue.

tags | advisory, spoof, ruby
systems | linux, redhat
advisories | CVE-2013-4073
MD5 | 01a393552a8d139a1abae980d4ca273d
Red Hat Security Advisory 2013-1135-01
Posted Aug 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1135-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was discovered that NSS leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2013-0791, CVE-2013-1620
MD5 | 48d043368d78653cf33bec72cdadb6ab
Red Hat Security Advisory 2013-1134-01
Posted Aug 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1134-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. A flaw was found in the way the mod_dav module of the Apache HTTP Server handled merge requests. An attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2013-1862, CVE-2013-1896
MD5 | 4ca104993ae2eace60b1247e7b0e5003
Red Hat Security Advisory 2013-1133-01
Posted Aug 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1133-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. A flaw was found in the way the mod_dav module of the Apache HTTP Server handled merge requests. An attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2013-1862, CVE-2013-1896
MD5 | b812fc5eff25761133fbe50d83490e5e
Red Hat Security Advisory 2013-1136-01
Posted Aug 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1136-01 - rubygem-passenger is a web server for Ruby, Python and Node.js applications. The rubygem-passenger gem created and re-used temporary directories and files in an insecure fashion. A local attacker could use these flaws to conduct a denial of service attack, take over the operation of the application or, potentially, execute arbitrary code with the privileges of the user running rubygem-passenger. Note: By default, OpenShift Enterprise uses polyinstantiation for the /tmp/ directory, thereby minimizing the risk and impact of exploitation by local attackers of both CVE-2013-2119 and CVE-2013-4136.

tags | advisory, web, denial of service, arbitrary, local, python, ruby
systems | linux, redhat
advisories | CVE-2013-2119, CVE-2013-4136
MD5 | e46fb2076ae2cf5f14876af13a2a62a0
Debian Security Advisory 2734-1
Posted Aug 5, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2734-1 - Multiple vulnerabilities were discovered in the dissectors for DVB-CI, GSM A Common and ASN.1 PER and in the Netmon file parser.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-4930, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935
MD5 | 7d15c7ca4b8b025dfe10116c4639e8cc
Mandriva Linux Security Advisory 2013-206
Posted Aug 5, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-206 - Updated owncloud package fixes security vulnerabilities. This update provides OwnCloud 5.0.9, which fixes these issues, as well as several other bugs.

tags | advisory, vulnerability
systems | linux, mandriva
MD5 | 6306e0f487fb6d6b6f9fd0a4296665f4
Slackware Security Advisory - gnupg / libgcrypt Updates
Posted Aug 5, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnupg and libgcrypt packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. New libgpg-error packages are also available for Slackware 13.1 and older as the supplied version wasn't new enough to compile the fixed version of libgcrypt. Related CVE Numbers: CVE-2013-4242,CVE-2013-4242.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4242, CVE-2013-4242
MD5 | 7b2e47d408efcbffaee71164851db653
Debian Security Advisory 2732-1
Posted Aug 5, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2732-1 - Several vulnerabilities have been discovered in the Chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2013-2881, CVE-2013-2882, CVE-2013-2883, CVE-2013-2884, CVE-2013-2885, CVE-2013-2886
MD5 | 90475bd3c4ea578d82cd09fb0d3c2648
Debian Security Advisory 2733-1
Posted Aug 5, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2733-1 - It was discovered that otrs2, the Open Ticket Request System, does not properly sanitise user-supplied data that is used on SQL queries. An attacker with a valid agent login could exploit this issue to craft SQL queries by injecting arbitrary SQL code through manipulated URLs.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2013-4717
MD5 | f7f79460b25a7458be918270d0261faf
IBSng A1.24 Cross Site Scripting
Posted Aug 5, 2013
Authored by IRaNHaCK Security Team

IBSng version A1.24 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | a2b5d894df10f6484926866f151376c5
Digital Ocean Information Leakage
Posted Aug 5, 2013
Authored by Johan Boger

Digitalocean.com leaks customer network traffic to other customers due to having an overly large bridge defined in libvirt-interface.

tags | advisory, info disclosure
MD5 | 6ef6436918beb2b98afa0efdd7b46e86
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    13 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close