what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-08-05

THC-IPv6 Attack Tool 2.3
Posted Aug 5, 2013
Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: 2 new tools added as well as 2 new scripts. Various updates to existing tools.
tags | tool, protocol
systems | unix
SHA-256 | d1e8a3f295931fdc89e200da3c171b9e4922029cc55d11faece9b776ba2fd10a
Hydra Network Logon Cracker 7.5
Posted Aug 5, 2013
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Moved the license from GPLv3 to AGPLv3. Added module for Asterisk Call Manager. Added support for Android where some functions are not available. Various other updates.
tags | tool, web, cracker, imap
systems | cisco, unix
SHA-256 | 7293e7c32198219688e5bf5308f7e8eab37ad78d49701c9860a6b22aecda0ab6
Ruby Gem Rgpg 0.2.2 Command Injection
Posted Aug 5, 2013
Authored by Larry W. Cashdollar

Ruby Gem Rgpg version 0.2.2 suffers from a remote command injection vulnerability.

tags | exploit, remote, ruby
advisories | CVE-2013-4203
SHA-256 | c54580488fa386bb799c224ae7cf985b25c183e8936078b05fc68b8cc01bd006
Joomla SectionEx 2.5.96 SQL Injection
Posted Aug 5, 2013
Authored by Matias Fontanini

Joomla SectionEx component version 2.5.96 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4c343aa59c62d97cee87901b3076377de0e9ca9879a04e4358732a4cb199bdd9
Red Hat Security Advisory 2013-1137-01
Posted Aug 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1137-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in Ruby's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that to exploit this issue, an attacker would need to obtain a carefully-crafted certificate signed by an authority that the client trusts. All users of Red Hat OpenShift Enterprise 1.2.2 are advised to upgrade to these updated packages, which resolve this issue.

tags | advisory, spoof, ruby
systems | linux, redhat
advisories | CVE-2013-4073
SHA-256 | 5049766afbe3a5287229918f7536bbbd09461a243cad60886ef8c458ed3f5200
Red Hat Security Advisory 2013-1135-01
Posted Aug 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1135-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was discovered that NSS leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2013-0791, CVE-2013-1620
SHA-256 | ea3048e1d624e0dfb9d238f708c159b83698d2fa85c180285cb6b492cbce9cd5
Red Hat Security Advisory 2013-1134-01
Posted Aug 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1134-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. A flaw was found in the way the mod_dav module of the Apache HTTP Server handled merge requests. An attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2013-1862, CVE-2013-1896
SHA-256 | f3762866ae287745c1aef81e5fd72ea6d719231d8bf28f0fc66d89f34941946c
Red Hat Security Advisory 2013-1133-01
Posted Aug 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1133-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. A flaw was found in the way the mod_dav module of the Apache HTTP Server handled merge requests. An attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2013-1862, CVE-2013-1896
SHA-256 | 6a1d7201cf3feea885275a7fccb230881f35ce567076aeb08974c43b74be918d
Red Hat Security Advisory 2013-1136-01
Posted Aug 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1136-01 - rubygem-passenger is a web server for Ruby, Python and Node.js applications. The rubygem-passenger gem created and re-used temporary directories and files in an insecure fashion. A local attacker could use these flaws to conduct a denial of service attack, take over the operation of the application or, potentially, execute arbitrary code with the privileges of the user running rubygem-passenger. Note: By default, OpenShift Enterprise uses polyinstantiation for the /tmp/ directory, thereby minimizing the risk and impact of exploitation by local attackers of both CVE-2013-2119 and CVE-2013-4136.

tags | advisory, web, denial of service, arbitrary, local, python, ruby
systems | linux, redhat
advisories | CVE-2013-2119, CVE-2013-4136
SHA-256 | 145d2d1054ef84c2d2f4e31d12c8c8168fad64e9ee4bc03dff62ca5cafd2f4f6
Debian Security Advisory 2734-1
Posted Aug 5, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2734-1 - Multiple vulnerabilities were discovered in the dissectors for DVB-CI, GSM A Common and ASN.1 PER and in the Netmon file parser.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-4930, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935
SHA-256 | ca978295b2d9574a2eb951914fdf46215170e0970e6c062b66430cc0be3e7594
Mandriva Linux Security Advisory 2013-206
Posted Aug 5, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-206 - Updated owncloud package fixes security vulnerabilities. This update provides OwnCloud 5.0.9, which fixes these issues, as well as several other bugs.

tags | advisory, vulnerability
systems | linux, mandriva
SHA-256 | 3eb51aeedb33cebb10b94645c0e7b11c107847b8624dab381d23858d411d4ad3
Slackware Security Advisory - gnupg / libgcrypt Updates
Posted Aug 5, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnupg and libgcrypt packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. New libgpg-error packages are also available for Slackware 13.1 and older as the supplied version wasn't new enough to compile the fixed version of libgcrypt. Related CVE Numbers: CVE-2013-4242,CVE-2013-4242.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4242, CVE-2013-4242
SHA-256 | c1175683a5f439679477f3080f9d765b49fc384e8d97d6c0659f5a5bd7a5ed81
Debian Security Advisory 2732-1
Posted Aug 5, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2732-1 - Several vulnerabilities have been discovered in the Chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2013-2881, CVE-2013-2882, CVE-2013-2883, CVE-2013-2884, CVE-2013-2885, CVE-2013-2886
SHA-256 | 32b03d687426e79e885c07fa5096c09f9f5f1b0a5c70d4fe68f6c4c9d5b205d4
Debian Security Advisory 2733-1
Posted Aug 5, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2733-1 - It was discovered that otrs2, the Open Ticket Request System, does not properly sanitise user-supplied data that is used on SQL queries. An attacker with a valid agent login could exploit this issue to craft SQL queries by injecting arbitrary SQL code through manipulated URLs.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2013-4717
SHA-256 | 17527af704d3664232acad459e3b4ed17fa1772c6437ade8fe8e7d244249c675
IBSng A1.24 Cross Site Scripting
Posted Aug 5, 2013
Authored by IRaNHaCK Security Team

IBSng version A1.24 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | c155f86712960813ad819d5103a4d8242b28718aa6563eb3c8a6e0e3337f0228
Digital Ocean Information Leakage
Posted Aug 5, 2013
Authored by Johan Boger

Digitalocean.com leaks customer network traffic to other customers due to having an overly large bridge defined in libvirt-interface.

tags | advisory, info disclosure
SHA-256 | 87b828307e57aab9be83e9544fa1ed0997885c68065a2edf79eb33788ea018af
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close