The recent Snort evasion vulnerability discovered had a patch released that may also be subverted.
6713c1c92f3b4767472aff22b3efa487e4a2c9723ad15df8eb7a0ddb0ad7aa3a
Timberland's search engine is susceptible to cross site scripting attacks.
23c9655851ea803ba9e09210220aa221603c74417ee0849d35a39c4f76a79428
Joomla/Mambo CMS component SimpleBoard versions 1.1.0 Stable is susceptible to cross site scripting vulnerabilities. Details provided.
201539348312a39f9dc5fa9bf0962c928f7d01a34a4a3f48604680f84265b27e
This archive holds mobile phone ROM images for the Nokia 6630, Nokia n70, Nokia N-GAGE, and the Sony-Ericsson P900. THC has launched the Mobile Phone ROM Image and Reverse Engineering Invitation. Their intention with this release is to motivate other reverse engineers to take a look at the images and to discover other hidden secrets.
bc4fb590e0a44fadd491f26c30c08691e07b7d46405ffc3de2c0f1f3862b4128
VMware ESX server versions prior to 2.5.2 upgrade patch 2, prior to 2.1.2 upgrade patch 6, and prior to 2.0.1 upgrade patch 6 suffer from a cross site scripting issue.
a34796941c3f2d47f3efc4621f3a3bf1f5ee34cf260af386d81d550d414dd84c
An evasion vulnerability in Snort allows an attacker to bypass detection of uricontent rules by adding a carriage return to the end of a URL.
803dd63a6a3778f6ee004363050307a0c784353aab32515a427e3109498ca771
Sourcefire is aware of a possible Snort evasion that exists in the http_inspect preprocessor. This evasion case only applies to protected Apache web servers. Patches will be released for the 2.4 and 2.6 branches on Monday, June 5th.
0e8a450fd24d62290211428c042625ede7054755466104967d1cfbb243895d14
All versions of PHP-Nuke suffer from remote file inclusion vulnerabilities.
ad2eaccbee4c224dda71a27bcfb3c02a466cfc4dc07d608094d422fb03a6701d
strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.
b6b0b810276ab113630ca1b7c4eb99d35acd567ec7c0d33c1aa4b475caebbdb9
ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.
f8d0ee7e19eb17ff793cd0cc92629919233f1e52e07d5dbc73e02b7a611bd360
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported as well.
9a94d2417b13d49cb11aeb11186933fe0e0491904987ca47c88bf5710935c3cb
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
b251fd9079a40345beb5b67bcdf30c3292ee9220d2d062d583b89f3526015138
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. The Framework will run on any modern system that has a working Perl interpreter, the Windows installer includes a slimmed-down version of the Cygwin environment.
8b0e79b55fb861c947bbdb882b3f3655dece2693dd870f99d19cbd3fed23a35e
TinyCA is a simple GUI written in Perl-Gtk to manage a small certification authority. It works as a frontend to OpenSSL. TinyCA lets you manage x509 certificates. It is possible to export data in PEM or DER format for use with servers, as PKCS#12 for use with clients, or as S/MIME certificates for use with email programs. It is also possible to import your own PKCS#10 requests and generate certificates from them. It also lets you create and manage SubCAs for more complex setups. The most important certificate extensions can be configured with the graphical frontend. English and German translations are included.
cf7cbeed216e16b3674b69897b3ee62abdcaaf6bc30f305a760d800bd1c8b612
popa3d is a POP3 daemon which attempts to be extremely secure, reliable, RFC compliant, and fast (in that order).
e7034336c1e4b6ed1ddff7c92851292d396d011237acb2268492f44cedbb7a7f
alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.
bea972240387196acb74685c83bfae93eabe38a36f2935b5f545f2456c9a38a3