Astalavista Security Newsletter - Issue 25 - Featured articles include - Organizational training and today's threatscape and Fortifying your browser even more! - as well as an interview with Johnny Long, johnny.ihackstuff.com.
8cd6365a270fa93bd8df9cfd9bc3d8933f26d4ba288c2fb12d51ccfa3459b29dAstalavista Security Newsletter - Issue 24 - Featured articles include - Breaking through security myths Part 2 and Threats posed by P2P software - as well as an interview with Vladimir, 3APA3A, Security.nnov.ru.
830e18d4705ce26f1e041603177586529d43b14cb082943724f2c19567a29fc7Astalavista Security Newsletter - Issue 23 - Featured articles include - Breaking through security myths Part 1 and Managing the threats posed by stolen laptops - Tips as well as an interview with David Endler, TippingPoint.com.
e2b3b7d1424c28b027898642d1641da6afd325a7adb28344e2f941be113a7ea5Buffer Overflows, A Peek Under The Hood volume 1.0.
9eaf05f8362d22a0b73eaaf7d58cdaa5d6a3c3636a1c75ed9b16d5f05e22995eWhitepaper discussing the hardening of Windows NT.
c3dfdf7d4262a082864c40fbf2504b64c0e76d0094696de67110b38577ff0649Mozilla Firefox versions 1.5.0.6 and below FTP request remote denial of service exploit.
29158aabba36243f80608348099a937a43674e96180a7f541c9d4fe20cce4c7dAy System CMS versions 2.6 and below remote file inclusion exploit that makes use of main.php.
04fa6a3f1ba3cbfae46eb756ea4a7dfd0c34273c579e7f01f1597890162318f0AlberT-EasySite versions 1.0a5 and below remote file inclusion exploit.
d811136f90f8b4cbe52c8c0b824f86f8458ae21e3fb0bccd01e39a399acedde2iziContents versions RC6 and below GLOBALS[] remote command execution exploit.
da9ecf7a594f63af2a654ce2aa0123bae9cad4a81f56b6ef95fddafc641bfff9CMS Frogss versions 0.4 and below remote SQL injection exploit.
8f056c3f53e60459a9f8aee27d1de152b6906374d39751a909899b908e68e362proManager versions 0.73 and below remote SQL injection exploit that makes use of note.php.
4ca76fcbb5c8a99109d9898e626f0b71af92235dce282eb6015fd615c4cae6afMDaemon Pre Authentication (USER) heap overflow exploit.
4f7b94833ece72e52aeb28060f38d879ff856d35732f73e066575bfd5ed1d323WFTPD server version 3.23 (SIZE) remote buffer overflow exploit.
7914ac75638a3567f909d4690b5f4cdaefdeaf62139121344bbc3778b0a2c588Easy File Sharing ftp server version 2.0 remote proof of concept exploit.
600f9e36332033b9a64f2b63f27cdda2ed523db9b876baee3ee689a3652e8f64Solaris 10 sysinfo(2) local kernel memory disclosure exploit.
5940985dbd705d25f0e8e2e9a0793925f1088d66be78e5ded502f4a3dc5c930bSolaris 8/9 /usr/ucb/ps local information leak exploit.
b5f9e867779f3d6340fa1360745ea8ba7345564303423f3b0d65862cca1e54aaMicrosoft Windows CanonicalizePathName() remote overflow exploit that takes advantage of the flaw listed in MSO6-040.
158a3dd8d371a340f74afd8702d94c69580ff12d0f850c787ee6fc18023b54b5Cyrus IMAPD version 2.3.2 remote buffer overflow exploit.
e97d089ebdd394dfc51151fb89917883a89c603cb0b2544a42d70a648c490ee6aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
2a3899771c00f051d7727359f8ee6eda5029e7d144804e29f8c6743bb5558211SnortSMS is a highly configurable sensor management system that provides the ability to remotely administer Snort [and Barnyard] based Intrusion Detection Systems (IDS), push configuration files, add/edit rules, and monitor system health and statistics, all from a simple and clean Web interface console. Whether you have one or multiple Snort sensors, it can help unify and synchronize all sensor configurations.
bc9be41388b926fe04e12354bcbe48d7fff95e0e6da992ec78240b1edb8c7966p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
174a1756727e8a70ce5608c6f412ecc89544c67b602215c1252df8e4a3c34d10Bob the Butcher is a distributed password cracker. It is built around a client/server system. Cracking speed scales linearly with the number of connected clients. It is designed for efficient cracking resource usage. It will handle many password files at once, aggregating passwords as much as possible.
8e5b5cd9dbc6d44ba2d7227a9394e95e0aec3658a717dc238f6a8330049dc772Mandriva Linux Security Advisory MDKSA-2006-144 - A vulnerability was discovered in the sscanf function of PHP that could allow attackers in certain circumstances to execute arbitrary code via argument swapping which incremented an index past the end of an array and triggered a buffer over-read.
27b45dcd8372f72fea0d4fd25b88bce88512c8471099e265a30d6562d961168ePHProjekt version 0.6.1 suffers from a remote file inclusion vulnerability.
ce21e85ac141c2bc22beae6eb981bc00e0ac5228e572a6fa014d651243657013Internet Explorer crashes due to a mishandling of multiple COM objects.
086cfa2e6e24d12573c614c495c75d26362cbb05e9956afc4f1da67d7f8ebf9f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed