LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry handlers, so it does not modify sys_call_table, or IDT content. It hide files, directories, and processes. Hides chunks inside of files, gives remote reverse_shell access, local root, etc. This version of the rootkit is specifically ported to work on Ubuntu 8.04 with the 2.6.24 kernel. No backwards compatibility is provided. The modified rootkit was simply meant as a proof of concept for a book. The documentation was not updated to reflect the changes and this was submitted to the site anonymously. Use are your own risk.
4328023a68a04ed6b7e159bb91a29b0c38de5eb14dda0d149ea8a62073244c4d
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
e80b5d0eb3331fc5a2b7bc3a0206cbfc52e68b0ae09ad7d5789d5655275a662c
libaosc is a library for converting x86 shellcode into randomized ASCII-only shellcode.
7936ef2befe0286195d1550bf335ecf775a0fea75bdcab763e2f4930de121a89
JOnAS version 4.10.3 suffers from multiple linked cross site scripting vulnerabilities.
afaea5fdb0d376744371773e337421514069179b0a7143706b6fb2a2558a6b31
HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS).
d37b09bcab75b8427f588b5b4b8642558b4a16897f76f295aef185f0b48fd683
The call for papers for SEC-T 2009 has been announced. It will be held in Stockholm, Sweden.
08e3bd9dd1314c77ac1df1221a2d87bac1b9b0d9c0c1009ad3197e85e1a4c2c3
PenPal version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
c8e1b1bf9c7f037e4e6dabb7b7ead53cf3ee460ed1dcc4ad90c3997245b0831c
Secunia Research has discovered a vulnerability in Orbit Downloader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when generating the "Connecting" log message for HTTP downloads. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into downloading from a malicious HTTP server or opening a specially crafted HTTP URL containing an overly long host name. Successful exploitation allows execution of arbitrary code. Orbit Downloader versions 2.8.2 and 2.8.3 are vulnerable.
c0fec1b2b959aed07156096d8dc79baf656806760da36812f1bc48b1d551b693
Apple Mac OSX xnu versions 1228.x and below local kernel memory disclosure exploit.
bf24b33b436c0d960a5473f70ddae9cd44c63c4bed675b467c03b9f89013530c
fzem is a MUA (mail user agent) fuzzer that fuzzes MAIL/MIME email headers as well as how clients handle SMTP, POP and IMAP responses.
599f60cea508535311603dca6768627d03bd9bcd767d3a2b1e4e869a9ece418a
OpenSite CMS version 2.1 suffers from multiple remote SQL injection vulnerabilities.
c722fda3e8d9046bc13f4a29deb7de00b07b0eb7f9f064bf5b3d32603fe3a893
The CodeGate 2009 hacking and defense contest has been announced. It will be held in Seoul, South Korea and has 40 million Korea Won in prizes (about $26,500 USD).
89a7f70973776f5f4cbc49b18077e92efbb3ee7965f3de8f66733f9f223258ce
Secunia Security Advisory - Nam Nguyen has discovered some vulnerabilities in OpenSite, which can be exploited by malicious users to conduct SQL injection attacks.
b0071ceed9a7aecc653d3af2d2decea06035ebe3c29ba9266cb508619b48caad
Secunia Security Advisory - Fedora has issued an update for gstreamer-plugins-good. This fixes some vulnerabilities, which can potentially be exploited by malicious people to compromise a vulnerable system.
1fec7015b9b709d9a0063c23d81b2f53986f7bf8820887538ffeddee40524c7f
Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious, local users to disclose sensitive information and potentially gain escalated privileges, and by malicious people to bypass certain security restrictions, disclose potentially sensitive information, and compromise a user's system.
4c03a343dc37fc02680d9e728b0a3094d7f5f988718e58943b2623b3fc181bee
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Orbit Downloader, which can be exploited by malicious people to compromise a user's system.
61239f76c159614bbb48c91bea6c0d632fb2177e1993d4dd9be115b87e3fb679
Secunia Security Advisory - Some vulnerabilities have been reported in Adobe RoboHelp Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
c6ba6048f03db55303083186793279ef0cbb717c8c12cb5ecac41b961b5048e9
Secunia Security Advisory - A vulnerability with an unknown impact has been reported in CATIA V5.
d53874ae9510b390c8625157ab5d4f6e3fe057a638c4b87c4f454faa3c4f5833
Secunia Security Advisory - A vulnerability has been reported in Adobe RoboHelp, which can be exploited by malicious people to conduct cross-site scripting attacks.
28a681e29fc925bc8ae56cdbacdfbe2f7c2db97a9e9e1b5db28f08e6550e3ca9
Secunia Security Advisory - A vulnerability has been reported in the piCal module for XOOPS, which can be exploited by malicious people to conduct cross-site scripting attacks.
afa0ae1c2d241b6c789dfdf7011bcc6332afd21c21ead8e611e6e46edefc4770
Secunia Security Advisory - HP has acknowledged a vulnerability and a security issue in HP OpenView Network Node Manager, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
48561ee5ad817725ecc8837ef3aa53c00f7bbdd2dfe8956a5a1ea218890c756e
Secunia Security Advisory - A vulnerability has been reported in ZNC, which can be exploited by malicious users to bypass certain security restrictions and compromise a vulnerable system.
456091068437a69839755d920d21797e7b7235252750232830f1f67e6bba3825
Secunia Security Advisory - Fedora has issued an update for trickle. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
d441906c95bd417e7ca7a04ade29fc642601c1b6d012e2c8dc6a52f01b120647
Secunia Security Advisory - A vulnerability has been reported in OpenGoo, which can be exploited by malicious users to bypass certain security restrictions.
9b6820e67d3d9a0c25e832af17016af51b0b1f51c4b6ce88ec441e3810e3d938
Secunia Security Advisory - IBM has acknowledged a vulnerability with an unknown impact in IBM Websphere Application Server for z/OS.
f1b337efff9c99b5d6c3eb3f6881f7ff2ee5690f71c6b79ceb3827af5ac690e5