MIT krb5 Security Advisory 2011-008 - The telnet daemon (telnetd) in MIT krb5 (and in krb5-appl after the applications were moved to a separate distribution for krb5-1.8) is vulnerable to a buffer overflow. The flaw does not require authentication to exploit. Exploit code is reported to be actively used in the wild.
94f4852b4ef0d480fd44f6fff8a1a449daff42441b00c788d6970db82695afc2
Mandriva Linux Security Advisory 2011-195 - A vulnerability has been discovered and corrected in krb5-appl, heimdal and netkit-telnet. An unauthenticated remote attacker can cause a buffer overflow and probably execute arbitrary code with the privileges of the telnet daemon. In Mandriva the telnetd daemon from the netkit-telnet-server package does not have an initscript to start and stop the service, however one could rather easily craft an initscript or start the service by other means rendering the system vulnerable to this issue. The updated packages have been patched to correct this issue.
088c8d790f512be759b35321724ad47890342945dbacb0e3d9083cc426187e2c
Whitepaper called Denial of Service attacks and mitigation techniques: Real time implementation with detailed analysis. Unlike other theoretical studies, this paper lays down the steps involved in implementing these attacks in real time networks. These real time attacks are measured and analyzed using network traffic monitors. In addition to that, this project also details various defense strategies that could be enabled on Cisco routers in order to mitigate these attacks. The detection and mitigation mechanisms designed here are effective for small network topologies and can also be extended to analogous large domains.
f1811013d7d890533de92c4b33eb002cc4aea6e5e46e851c9ffe27c39fa5f389
FreeBSD Security Advisory - Some third-party applications, including KDE's kcheckpass command, allow the user to specify the name of the policy on the command line. Since OpenPAM treats the policy name as a path relative to /etc/pam.d or /usr/local/etc/pam.d, users who are permitted to run such an application can craft their own policies and cause the application to load and execute their own modules. If an application that runs with root privileges allows the user to specify the name of the PAM policy to load, users who are permitted to run that application will be able to execute arbitrary code with root privileges.
685c68cd0d879191a8f6e9dd16fb3ba8d2d61b100f23301bbe8d7f9cde467b5e
FreeBSD Security Advisory - The OpenSSL library call used to decrypt private keys ignores the passphrase argument if the key is not encrypted. Because the pam_ssh module only checks whether the passphrase provided by the user is null, users with unencrypted SSH private keys may successfully authenticate themselves by providing a dummy passphrase. If the pam_ssh module is enabled, attackers may be able to gain access to user accounts which have unencrypted SSH private keys.
3f9adbe4371e9a27a25b335c20511c3b4a8582a5127ca9a55c06862e006c1268
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
d488e05390fc02274354b9eb2deb35cb28a9702082aeccf1b3d64435758ea353
This Metasploit module exploits a buffer overflow in the encryption option handler of the Linux BSD-derived telnet service (inetutils or krb5-telnet). Most Linux distributions use NetKit-derived telnet daemons, so this flaw only applies to a small subset of Linux systems running telnetd.
bb350fce364cccea32d543a818c1ec5ccbfecf4e11c746fbe8c7d8b76c2cfd89
This Metasploit module exploits a buffer overflow in the encryption option handler of the FreeBSD telnet service.
5c027aef49c6a33044ddd945cfc6d9db2dfdaac94f49b241b9d556902a49848a
Secunia Security Advisory - A vulnerability has been reported in Kerberos, which can be exploited by malicious people to compromise a vulnerable system.
acded041cda02e4e3d59b3cde944830d45625de300c6fee114da710417fc54c3
Secunia Security Advisory - A vulnerability has been discovered in the Mailing List plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.
a4a45f784900f393ec9b67aa538aa4764438ec5b192357bff7d03aa0455f883f
Secunia Security Advisory - Debian has issued an update for openswan. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).
b0dfdc798a5c9dccb21e03e20faf64ada3a91aae607a956c6991127856f5fc86
Secunia Security Advisory - A vulnerability has been reported in AirOS, which can be exploited by malicious people to bypass certain security features.
13ccb23946e03420bb12718ff2bd98f6dafb4049ce6affb6dc4a973e65302c8b
Secunia Security Advisory - Debian has issued an update for krb5 and krb5-appl. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
7d83aa6c255db315344a341862eb0c3d82513e47db652e0e8ba8145e7563e3dc
Secunia Security Advisory - A vulnerability has been reported in AirOS, which can be exploited by malicious people to bypass certain security features.
8279c69737b4f8fae1c664728d54eb21e6679334bad5d43630e2c56349cd3f66
Secunia Security Advisory - Francois Harvey has discovered a vulnerability in vtiger CRM, which can be exploited by malicious people to bypass certain security restrictions.
9e2160a497daaa7c509714a388c2909ccc36e0786d8ca689bc24b6574c52a8e9
FreeBSD Security Advisory - When an encryption key is supplied via the TELNET protocol, its length is not validated before the key is copied into a fixed-size buffer. An attacker who can connect to the telnetd daemon can execute arbitrary code with the privileges of the daemon (which is usually the "root" superuser).
c92e3537ea4a9d4333d9b238da051a9f86ab6782c92ea9627150610dbec5e756
FreeBSD Security Advisory - The nsdispatch API has no mechanism to alert it to whether it is operating within a chroot environment in which the standard paths for configuration files and shared libraries may be untrustworthy. The FreeBSD ftpd daemon can be configured to use chroot, and also uses the nsdispatch API.
de56ea16374f3970ce64ad7bfe09f78855a3865a7491e05a50722e5299b402de
FreeBSD Security Advisory - A remote attacker could cause the BIND resolver to cache an invalid record, which could cause the BIND daemon to crash when that record is being queried.
913e895f321d484a5440d6ec9ea44d1a471f516fda6b68d698117be493718a87
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
f83a4a45e96832c01e4b720f0f694df5e70f207168baa6c0d9edb14f8f00fd46
Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
36a982d6aa03aaa511252b1130ed6b0d14a80d24eb675d1ca2e4a1ef05fd6b8e
Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.
ac457a33c004f3bd3a25772290cda9731e40b46e0e85df2b2dfc7e8e8804b497
Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. MIPS version.
9f962a1146b166cb12019ea5b182eacc2cc8694e655e19753e3b166705565b31
Red Hat Security Advisory 2011-1852-02 - The krb5-appl packages provide Kerberos-aware telnet, ftp, rcp, rsh, and rlogin clients and servers. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root.
611b0465bb7429b56ae4ca7c0441b264da38bb0f332f78625ca03d057ffe1604
Red Hat Security Advisory 2011-1851-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third- party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root. Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.
fcc05a1144325e7cb4e0faa7cb26db554864cc40f11c6e788b4e245114f681e2
tForum version b0.915 suffers from cross site scripting and remote SQL injection vulnerabilities.
ab9dc74bce79ff1eb08653d7dcd4003f8ffe2590b8c952360aa035a7c732ebb9