P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
ae853ced1e0f3446f86a75db60b1aa28e2344aae92002f1ae7860e5b0620124eMobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
fe30099f81b1becba0ff46b3fca74de5b1cea906c4b982ebd958cd840ce253b4Zero Day Initiative Advisory 12-018 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec PCAnywhere. Authentication is not required to exploit this vulnerability. The flaw exists within the awhost32 component which is used when handling incoming connections. This process listens on TCP port 5631. When handling an authentication request the process copies the user supplied username unsafely to a fixed-length buffer of size 0x108. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM account.
f2e5416cfb35582eb7bb064faa5f556740901c0c7936212dbaf2cc1269cea59bvBadvanced CMPS versions 3.2.2 and below suffer from local file inclusion and remote file inclusion vulnerabilities.
c6a391cbf24f61e8fea160228f0df279dca4ae0f1ad3d65b35e040748bf83045180 bytes small Linux/x86 add new user/password shellcode.
2507665fb5598085aa7170024022a8af2b3c254563abca1ee43b028cda2e1de8This Metasploit module exploits a stack buffer overflow in versions 2.112 of UltraPlayer by creating a specially crafted .m3u file. The file allows an attacker to execute arbitrary code.
ca1fcc7a152abea97e8cfb96078845d146070280b9ea0f1eac09f15ddad9d831NX Web Companion suffers from a spoofing vulnerability that may allow for arbitrary code execution.
c6dbb4c255fa34d27c7f911a58e314d1f1d2ecc2c658c6db8ccba523adf5f97bThis Metasploit module exploits a buffer overflow in Microsoft Office 2003 and command execution with .a malicious doc file .
e45bf18ac108e4ae3783ccae6f6292790febfb3111809b9cea39d7aae1a9bdb6RSSLounge suffers from a cross site scripting vulnerability.
0247221fb2aeed4124aa951eb761e61549b9bf29018bda5ac1745ddf5313614fThis Linux/x86 shellcode searches .php files and injects a PHP backdoor into them.
083be87460a5024c26d79b3f9143ff66d4099a6b438b7ea88f793822bed39c10Acolyte CMS versions 1.5 and 6.3 suffers from cross site scripting and remote SQL injection vulnerabilities.
51fa4e3bd561627016cc5adc2f2401ab8129e365593901bbdd521ba1b6406931D-Link DIR-601 suffers from a tftp related directory traversal vulnerability.
c2341be3374f364db4886f7f9c73cd038eea6bb969288bf41618374a371eccf2DClassifieds version 0.1 Final suffers from a cross site request forgery vulnerability.
888779fbbbf396ea56ee0df0bf1228d2933f57d7888511a331b394459aab82c6OSclass version 2.3.3 suffers from cross site scripting and remote SQL injection vulnerabilities.
68a8b30bf86fd39358f8a0a0494cc909420ce555fbbc8fcc42bab6bdd5564c4dDebian Linux Security Advisory 2393-1 - Julien Tinnes reported a buffer overflow in the bip multiuser irc proxy which may allow arbitrary code execution by remote users.
aa0e1e2a4fec81c893d4428c6732094a2f6aba097136844a5a8ecb22a2e06f1fCall For Papers for MobiPST 2012 - The Second International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST 2012) will be held in Munchen, Germany, July 30th through August 2nd, 2012.
eaa7cdd9a0335e23bd731fc072e34da3b22b7bb6ac8fff8ba34a5e743d2c0e14Ubuntu Security Notice 1347-1 - It was discovered that Evince did not properly parse AFM font files when processing DVI files. If a user were tricked into opening a specially crafted DVI file, an attacker could cause Evince to crash or potentially execute arbitrary code with the privileges of the user invoking the program. In the default installation, attackers would be isolated by the Evince AppArmor profile. Various other issues were also addressed.
e2ae8a4942a1408fd1f5749f1c33407b0d8a1c24263d7c02adea8d51a57e1826HP Security Bulletin HPSBUX02729 SSRT100687 3 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 3 of this advisory.
0f390da79dca7121a928ccac203062c88e4b9d40c3e900178619534800c5aa2dHP Security Bulletin HPSBUX02719 SSRT100658 4 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 4 of this advisory.
db5efe12393320a38d7152547fd542c151617597369faaad374988166242bb6dVerkehrsbetriebe Berlin suffers from a remote SQL injection vulnerability.
fb54b702fdb97e4b2487f7217d188f9ad3e15e521696a53844b118cb2cf31648Symantec PCAnywhere version 12.5.x suffers from a local privilege escalation vulnerability.
949533286d184aa8a366db5cecd292980a2b41e4568456879244809c63d57eb0Symantec PCAnywhere version 12.5.x suffers from a code execution vulnerability.
27a6825032e4993b1623f73392cbc9e6de469b4fcbc3c00fff8bed55e45dcc02Technical Cyber Security Alert 2012-24A - US-CERT has received information from multiple sources about coordinated distributed denial-of-service (DDoS) attacks with targets that included U.S. government agency and entertainment industry websites. The loosely affiliated collective "Anonymous" allegedly promoted the attacks in response to the shutdown of the file hosting site MegaUpload and in protest of proposed U.S. legislation concerning online trafficking in copyrighted intellectual property and counterfeit goods (Stop Online Piracy Act, or SOPA, and Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, or PIPA).
925a21594f876a867e4c6e9471fa1023ca73286d7899e7a048b74bdefeb10aaaMultiple Facebook applications suffer from a null byte SQL injection vulnerability.
712bc0035aef721e45958679ad3227dc02a5a2003c0fac08baef7c664fb8ee22HP Security Bulletin HPSBUX02734 SSRT100729 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS) or to gain unauthorized access. Revision 1 of this advisory.
b2265e92d8b81cb40b2add6a630d861f1b28f98b30119e91fd07549aa77efff1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed