exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

Nord VPN 6.14.31 Denial Of Service
Posted Aug 31, 2018
Authored by Borna Nematzadeh

Nord VPN version 6.14.31 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | a27f9ed6b1e476b91335ea7e9a34320b

Related Files

Windows Service Trusted Path Privilege Escalation
Posted Aug 15, 2012
Authored by sinn3r | Site metasploit.com

This Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths: C:\program.exe, and C:\program files\hello.exe, and then execute all of them. To some software developers, this is an unexpected behavior, which becomes a security problem if an attacker is able to place a malicious executable in one of these unexpected paths, sometimes escalate privileges if run as SYSTEM. Some softwares such as OpenVPN 2.1.1, or OpenSSH Server 5, etc... all have the same problem.

tags | exploit
systems | windows
MD5 | 1d4dd3fbed6dce4a1a0d0668447ab955
Entropy Broker RNG 1.0.1
Posted Aug 14, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: This is an important bugfix release. This version replaces the ivec initializer code with something more sensible.
tags | encryption
systems | linux
MD5 | 0599181db7ea55d1885563b285b26990
Viscosity OpenVPN OS X Local Root
Posted Aug 13, 2012
Authored by zx2c4

Viscosity OpenVPN client for Mac OS X suffers from a local root command execution vulnerability due to a suid binary executing site.py.

tags | exploit, local, root
systems | apple, osx
MD5 | 310eead57ed8a1879d25cfaf62404d5b
Tunnel Blick Local Root Exploit Version 2
Posted Aug 11, 2012
Authored by zx2c4

Pwnnel-Blicker is a second local root exploit for Tunnel Blick OS X OpenVPN manager.

tags | exploit, local, root
systems | apple, osx
MD5 | 00ab722f2ba1b1ee134371e96d761d4a
Entropy Broker RNG 1.0
Posted Aug 7, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: EGD client now fully implements the EGD protocol. A network protocol fix was implemented.
tags | encryption
systems | linux
MD5 | f6138b5aab418f3ad2c629194ea6cb46
Barracuda SSL VPN 680 Cross Site Scripting
Posted Aug 1, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

The Barracuda SSL VPN 680 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4aca3120aedae376ce5a87a0871eb3ea
Entropy Broker RNG 0.9
Posted Jul 26, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: video4linux server is now compatible with video4linux2. It will now dump and restore the pool-contents.
tags | tool, encryption
systems | linux
MD5 | 4dfdae989a638eb5ab63b860fa5f8d07
Secunia Security Advisory 49982
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Barracuda SSL VPN, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 4ae6f3316ea660c403f55d3be9681ede
strongSwan IPsec Implementation 5.0.0
Posted Jul 3, 2012
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: The IKEv1 protocol was re-implemented from scratch by extending the successful IKEv2 code. The charon keying daemon now supports both protocols, which allowed the old IKEv1 pluto daemon to be removed. Support for the IKEv1 Aggressive and Hybrid Modes has been added.
tags | tool, encryption, protocol
systems | linux, freebsd, apple, osx
MD5 | 1d7bccb50f01020bb04d06e9755e0eec
Tinc Virtual Private Network Daemon 1.0.19
Posted Jun 26, 2012
Authored by Ivo Timmermans | Site tinc-vpn.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: This release adds basic support for SOCKS and HTTP proxies, as well as proxying through an external command. Support for systemd style socket activation has been added. Environment variables can now be used in the Name configuration option, and :: notation in IPv6 Subnet options is now also allowed.
tags | tool, encryption
systems | unix
MD5 | 5d97ee0f1ccf8fea5b492f6b54d5ac32
OpenNHRP NBMA Next Hop Resolution 0.13.1
Posted Jun 23, 2012
Authored by Timo Teras | Site sourceforge.net

OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.

Changes: This release adds minor fixes for configurations with multiple mgre interfaces.
tags | encryption, protocol
systems | cisco, linux
MD5 | 4c847b558946b07a446b052cc29eb02a
Secunia Security Advisory 49645
Posted Jun 22, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Cisco AnyConnect VPN Client, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | cisco
MD5 | 415e66acd3028afd7a8376bbe04901fb
Debian Security Advisory 2495-1
Posted Jun 16, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2495-1 - A buffer overflow was discovered in OpenConnect, a client for the Cisco AnyConnect VPN, which could result in denial of service.

tags | advisory, denial of service, overflow
systems | cisco, linux, debian
advisories | CVE-2012-3291
MD5 | 09b92bef87c7d2be3803e002cc17d138
Checkpoint Endpoint Connect VPN DLL Hijack
Posted Jun 14, 2012
Authored by Moshe Zioni

A vulnerability in Checkpoint Endpoint Connect VPN causes the client to be susceptible to an attack that result in arbitrary dynamic-library loading. A user with local disk access can carefully construct a DLL that suits a pattern that is being traversed by the client and implement it somewhere along the search path and the client will load it seamlessly.

tags | advisory, arbitrary, local
systems | windows
advisories | CVE-2012-2753
MD5 | ca161bf35254dda9e83bc42ad15b9ff1
Debian Security Advisory 2483-1
Posted Jun 1, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2483-1 - An authentication bypass issue was discovered by the Codenomicon CROSS project in strongSwan, an IPsec-based VPN solution. When using RSA-based setups, a missing check in the gmp plugin could allow an attacker presenting a forged signature to successfully authenticate against a strongSwan responder.

tags | advisory
systems | linux, debian
advisories | CVE-2012-2388
MD5 | 03293a0423f67544c76e2a16b7aaf668
strongSwan IPsec Implementation 4.6.3
Posted May 3, 2012
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: An extended EAP-RADIUS interfaces allows one to enforce Session-Timeout attributes using RFC4478 repeated authentication, and acts upon RADIUS Dynamic Authorization extensions (RFC 5176). Currently supported are disconnect requests and CoA messages containing a Session-Timeout. The tnc-pdp plugin implements a RADIUS server interface allowing a strongSwan TNC server to act as a Policy Decision Point.
tags | encryption, protocol
systems | linux, unix, freebsd, apple, osx
MD5 | 2a1b0bca846a966a56f662f855ced9fb
Cisco Security Advisory 20120328-rsvp
Posted Mar 29, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS Software and Cisco IOS XE Software contain a vulnerability in the RSVP feature when used on a device configured with VPN routing and forwarding (VRF) instances. This vulnerability could allow an unauthenticated, remote attacker to cause an interface wedge, which can lead to loss of connectivity, loss of routing protocol adjacency, and other denial of service (DoS) conditions. This vulnerability could be exploited repeatedly to cause an extended DoS condition. A workaround is available to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.

tags | advisory, remote, denial of service, protocol
systems | cisco, osx
advisories | CVE-2012-1311
MD5 | d182e019ea73fd9bdbccadbfe1f02ac2
F5 FirePass SSL VPN 6.x / 7.x SQL Injection
Posted Mar 29, 2012
Authored by Christoph Schwarz | Site sec-consult.com

F5 FirePass SSL VPN versions 6.0.0 through 6.1.0 and 7.0.0 suffers from a remote SQL injection vulnerability that allows for remote root access.

tags | exploit, remote, root, sql injection
advisories | CVE-2012-1777
MD5 | 10cd15f958fa609324dd54fc7960ec8e
Tinc Virtual Private Network Daemon 1.0.18
Posted Mar 25, 2012
Authored by Ivo Timmermans | Site tinc-vpn.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: This release fixes IPv6 in switch mode by turning off, by default, the DecrementTTL option that was introduced in the previous release. It is now allowed to specify a port number in BindToAddress, which also allows tinc to listen on multiple ports. This release also adds support for multicast communication with UML/QEMU/KVM.
tags | encryption
systems | unix
MD5 | 9352d53e892df4127e839f54a0e8af2a
Cisco Security Advisory 20120314-asaclient
Posted Mar 15, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Clientless VPN solution as deployed by Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) uses an ActiveX control on client systems to perform port forwarding operations. Microsoft Windows-based systems that are running Internet Explorer or another browser that supports Microsoft ActiveX technology may be affected if the system has ever connected to a device that is running the Cisco Clientless VPN solution. A remote, unauthenticated attacker who could convince a user to connect to a malicious web page could exploit this issue to execute arbitrary code on the affected machine with the privileges of the web browser. The affected ActiveX control is distributed to endpoint systems by Cisco ASA. However, the impact of successful exploitation of this vulnerability is to the endpoint system only and does not compromise Cisco ASA devices. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

tags | advisory, remote, web, arbitrary, activex
systems | cisco, windows
advisories | CVE-2012-0358
MD5 | 669220ffedd5a456491b8ddf36bc2152
Checkpoint Firewall VPN1 Information Disclosure
Posted Mar 12, 2012
Authored by Patrick Webster

Checkpoint Firewall VPN1 suffers from a remote information disclosure vulnerability.

tags | advisory, remote, info disclosure
MD5 | 048e312263043ef2c204bb05e575f45c
Tinc Virtual Private Network Daemon 1.0.17
Posted Mar 11, 2012
Authored by Ivo Timmermans | Site tinc-vpn.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: The DeviceType option can now be used to select dummy, raw socket, UML, and VDE devices without needing to recompile tinc. Multiple BindToAddress statements are now allowed. The TTL value of IPv4 and IPv6 packets is decremented. The LocalDiscovery option has been added, allowing tinc to detect peers which are behind the same NAT. Subnets passed with the -o option when StrictSubnets = yes are now accepted. Disabling old RSA keys when generating new ones now also works properly on Windows.
tags | encryption
systems | unix
MD5 | cd9e94e472584f9fe96cd86b42345afe
Secunia Security Advisory 48240
Posted Mar 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stonesoft has acknowledged a vulnerability in StoneGate Firewall/VPN, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 74c26ab95d9b8bb7cdccf5159b71929a
strongSwan IPsec Implementation 4.6.2
Posted Feb 22, 2012
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: The Trusted Computing Group Attestation Platform Trust Service (PTS) protocol was implemented. TPM-based remote attestation of Linux IMA (Integrity Measurement Architecture) is now possible. Measurement reference values are automatically stored in a SQLite database. A RADIUS accounting interface was provided along with support for PKCS#8 encoded private keys.
tags | encryption, protocol
systems | linux, unix, freebsd, apple, osx
MD5 | b25956639dcd31137e4ec6372376fcc2
Barracuda SSL VPN 480 Script Insertion
Posted Jan 16, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Barracuda SSL VPN 480 suffers from multiple input validation vulnerabilities that allow for malicious script insertion and cross site scripting attacks.

tags | exploit, vulnerability, xss
MD5 | 2cff5eb24cd621688258d448382cf3d1
Page 1 of 4
Back1234Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    16 Files
  • 18
    Sep 18th
    8 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close