exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

OpenVPN Private Tunnel 2.8.4 Unquoted Service Path
Posted Nov 1, 2019
Authored by Sainadh Jamalpur

OpenVPN Private Tunnel version 2.8.4 suffers from an ovpnagent unquoted service path vulnerability.

tags | exploit
SHA-256 | 601b759e7aa7665e1861a3a3970a92ae3c6a1cd2db186097845882044c1600b9

Related Files

Secunia Security Advisory 50162
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Jason A. Donenfeld has reported multiple vulnerabilities in Tunnelblick, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
SHA-256 | 8c9d1893a644faab21ac7ba697bdfaaca3106fa8b9f3d7ec8c26978fde1b9178
Tunnel Blick Race Condition Local Root
Posted Aug 12, 2012
Authored by zx2c4

Tunnel Blick suffers from a race condition that allows for local root execution.

tags | exploit, local, root
SHA-256 | c1a060ee41fd2155da5b10c23e65df5727224db3293427daaed6fb1e2ec03027
Tunnel Blick Local Root Exploit Version 2
Posted Aug 11, 2012
Authored by zx2c4

Pwnnel-Blicker is a second local root exploit for Tunnel Blick OS X OpenVPN manager.

tags | exploit, local, root
systems | apple, osx
SHA-256 | 469187a05e24af6ff54301dc1ce224c0d812f436efa24c7f9245c5385e416fb9
Oracle BTM 12.1.0.2.7 Remote File Deletion
Posted Aug 7, 2012
Authored by rgod | Site retrogod.altervista.org

Oracle Business Transaction Management Server version 12.1.0.2.7 suffers from a FlashTunnelService remote file deletion vulnerability.

tags | exploit, remote
SHA-256 | 311f91db815c5072aac47198136e9ee10f620d76d370e8cac2b356c864e2ee5e
Oracle BTM Server 12.1.0.2.7 Remote Code Execution
Posted Aug 7, 2012
Authored by rgod | Site retrogod.altervista.org

Oracle Business Transaction Management Server version 12.1.0.2.7 suffers from a remote code execution vulnerability in the FlashTunnelService WriteToFile message. Proof of concept included.

tags | exploit, remote, code execution, proof of concept
SHA-256 | acb8d1760f5f38380a8cfd44a94ad8e001b2abf766fc39b9cc5f2f92f8d61758
Simple Packet Sender 3.0
Posted Jul 17, 2012
Authored by Hohlraum | Site sourceforge.net

Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.

Changes: Various additions and bug fixes.
tags | tool, udp, scanner, tcp
systems | linux, unix
SHA-256 | 3e2b136f015fae19c61b2b118d1d58402b2d75b2f9c0c22031532788387ffcbe
Tinc Virtual Private Network Daemon 1.0.19
Posted Jun 26, 2012
Authored by Ivo Timmermans | Site tinc-vpn.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: This release adds basic support for SOCKS and HTTP proxies, as well as proxying through an external command. Support for systemd style socket activation has been added. Environment variables can now be used in the Name configuration option, and :: notation in IPv6 Subnet options is now also allowed.
tags | tool, encryption
systems | unix
SHA-256 | 509ebb063399d436e9df0a6ccb03ca1c1190a948662ddeef60bb803684ec76a0
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20120622
Posted Jun 23, 2012
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.

Changes: Tor was updated to 0.2.2.37, BusyBox to 1.20.1, and the kernel to 3.4.2 plus Gentoo's hardened-patches-3.4.2-2.extras. The MIPS port also incorporated these changes, but for this architecture the kernel was kept at vanilla 3.2.5.
tags | tool, x86, kernel, peer2peer
systems | linux
SHA-256 | 9897b37f6a6a7380f2b1a3104f85aedcea9b84b5400594a0944e88925eada2e7
TOR Virtual Network Tunneling Tool 0.2.2.37
Posted Jun 14, 2012
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release introduces a workaround for a critical renegotiation bug in OpenSSL 1.0.1 (20% of the Tor network can't talk to itself currently).
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | ae2c1fb52babd9e92264ac7c4486d3e941be6deb91b8a590965848fbbcbd9e88
TOR Virtual Network Tunneling Tool 0.2.2.36
Posted Jun 7, 2012
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release updates the addresses for two of the eight directory authorities, fixes some potential anonymity and security issues, and fixes several crash bugs. Tor 0.2.1.x has reached its end-of-life. Those Tor versions have many known flaws, and nobody should be using them. You should upgrade. If you're using a Linux or BSD distribution and its packages are obsolete, stop using those packages and upgrade anyway.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2011-4576
SHA-256 | 0e57e6e7dbc98aaa1b458ba745dac9fb19ed3ef59e4251d98de02068723148db
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20120601
Posted Jun 2, 2012
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.

Changes: This release incorporates major changes from upstream to all components of tor-ramdisk. Tor was updated to 0.2.2.36, libevent to 2.0.18, OpenSSH to 6.0p1, BusyBox to 1.20.0, and uclibc to 0.9.33.2, and the kernel was updated to 3.2.11 plus Gentoo's hardened-patches-3.2.11-1.extras. The MIPS port also incorporated these changes, but for this architecture libevent was updated to 2.0.19 and the kernel to 3.2.5.
tags | tool, x86, kernel, peer2peer
systems | linux
SHA-256 | 2f1ba76561161a4b1b0a817d76cb62c817dd94f5aeb98806a1a2cb79ca795bb4
Red Hat Security Advisory 2012-0480-01
Posted Apr 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0480-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A flaw in the xfrm6_tunnel_rcv() function in the Linux kernel's IPv6 implementation could lead to a use-after-free or double free flaw in tunnel6_rcv(). A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the xfrm6_tunnel kernel module loaded, causing it to crash.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2012-1583
SHA-256 | 3a04db312322381195a59a5cee096f0b9b31fa909549ef0629b6a10ab7127860
Tinc Virtual Private Network Daemon 1.0.18
Posted Mar 25, 2012
Authored by Ivo Timmermans | Site tinc-vpn.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: This release fixes IPv6 in switch mode by turning off, by default, the DecrementTTL option that was introduced in the previous release. It is now allowed to specify a port number in BindToAddress, which also allows tinc to listen on multiple ports. This release also adds support for multicast communication with UML/QEMU/KVM.
tags | encryption
systems | unix
SHA-256 | d4ed38a65ae46ee8ca7daaa282acc634ba8d50e5795cb51645097bbae9b843a9
Tinc Virtual Private Network Daemon 1.0.17
Posted Mar 11, 2012
Authored by Ivo Timmermans | Site tinc-vpn.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: The DeviceType option can now be used to select dummy, raw socket, UML, and VDE devices without needing to recompile tinc. Multiple BindToAddress statements are now allowed. The TTL value of IPv4 and IPv6 packets is decremented. The LocalDiscovery option has been added, allowing tinc to detect peers which are behind the same NAT. Subnets passed with the -o option when StrictSubnets = yes are now accepted. Disabling old RSA keys when generating new ones now also works properly on Windows.
tags | encryption
systems | unix
SHA-256 | 016e3162b6a79730526b8eb464d89d2c5e1139b4f2923e7c87e96662ebcc4745
Covert Channel Over ICMP
Posted Mar 9, 2012
Authored by Debasish Mandal

This whitepaper discusses using ICMP as a covert tunnel for traffic. An example of this technique is tunneling complete TCP traffic over ping requests and replies. More technically it works by injecting arbitrary data into an echo packet sent to a remote computer. The remote computer replies in the same manner, injecting an answer into another ICMP packet and sending it back.

tags | paper, remote, arbitrary, tcp
SHA-256 | b3f9abf0a20186c20b5029836a0257f08fc519a4a564f7ad5fd760ed03754755
Secunia Security Advisory 48222
Posted Mar 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for stunnel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, gentoo
SHA-256 | 3a7516f02bc5514d1a1e0a9f856b1ce6bfd6814a9313b1cd6f5c7feb2f68771f
Gentoo Linux Security Advisory 201202-08
Posted Mar 1, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201202-8 - A vulnerability was found in stunnel, allowing remote attackers to cause a Denial of Service and potentially arbitrary code execution. Versions less than 4.44 are affected.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, gentoo
advisories | CVE-2011-2940
SHA-256 | 61c2815a99724d2ace8f44ed8dbfe5620d312ec708c91d2e4ee3c5d7cdadb057
Tor-ramdisk i686 UClibc-based Linux Distribution x86_64 20111225
Posted Dec 27, 2011
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.

Changes: This release incorporates an important security fix from upstream and an upgrade is recommended. Tor was updated to 0.2.2.35, libevent to 2.0.16, and the kernel to 2.6.32.50 plus Gentoo's hardened-patches-2.6.32-83.extras.
tags | tool, kernel, peer2peer
systems | linux
SHA-256 | 36a982d6aa03aaa511252b1130ed6b0d14a80d24eb675d1ca2e4a1ef05fd6b8e
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20111225
Posted Dec 27, 2011
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.

Changes: This release incorporates an important security fix from upstream and an upgrade is recommended. Tor was updated to 0.2.2.35, libevent to 2.0.16, and the kernel to 2.6.32.50 plus Gentoo's hardened-patches-2.6.32-83.extras.
tags | tool, x86, kernel, peer2peer
systems | linux
SHA-256 | ac457a33c004f3bd3a25772290cda9731e40b46e0e85df2b2dfc7e8e8804b497
Tor-ramdisk i686 UClibc-based Linux Distribution MIPS 20111225
Posted Dec 27, 2011
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. MIPS version.

Changes: This release incorporates an important security fix from upstream and an upgrade is recommended. Tor was updated to 0.2.2.35, libevent to 2.0.16, and the kernel to 2.6.32.50 plus Gentoo's hardened-patches-2.6.32-83.extras.
tags | tool, kernel, peer2peer
systems | linux
SHA-256 | 9f962a1146b166cb12019ea5b182eacc2cc8694e655e19753e3b166705565b31
TOR Virtual Network Tunneling Tool 0.2.2.35
Posted Dec 18, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes a critical heap overflow security issue in Tor's buffers code. Absolutely everybody should upgrade. The bug relied on an incorrect calculation when making data continuous in one of the IO buffers, if the first chunk of the buffer was misaligned by just the wrong amount. The miscalculation would allow an attacker to overflow a piece of heap-allocated memory. Various other fixes and enhancements are included in this release.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2011-2778
SHA-256 | f141a41fffd31494a0f96ebbb6b999eab33ce62d5c31f81222a0acd034adbf3a
Stunnel SSL Wrapper 4.48
Posted Nov 27, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: FIPS-compliant OpenSSL DLLs are supplied with the Windows installer. FIPS mode can be disabled with the "fips = no" configuration file option. The stability of the Windows GUI was also improved.
tags | tool, arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
SHA-256 | 9fa723595726806cbf6547a2c453e695e33bf635f2d4771e80d110a06f27ea37
Stunnel SSL Wrapper 4.47b1
Posted Nov 8, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: This release adds Unix socket support and a new certificate verification mode to ignore the CA chain and only verify the peer certificate. It also includes some performance and scalability optimizations, and compilation bugfixes.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
SHA-256 | d12d3d92de6801d03d0dd0bd9b58d169489120f7770e5ac648165b8f34080b14
TOR Virtual Network Tunneling Tool 0.2.2.34
Posted Nov 3, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes a critical anonymity vulnerability where an attacker can deanonymize Tor users. Everybody should upgrade. This release also fixes several vulnerabilities that allow an attacker to enumerate bridge relays.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2011-2768
SHA-256 | a027a535b35e5f9ca7091e4c83a06b4be48f0f95d6906bdd467ccc0659e7e798
Tor-ramdisk i686 UClibc-based Linux Distribution x86_64 20111103
Posted Nov 3, 2011
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.

Changes: This release incorporates a critical fix from upstream. It is recommended that users upgrade as soon as possible. Tor was bumped to version 0.2.2.34, libevent to 2.0.15, and the kernel to 2.6.32.46 plus Gentoo\'s hardened-patches 2.6.32-74.extras.
tags | tool, kernel, peer2peer
systems | linux
SHA-256 | 568e19f2bee2f40b7aebc94201e6e7c0530c0bd21dc063fc84fb7086b0936c20
Page 1 of 4
Back1234Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    20 Files
  • 29
    Nov 29th
    9 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close