what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

netspoc-2.4.tar.gz
Posted Feb 6, 2005
Site netspoc.berlios.de

Network Security Policy Compiler (NetSPoC) is a tool for security management of large networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware - a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.

Changes: Support of redundancy protocols (VRRP, HSRP) has been enhanced. Other minor improvements have been made.
systems | unix
MD5 | 875af15b111b3c998fc8776bb835e577

Related Files

Ubuntu Security Notice USN-1540-1
Posted Aug 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1540-1 - Kaspar Brand discovered a vulnerability in how the Network Security Services (NSS) ASN.1 decoder handles zero length items. If the user were tricked into opening a specially crafted certificate, an attacker could possibly exploit this to cause a denial of service via application crash.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-0441
MD5 | d40f917e9e6e344076ac16b22abe8888
Metasploit Framework 4.4
Posted Jul 17, 2012
Authored by H D Moore | Site metasploit.com

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Changes: 101 modules have been added. Meterpreter has been modernized. Various other improvements.
tags | tool, ruby
systems | unix
MD5 | 674b6bf22606298c98e7735b994dec25
Red Hat Security Advisory 2012-1090-01
Posted Jul 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1090-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in NSS handled zero length items. This flaw could cause the decoder to incorrectly skip or replace certain items with a default value, or could cause an application to crash if, for example, it received a specially-crafted OCSP response.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0441
MD5 | b900ea090ccd11a08803cb0092c0a2d8
Red Hat Security Advisory 2012-1091-01
Posted Jul 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1091-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in NSS handled zero length items. This flaw could cause the decoder to incorrectly skip or replace certain items with a default value, or could cause an application to crash if, for example, it received a specially-crafted OCSP response.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0441
MD5 | 5cbcf5edc302a46582968515f609f644
Red Hat Security Advisory 2012-0973-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0973-04 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority issued a subordinate CA certificate to its customer, that could be used to issue certificates for any name. This update renders the subordinate CA certificate as untrusted. Note: This fix only applies to applications using the NSS Builtin Object Token. It does not render the certificates untrusted for applications that use the NSS library, but do not use the NSS Builtin Object Token.

tags | advisory
systems | linux, redhat
MD5 | 806a363a34d660f82648cd922906657f
Debian Security Advisory 2490-1
Posted Jun 8, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2490-1 - Kaspar Brand discovered that Mozilla's Network Security Services (NSS) library did insufficient length checking in the QuickDER decoder, allowing to crash a program using the library.

tags | advisory
systems | linux, debian
advisories | CVE-2012-0441
MD5 | 692c78b42f6b5af2cf53b5b75fcf49a1
Secunia Security Advisory 49288
Posted Jun 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Network Security Services (NSS), which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library.

tags | advisory, denial of service
MD5 | 4151585105cfe7caea651fb57bc89454
Red Hat Security Advisory 2012-0532-01
Posted May 1, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0532-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. It was found that a Certificate Authority issued fraudulent HTTPS certificates. This update renders any HTTPS certificates signed by that CA as untrusted. This covers all uses of the certificates, including SSL, S/MIME, and code signing. Note: This fix only applies to applications using the NSS Builtin Object Token. It does not render the certificates untrusted for applications that use the NSS library, but do not use the NSS Builtin Object Token.

tags | advisory, web
systems | linux, redhat
MD5 | a4106a16caccc716be96cf1e1ef00697
ClubHACK Magazine Issue 26
Posted Mar 13, 2012
Authored by clubhack | Site chmag.in

ClubHACK Magazine Issue 26 - Topics covered include Network Security, Who wants to be a Millionaire, Section 66A - Sending offensive or false messages, and more.

tags | magazine
MD5 | b766b847726bc31c435ff41d44a964ab
LACSEC 2012 Call For Presentations
Posted Jan 16, 2012
Site lacnic.net

LACSEC 2012 Call For Presentations - The 7th Network Security Event for Latin America and the Caribbean will be held in Quito, Ecuador May 6th through the 11th, 2012.

tags | paper, conference
MD5 | 8bb99ec92d235dd4ea484ce38c782494
Mandriva Linux Security Advisory 2011-169
Posted Nov 10, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-169 - Security issues were identified and fixed in mozilla NSS, firefox and thunderbird. 22 weak 512-bit certificates issued by the DigiCert Sdn. Bhd certificate authority has been revoked from the root CA storage. Untrusted search path vulnerability in Mozilla Network Security Services might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. Cross-site scripting vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding. Various other issues were also addressed.

tags | advisory, remote, web, arbitrary, local, root, trojan, xss
systems | linux, mandriva
advisories | CVE-2011-3640, CVE-2011-3647, CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655
MD5 | e1ba60163ff2de637296e552394bcc62
Red Hat Security Advisory 2011-1444-01
Posted Nov 9, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1444-01 - Network Security Services is a set of libraries designed to support the development of security-enabled client and server applications. It was found that the Malaysia-based Digicert Sdn. Bhd. subordinate Certificate Authority issued HTTPS certificates with weak keys. This update renders any HTTPS certificates signed by that CA as untrusted. This covers all uses of the certificates, including SSL, S/MIME, and code signing. Note: Digicert Sdn. Bhd. is not the same company as found at digicert.com. Note: This fix only applies to applications using the NSS Builtin Object Token. It does not render the certificates untrusted for applications that use the NSS library, but do not use the NSS Builtin Object Token.

tags | advisory, web
systems | linux, redhat
MD5 | 73672b0f20775b92cebffee70786cead
Secunia Security Advisory 46557
Posted Oct 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Network Security Services (NSS), which can be exploited by malicious people to compromise an application using the library.

tags | advisory
MD5 | 3318bf51656f0de27f70e3fd3549d47a
Red Hat Security Advisory 2011-1282-01
Posted Sep 13, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1282-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority issued fraudulent HTTPS certificates. This update renders any HTTPS certificates signed by that CA as untrusted. This covers all uses of the certificates, including SSL, S/MIME, and code signing.

tags | advisory, web
systems | linux, redhat
MD5 | f1437eec02b92f1d9b4434e2ca3bf815
Ubuntu Security Notice USN-1197-4
Posted Sep 9, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1197-4 - USN-1197-1 and USN-1197-3 addressed an issue in Firefox and Xulrunner pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides the corresponding update for the Network Security Service libraries (NSS). USN-1197-1 It was discovered that Dutch Certificate Authority DigiNotar, had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.

tags | advisory
systems | linux, ubuntu
MD5 | 7dd014cca2eee2470dfa1318e8e2c18d
Ubuntu Security Notice USN-1197-2
Posted Sep 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1197-2 - USN-1197-1 fixed a vulnerability in Firefox with regard to the DigiNotar certificate authority. This update provides the corresponding updates for Thunderbird. We are aware that the DigiNotar Root CA Certificate is still shown as trusted in the Thunderbird certificate manager. This is due to Thunderbird using the system version of the Network Security Service libraries (NSS). Thunderbird will actively distrust any certificate signed by this DigiNotar Root CA certificate. This means that users will still get an untrusted certificate warning when accessing a service through Thunderbird that presents a certificate signed by this DigiNotar Root CA certificate. Various other issues were also addressed.

tags | advisory, root
systems | linux, ubuntu
MD5 | c94e19eb17ad3acd4fe7a6b3f05e9ada
Metasploit Framework 4.0.0
Posted Aug 2, 2011
Authored by H D Moore | Site metasploit.com

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Changes: Ships with 716 exploit modules, 361 auxiliary modules, and 68 post modules. 20 new exploits, 3 new auxiliary modules, and 14 new post modules have been added since the last release.
tags | tool, ruby
systems | unix
MD5 | 9b4426a919491d897dc38bd96e6c5ef1
Debian Security Advisory 2203-1
Posted Mar 26, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2203-1 - This update for the Network Security Service libraries marks several fraudulent HTTPS certificates as untrusted.

tags | advisory, web
systems | linux, debian
MD5 | c54365f418c11121e37e54fa288dec18
Metasploit Framework 3.6.0
Posted Mar 7, 2011
Authored by H D Moore | Site metasploit.com

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Changes: This release adds 15 new exploits for a total of 64 new modules since version 3.5.1. Includes Post Exploitation modules that provide local exploits and additional data gathering capabilities.
tags | tool, ruby
systems | unix
MD5 | c40cd0b56a666316e91718d72ebec86c
LACSEC 2011 Call For Presentations
Posted Jan 25, 2011
Site lacnic.net

LACSEC 2011 Call For Presentations - The 6th Network Security Event for Latin America and the Caribbean will be held in Cancun, Mexico, within the framework of LACNIC's fifteenth annual meeting (LACNIC XV). This is a public call for presentations for that event.

tags | paper, conference
MD5 | 514e9944ac5f3e7c09ed5a11ae74af06
Network Security Policy Compiler 3.2
Posted Jan 3, 2011
Site netspoc.berlios.de

Network Security Policy Compiler (NetSPoC) is a tool for security management of large networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware - a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.

Changes: Generated code for Linux iptables is highly optimized now. Deeply nested chains are used to minimize the number of tests for each checked packet. Support has been added for Cisco ASA devices as packet filter, VPN gateway, and for LAN-to-LAN IPSec tunnels. A new option to generate outgoing access lists has been added. Many other improvements and bugfixes have been applied.
systems | unix
MD5 | 38386840d736c11b6bee79be74878f09
Hackito Ergo Sum 2011 Call For Papers
Posted Nov 9, 2010
Authored by Hackito Ergo Sum 2011 | Site hackitoergosum.org

The Hackito Ergo Sum 2011 Call For Papers has been announced. It will be held from April 7th to the 9th, 2011 in Paris, France. HES2011 will be a bigger event with even more talks, focusing on hardcore computer and network security, insecurity, vulnerability analysis, reverse engineering, research and hacking, and will try to keep the high quality content.

tags | paper, conference
MD5 | 701ad5281a3ce12141e6a34ff48f31df
Debian Linux Security Advisory 2123-1
Posted Nov 2, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2123-1 - Several vulnerabilities have been discovered in Mozilla's Network Security Services (NSS) library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2010-3170, CVE-2010-3173
MD5 | c6afe72e298e8dfb8bbef8159f8cb9e2
Secunia Security Advisory 41237
Posted Sep 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Network Security Services (NSS), which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | dc256c79464be5eb27a1fd730368985e
Metasploit Framework 3.4.1
Posted Jul 13, 2010
Authored by H D Moore | Site metasploit.com

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Changes: This release has 16 new exploits, 22 new auxiliary modules and 11 new Meterpreter scripts for your pwning enjoyment.
tags | tool, ruby
systems | unix
MD5 | 915683f40d17f3246dee60f08cc0a61c
Page 1 of 4
Back1234Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close