all things security
Showing 1 - 25 of 379 RSS Feed

IMAP Files

Hydra Network Logon Cracker 8.6
Posted Jul 22, 2017
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added radmin2 module by catatonic prime. SMB module now checks if SMBv1 is supported by the server and if signing is required. http-form module now supports URLs up to 6000 bytes. Various other updates.
tags | tool, web, imap
systems | cisco, unix
MD5 | 5d909cfea627a1f2482b82dfbd64956c
Hydra Network Logon Cracker 8.5
Posted May 4, 2017
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: New command line option. Changed the format of the restore file to detect cross platform copies. Various bug fixes.
tags | tool, web, imap
systems | cisco, unix
MD5 | 20e097ff7ee11f1c02a9fd2e626a2f97
EMPHASISMINE 3.4.0 IBM Lotus Domino IMAP Exploit
Posted Apr 15, 2017

EMPHASISMINE is an IMAP exploit for IBM Lotus Domino. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. Consider this exploit hostile and unverified. For research purposes only. Description has been referenced from http://medium.com/@networksecurity.

tags | exploit, web, imap
MD5 | 0cfabb5496e540c645d4cba512a96f1a
Hydra Network Logon Cracker 8.4
Posted Jan 31, 2017
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Multiple new protocols implemented. Various bug fixes and proxy support was re-implemented.
tags | tool, web, imap
systems | cisco, unix
MD5 | ac0ffac9bdd1763c69280d00bb90775c
Hydra Network Logon Cracker 8.3
Posted Aug 12, 2016
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Support for upcoming OpenSSL 1.1 added. Fixed hydra redo bug. Updated xhydra for new hydra features and options. Some more command line error checking added. Ensured unneeded sockets are closed.
tags | tool, web, imap
systems | cisco, unix
MD5 | 481e842e141da7ef7e2250a1b0f5da5e
Hydra Network Logon Cracker 8.2
Posted Jun 16, 2016
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added RTSP module. Added patch for ssh. Added SSL SNI support. Various other updates.
tags | tool, web, imap
systems | cisco, unix
MD5 | c74549322d2bd52ff6db3853d084cc8a
FreeBSD Security Advisory - FreeBSD-SA-16:12.openssl
Posted Mar 14, 2016
Authored by OpenSSL Project | Site security.freebsd.org

FreeBSD Security Advisory - A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. Note that traffic between clients and non-vulnerable servers can be decrypted provided another server supporting SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP3) shares the RSA keys of the non-vulnerable server. This vulnerability is known as DROWN. Various other issues were also addressed.

tags | advisory, imap, protocol
systems | freebsd, bsd
advisories | CVE-2016-0702, CVE-2016-0703, CVE-2016-0704, CVE-2016-0705
MD5 | 9ba68b8ddba8c9076b272b296999095c
Xplico Network Forensic Analysis Tool 1.1.2
Posted Feb 17, 2016
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: IPv4 defragmentation and CapAnalysis dissectors and dispatcher were changed.
tags | tool, imap, forensics
systems | linux
MD5 | 741633163c0619389b6c9554095f667c
Xplico Network Forensic Analysis Tool 1.1.1
Posted Nov 2, 2015
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: Added MGCP dissector. IMAP bug fixed.
tags | tool, imap, forensics
systems | linux
MD5 | ce666a8bee310b268392ae99f51d67e5
Heartbleed Vulnerability Scanning Tool
Posted Sep 24, 2015
Authored by hybridus

This python script checks for the OpenSSL memory leak named Heartbleed and as noted in CVE-2014-0160. It can be used for different SSL TLS versions and multiple (HTTPS/SMTP/IMAP/POP3) protocols. It is optimized for mass scans.

tags | tool, web, scanner, imap, protocol, memory leak, python
systems | unix
advisories | CVE-2014-0160
MD5 | b1db07ac7b0e8d6d76ddabdff37f79c6
Ubuntu Security Notice USN-2653-1
Posted Jun 25, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2653-1 - It was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp, pop or smtp server could use this issue to cause a denial of service. It was discovered that the Python xmlrpc library did not limit unpacking gzip-compressed HTTP bodies. A malicious server could use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, web, denial of service, imap, protocol, python
systems | linux, ubuntu
advisories | CVE-2013-1752, CVE-2013-1753, CVE-2014-4616, CVE-2014-4650, CVE-2014-7185
MD5 | ac9d8c6cbf95a6ebe7d7cd29055bba98
Mandriva Linux Security Advisory 2015-113
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-113 - Updated dovecot packages fix security vulnerability. Dovecot before 2.2.13 is vulnerable to a DoS attack against imap/pop3-login processes. If SSL/TLS handshake was started but wasn't finished, the login process attempted to eventually forcibly disconnect the client, but failed to do it correctly. This could have left the connections hanging around for a long time.

tags | advisory, imap
systems | linux, mandriva
advisories | CVE-2014-3430
MD5 | 04e7a260c9adecc73f42dd9613092367
Hydra Network Logon Cracker 8.1
Posted Dec 8, 2014
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Multiple patches added. The -M option is fixed. Various other small fixes and enhancements.
tags | tool, web, imap
systems | cisco, unix
MD5 | 7a20011400c6282603d4b1ae461cabf2
Mandriva Linux Security Advisory 2014-182
Posted Sep 25, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-182 - Robert Scheck reported that Zarafa's WebAccess stored session information, including login credentials, on-disk in PHP session files. This session file would contain a user's username and password to the Zarafa IMAP server. Robert Scheck discovered that the Zarafa Collaboration Platform has multiple incorrect default permissions.

tags | advisory, php, imap
systems | linux, mandriva
advisories | CVE-2014-0103, CVE-2014-5447, CVE-2014-5448, CVE-2014-5449, CVE-2014-5450
MD5 | ec52bc1b38339b4ddfed4e51c2496628
Debian Security Advisory 2979-1
Posted Jul 19, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2979-1 - Two vulnerabilities were discovered in Fail2ban, a solution to ban hosts that cause multiple authentication errors. When using Fail2ban to monitor Postfix or Cyrus IMAP logs, improper input validation in log parsing could enable a remote attacker to trigger an IP ban on arbitrary addresses, resulting in denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability, imap
systems | linux, debian
advisories | CVE-2013-7176, CVE-2013-7177
MD5 | b8e0f4dae94ee061ba613373d54d7a1b
Red Hat Security Advisory 2014-0790-01
Posted Jun 25, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0790-01 - Dovecot is an IMAP server, written with security primarily in mind, for Linux and other UNIX-like systems. It also contains a small POP3 server. It supports mail in both the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. It was discovered that Dovecot did not properly discard connections trapped in the SSL/TLS handshake phase. A remote attacker could use this flaw to cause a denial of service on an IMAP/POP3 server by exhausting the pool of available connections and preventing further, legitimate connections to the IMAP/POP3 server to be made.

tags | advisory, remote, denial of service, imap
systems | linux, redhat, unix
advisories | CVE-2014-3430
MD5 | f72fa3d0e02a43263c34e61052b660d6
Debian Security Advisory 2954-1
Posted Jun 10, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2954-1 - It was discovered that the Dovecot email server is vulnerable to a denial of service attack against imap/pop3-login processes due to incorrect handling of the closure of inactive SSL/TLS connections.

tags | advisory, denial of service, imap
systems | linux, debian
advisories | CVE-2014-3430
MD5 | d6be4ce8a522c3a4434851e5d9df1a86
PCredz 0.9
Posted Jun 9, 2014
Authored by laurent gaffie | Site github.com

This tool extracts credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, and more from a pcap file or from a live interface.

tags | tool, web, sniffer, imap
MD5 | 53dbaff0289eccf8b85cdc81bfc319a1
Hydra Network Logon Cracker 8.0
Posted Jun 3, 2014
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added patch for xhydra that adds bruteforce generator to the GUI, initial interactive password authentication test for ssh, patch which adds Unicode support for the SMB module, and module for redis. Various bug fixes and enhancements also included.
tags | tool, web, imap
systems | cisco, unix
MD5 | 8ae08657af314677a008533c621e9ee7
Mandriva Linux Security Advisory 2014-099
Posted May 19, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-099 - Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service via an incomplete SSL/TLS handshake for an IMAP/POP3 connection. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, imap
systems | linux, mandriva
advisories | CVE-2014-3430
MD5 | 203a4d17ba895e3795644fd85f6341ee
Xplico Network Forensic Analysis Tool 1.1.0
Posted Jan 7, 2014
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: This release improves performance, and adds the new dissectors Yahoo Messenger, Cisco HDLC, and Null/Loopback. The nDPI library has been updated. Alice Webmail and Libero Webmail decoding have been added.
tags | tool, imap, forensics
systems | linux
MD5 | 4822ac669f61afeea11c25f60a1a841c
Hydra Network Logon Cracker 7.6
Posted Jan 3, 2014
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added a wizard script for hydra. Added module for Siemens S7-300. Various other updates and fixes.
tags | tool, web, imap
systems | cisco, unix
MD5 | 62af688a07830d505d227bdaaeff9e0a
Debian Security Advisory 2787-1
Posted Oct 28, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2787-1 - It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitize the _session parameter in steps/utils/save_pref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and subsequently allowing random file access, manipulated SQL queries and even code execution.

tags | advisory, imap, code execution
systems | linux, debian
advisories | CVE-2013-6172
MD5 | ce0385e27ad71d653a72155c0a9a389e
Apple Security Advisory 2013-09-18-3
Posted Sep 19, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-09-18-3 - Xcode 5.0 is now available and addresses a security issue in Git. When using the imap-send command, git did not verify that the server hostname matched a domain name in the X.509 certificate, which allowed a man-in-the-middle attacker to spoof SSL servers via an arbitrary valid certificate. This issue was addressed by updating git to version 1.8.3.1.

tags | advisory, arbitrary, spoof, imap
systems | apple
advisories | CVE-2013-0308
MD5 | 8c0e1f8377579ef9092eca4bbc89914a
Hydra Network Logon Cracker 7.5
Posted Aug 5, 2013
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Moved the license from GPLv3 to AGPLv3. Added module for Asterisk Call Manager. Added support for Android where some functions are not available. Various other updates.
tags | tool, web, imap
systems | cisco, unix
MD5 | a4a5d65fe4f29f57e57808c39cdaaf66
Page 1 of 16
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close