seeing is believing
Showing 101 - 125 of 1,880 RSS Feed

Spoof Files

Apple Security Advisory 2015-08-13-1
Posted Aug 13, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-08-13-1 - Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 is now available and addresses interface spoofing, arbitrary code execution, and various other vulnerabilities.

tags | advisory, arbitrary, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2015-3729, CVE-2015-3730, CVE-2015-3731, CVE-2015-3732, CVE-2015-3733, CVE-2015-3734, CVE-2015-3735, CVE-2015-3736, CVE-2015-3737, CVE-2015-3738, CVE-2015-3739, CVE-2015-3740, CVE-2015-3741, CVE-2015-3742, CVE-2015-3743, CVE-2015-3744, CVE-2015-3745, CVE-2015-3746, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-3750, CVE-2015-3751, CVE-2015-3752, CVE-2015-3753, CVE-2015-3754, CVE-2015-3755
MD5 | 54e34db5857a3e2b16149fb16bf2221b
Red Hat Security Advisory 2015-1551-01
Posted Aug 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1551-01 - Red Hat JBoss Fuse Service Works is the next-generation ESB and business process automation infrastructure. This roll up patch serves as a cumulative upgrade for Red Hat JBoss Fuse Service Works 6.0.0. It includes various bug fixes, which are listed in the README file included with the patch files. The following security issues are also fixed with this release: It was found that async-http-client would disable SSL/TLS certificate verification under certain conditions, for example if HTTPS communication also used client certificates. A man-in-the-middle attacker could use this flaw to spoof a valid certificate.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2013-7397, CVE-2013-7398
MD5 | da7d9181edf51aeee0873fbf7450b0b7
Red Hat Security Advisory 2015-1459-01
Posted Jul 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1459-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by spoofing ::1 addresses. A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.

tags | advisory, denial of service, spoof, protocol
systems | linux, redhat
advisories | CVE-2014-9297, CVE-2014-9298, CVE-2015-1798, CVE-2015-1799, CVE-2015-3405
MD5 | fae2ba19f95684d8408b3bc551cf47ea
Ubuntu Security Notice USN-2672-1
Posted Jul 9, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2672-1 - Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property. Watson Ladd discovered that NSS incorrectly handled Elliptical Curve Cryptography (ECC) multiplication. A remote attacker could possibly use this issue to spoof ECDSA signatures. Various other issues were also addressed.

tags | advisory, remote, spoof
systems | linux, ubuntu
advisories | CVE-2015-2721, CVE-2015-2730
MD5 | 3da8af7b7f62286279380765f4887ddc
NTP MON_GETLIST Query Amplification DDoS
Posted Jul 9, 2015
Authored by Todor Donev

A Network Time Protocol (NTP) Amplification attack is an emerging form of Distributed Denial of Service (DDoS) that relies on the use of publicly accessible NTP servers to overwhelm a victim system with UDP traffic. The NTP service supports a monitoring service that allows administrators to query the server for traffic counts of connected clients. This information is provided via the "monlist" command. The basic attack technique consists of an attacker sending a "get monlist" request to a vulnerable NTP server, with the source address spoofed to be the victim's address. This tool is a proof of concept that demonstrates this attack.

tags | exploit, denial of service, udp, spoof, protocol, proof of concept
MD5 | 927b290ed377bd2256daf8009c796658
ESRS VE 3.0x Certificate Validation / Insufficient Randomness
Posted Jun 29, 2015
Site emc.com

Secure Remote Services (ESRS) Virtual Edition (VE) versions 3.02, 3.03, and 3.04 do not properly validate certificates. Malicious users could potentially exploit this vulnerability to spoof trusted entities by using man-in-the-middle attacks. Session cookie used by ESRS VE is generated using insufficient random values. Malicious users could potentially exploit this vulnerability to gain unauthorized access to authenticated ESRS interfaces.

tags | advisory, remote, spoof
advisories | CVE-2015-0543, CVE-2015-0544
MD5 | da19ab19bdcb3356ed22c692dab516a8
Red Hat Security Advisory 2015-1176-01
Posted Jun 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1176-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. The following security fixes are addressed in this release: It was found that async-http-client would disable SSL/TLS certificate verification under certain conditions, for example if HTTPS communication also used client certificates. A man-in-the-middle attacker could use this flaw to spoof a valid certificate. It was found that async-http-client did not verify that the server hostname matched the domain name in the subject's Common Name or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2013-7397, CVE-2013-7398, CVE-2014-0363, CVE-2014-0364, CVE-2014-3577, CVE-2014-4651, CVE-2014-5075, CVE-2014-8175, CVE-2015-0226, CVE-2015-0227, CVE-2015-1796
MD5 | 5d72436e8fed1f5efcea4f419d078ae6
FireHOL 2.0.3
Posted Apr 27, 2015
Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Fix added to avoid errors when using physin/physout. Note that these parameters are only useful when the traffic travels over a single bridge. Fix added to handle tc output on some systems, courtesy of Phineas Gage.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | 4aa871bd39ecb53b40e86f0efb4b677a
OpenFire XMPP 3.9.3 Certificate Handling
Posted Apr 24, 2015
Authored by Simon Waters, Kim Alvefur

OpenFire XMPP versions 3.9.3 and below incorrectly accepts self-signed certificates potentially allowing for spoofing attacks.

tags | advisory, spoof
advisories | CVE-2014-3451, CVE-2015-2080
MD5 | a241929e240ab08790753986b4b0db93
Ubuntu Security Notice USN-2567-1
Posted Apr 14, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2567-1 - Miroslav Lichvar discovered that NTP incorrectly validated MAC fields. A remote attacker could possibly use this issue to bypass authentication and spoof packets. Miroslav Lichvar discovered that NTP incorrectly handled certain invalid packets. A remote attacker could possibly use this issue to cause a denial of service. Juergen Perlinger discovered that NTP incorrectly generated MD5 keys on big-endian platforms. This issue could either cause ntp-keygen to hang, or could result in non-random keys. Various other issues were also addressed.

tags | advisory, remote, denial of service, spoof
systems | linux, ubuntu
advisories | CVE-2015-1798, CVE-2015-1799
MD5 | 68e74f99cc5e8560803ab798f05835a7
Mandriva Linux Security Advisory 2015-202
Posted Apr 13, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-202 - The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC. The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service by spoofing the source IP address of a peer. The updated packages provides a solution for these security issues.

tags | advisory, denial of service, spoof
systems | linux, mandriva
advisories | CVE-2015-1798, CVE-2015-1799
MD5 | 7a8c01f594afc03d69e3c421ba97bc4a
Mandriva Linux Security Advisory 2015-192
Posted Apr 3, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-192 - Multiple vulnerabilities has been discovered and corrected in subversion. Subversion HTTP servers with FSFS repositories are vulnerable to a remotely triggerable excessive memory use with certain REPORT requests. Subversion mod_dav_svn and svnserve are vulnerable to a remotely triggerable assertion DoS vulnerability for certain requests with dynamically evaluated revision numbers. Subversion HTTP servers allow spoofing svn:author property values for new revisions. The updated packages have been upgraded to the 1.7.20 and 1.8.13 versions where these security flaws has been fixed.

tags | advisory, web, denial of service, spoof, vulnerability
systems | linux, mandriva
advisories | CVE-2015-0202, CVE-2015-0248, CVE-2015-0251
MD5 | 133f2b011d000810debd838ff3282394
Mandriva Linux Security Advisory 2015-141
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-141 - It was discovered that the implementation used by the Not Yet Commons SSL project to check that the server hostname matches the domain name in the subject's CN field was flawed. This can be exploited by a Man-in-the-middle attack, where the attacker can spoof a valid certificate using a specially crafted subject.

tags | advisory, spoof
systems | linux, mandriva
MD5 | 15634ec4dce270e3936a14cfab0691d4
Mandriva Linux Security Advisory 2015-109
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-109 - Jedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments. Mikko Ohtamaa discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. Alex Gaynor discovered that Django incorrectly handled reading files in django.views.static.serve(). A remote attacker could possibly use this issue to cause Django to consume resources, resulting in a denial of service. Keryn Knight discovered that Django incorrectly handled forms with ModelMultipleChoiceField. A remote attacker could possibly use this issue to cause a large number of SQL queries, resulting in a database denial of service. Note that this issue only affected python-django. Cross-site scripting vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonly_fields, as demonstrated by a \@property.

tags | advisory, remote, web, denial of service, arbitrary, spoof, xss, python
systems | linux, mandriva
advisories | CVE-2015-0219, CVE-2015-0220, CVE-2015-0221, CVE-2015-0222, CVE-2015-2241
MD5 | 06b85d60e8c25e286a16dee2e14e0d86
Jolla Phone URI Spoofing
Posted Mar 13, 2015
Authored by Nikolas Sotiriu

Jolla Phone with Sailfish OS versions 1.1.1.27 and below suffer from a telephone URI spoofing vulnerability.

tags | exploit, telephony, spoof
MD5 | 57ef9596cf11861bdc97dd540ee415f4
Apple Security Advisory 2015-03-09-4
Posted Mar 10, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-03-09-4 - Xcode 6.2 is now available and addresses spoofing and validation checking issues.

tags | advisory, spoof
systems | apple
advisories | CVE-2014-3522, CVE-2014-3528, CVE-2014-3580, CVE-2014-8108, CVE-2014-9390
MD5 | ceeba3930bb6c2a58773fbca5c9e9c18
FireHOL 2.0.2
Posted Mar 6, 2015
Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Added option --disable-doc to configure script. Fix to ensure the final firewall close code emits as both ipv4 and ipv6 where appropriate even if only ipv4 or ipv6 was used for the final interface/router.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | 424f39588853c8685db6eda6d3867fbf
Red Hat Security Advisory 2015-0236-01
Posted Feb 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0236-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.1.0 and Red Hat JBoss A-MQ 6.1.0. It includes bug fixes, which are documented in the readme.txt file included with the patch files. The following security issues are addressed in this release: It was found that Apache WSS4J, as used by Apache CXF with the TransportBinding, did not, by default, properly enforce all security requirements associated with SAML SubjectConfirmation methods. A remote attacker could use this flaw to perform various types of spoofing attacks on web service endpoints secured by WSS4J that rely on SAML for authentication.

tags | advisory, remote, web, spoof
systems | linux, redhat
advisories | CVE-2014-3623, CVE-2014-3625
MD5 | 105ad58f81cce4c7328604178aa66a64
FireHOL 2.0.1
Posted Feb 16, 2015
Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: A couple of bug fixes have been addressed.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | 673fa39d4166de831637df086fbfcc13
Mandriva Linux Security Advisory 2015-036
Posted Feb 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-036 - Jedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments. Mikko Ohtamaa discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. Alex Gaynor discovered that Django incorrectly handled reading files in django.views.static.serve(). A remote attacker could possibly use this issue to cause Django to consume resources, resulting in a denial of service.

tags | advisory, remote, denial of service, spoof, xss
systems | linux, mandriva
advisories | CVE-2015-0219, CVE-2015-0220, CVE-2015-0221
MD5 | 036ae02df1f36d7e5e2d39ae60d8554f
Malwarebytes Anti-Malware / Anti-Exploit Update Remote Code Execution
Posted Feb 4, 2015
Authored by todb, Gabor Seljan, Yonathan Klijnsma | Site metasploit.com

This Metasploit module exploits a vulnerability in the update functionality of Malwarebytes Anti-Malware consumer before 2.0.3 and Malwarebytes Anti-Exploit consumer 1.03.1.1220. Due to the lack of proper update package validation a man-in-the-middle attacker could execute arbitrary code by spoofing the update server data-cdn.mbamupdates.com and uploading an executable. This Metasploit module has been tested successfully with MBAM 2.0.2.1012 and MBAE 1.03.1.1220.

tags | exploit, arbitrary, spoof
advisories | CVE-2014-4936
MD5 | 11ee17491f663b3704191ae7e3b0ccc5
Ubuntu Security Notice USN-2469-1
Posted Jan 14, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2469-1 - Jedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments. Mikko Ohtamaa discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. Alex Gaynor discovered that Django incorrectly handled reading files in django.views.static.serve(). A remote attacker could possibly use this issue to cause Django to consume resources, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, spoof, xss
systems | linux, ubuntu
advisories | CVE-2015-0219, CVE-2015-0220, CVE-2015-0221, CVE-2015-0222
MD5 | 6103ad7cfc0235562a4784930dc8929d
Maxthon Browser Address Bar Spoofing
Posted Dec 28, 2014
Authored by Rafay Baloch

Maxthon Browser suffers from an address bar spoofing vulnerability.

tags | exploit, spoof
MD5 | 03f324cbc80f9895fb70716554e95d86
Ubuntu Security Notice USN-2449-1
Posted Dec 22, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2449-1 - Neel Mehta discovered that NTP generated weak authentication keys. A remote attacker could possibly use this issue to brute force the authentication key and send requests if permitted by IP restrictions. Stephen Roettger discovered that NTP generated weak MD5 keys. A remote attacker could possibly use this issue to brute force the MD5 key and spoof a client or server. Stephen Roettger discovered that NTP contained buffer overflows in the crypto_recv(), ctl_putdata() and configure() functions. In non-default configurations, a remote attacker could use these issues to cause NTP to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service. In addition, attackers would be isolated by the NTP AppArmor profile. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | 711278445d5d3720a80ec9f652c7e8a2
Red Hat Security Advisory 2014-2019-01
Posted Dec 19, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-2019-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was discovered that the Apache CXF incorrectly extracted the host name from an X.509 certificate subject's Common Name field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. It was found that Apache WSS4J, as used by Apache CXF with the TransportBinding, did not, by default, properly enforce all security requirements associated with SAML SubjectConfirmation methods. A remote attacker could use this flaw to perform various types of spoofing attacks on web service endpoints secured by WSS4j that rely on SAML for authentication.

tags | advisory, java, remote, web, spoof
systems | linux, redhat
advisories | CVE-2012-6153, CVE-2014-3577, CVE-2014-3623
MD5 | 935e02d048dbe63b85220f4610cb649e
Page 5 of 76
Back34567Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close