Twenty Year Anniversary
Showing 101 - 125 of 1,899 RSS Feed

Spoof Files

Yahoo Email Spoofing
Posted Mar 14, 2016
Authored by Lawrence Amer | Site vulnerability-lab.com

Yahoo's mail web application suffered from a From: spoofing vulnerability.

tags | exploit, web, spoof
MD5 | b8a73a0e8f130ab4a2bf75ba38608145
Debian Security Advisory 3510-1
Posted Mar 10, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3510-1 - Multiple security issues have been found in Iceweasel, Debian's version buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service, address bar spoofing and overwriting local files.

tags | advisory, denial of service, overflow, arbitrary, local, spoof
systems | linux, debian
advisories | CVE-2016-1950, CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
MD5 | 3856f64c1b17b8669f61c303d59b744b
Debian Security Advisory 3492-1
Posted Feb 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3492-1 - Daniel Gultsch discovered in Gajim, an XMPP/jabber client. Gajim didn't verify the origin of roster update, allowing an attacker to spoof them and potentially allowing her to intercept messages.

tags | advisory, spoof
systems | linux, debian
advisories | CVE-2015-8688
MD5 | 7f990faefcadc55fd4c0588fa966b7be
ArpON Arp Handler Inspection 3.0
Posted Feb 5, 2016
Authored by Andrea Di Pasquale | Site arpon.sourceforge.net

ArpON (Arp handler inspectiON) is a portable ARP handler. It detects and blocks all ARP poisoning/spoofing attacks with the Static Arp Inspection (SARPI) and Dynamic Arp Inspection (DARPI) approaches on switched/hubbed LAN with/without DHCP protocol.

Changes: ArpON has been rewritten from scratch.
tags | tool, spoof, protocol
systems | unix
MD5 | a89ef9bc18e6f0fc9aa8a89aa676a281
IOKit Methods Being Called Without Locks From IOServiceClose
Posted Jan 27, 2016
Authored by Google Security Research, ianbeer

It turns out that the spoofed no-more-senders notification bug when applied to iokit objects was actually just a more complicated way to hit ::clientClose in parallel. You can in fact do this very simply by calling IOServiceClose on two threads. Like the spoofed notifications this leads to many bugs in many userclients, the exact nature of which depends on the semantics of the clientClose implementation.

tags | exploit, spoof
systems | linux
advisories | CVE-2016-1720
MD5 | e994715ca79002c392401ecf2840bc78
iOS / OS X Unsandboxable Kernel Use-After-Free In Mach Vouchers
Posted Jan 27, 2016
Authored by Google Security Research, ianbeer

The mach voucher subsystem fails to correctly handle spoofed no-more-senders messages. ipc_kobject_server will be called for mach messages sent to kernel-owned mach ports. If the msgh_id of the message can't be found in the mig_buckets hash table then this function calls ipc_kobject_notify. Note that this is the same code path which would be taken for a real no-more-senders notification message but there's nothing stopping user-space from also just sending one.

tags | exploit, kernel, spoof
systems | linux
advisories | CVE-2015-7047
MD5 | f73aa665165c84bf8cb4ba7932b541b6
FireHOL 3.0.1
Posted Jan 11, 2016
Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Added ipv6mld to simplify enabling Multicast Listener Discovery in FireHOL. Added pre_up to run commands immediately before an interface is started in VNetBuild. Various other improvements.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | 1b458dd49cd249a45ba330ace516d053
Red Hat Security Advisory 2015-2650-01
Posted Dec 21, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2650-01 - Red Hat Enterprise Linux OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service cloud based on Red Hat Enterprise Linux OpenStack Platform. It was discovered that the director's NeutronMetadataProxySharedSecret parameter remained specified at the default value of 'unset'. This value is used by OpenStack Networking to sign instance headers; if unchanged, an attacker knowing the shared secret could use this flaw to spoof OpenStack Networking metadata requests.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2015-5303, CVE-2015-5329
MD5 | 049722414839ad2bc19e573329514bed
FireHOL 3.0.0
Posted Dec 20, 2015
Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Bidirectional fixes. Now accepts parameters case insensitive. Various other improvements.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | 0f4bed6175e71065ee74bd140436f09e
Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution
Posted Dec 11, 2015
Authored by Jay Turla, Matt Thayer, Conor Patrick | Site metasploit.com

This Metasploit module allows remote command execution on an IRC Bot developed by xdh. This perl bot was caught by Conor Patrick with his shellshock honeypot server and is categorized by Markus Zanke as an fBot (Fire & Forget - DDoS Bot). Matt Thayer also found this script which has a description of LinuxNet perlbot. The bot answers only based on the servername and nickname in the IRC message which is configured on the perl script thus you need to be an operator on the IRC network to spoof it and in order to exploit this bot or have at least the same ip to the config.

tags | exploit, remote, perl, spoof
MD5 | 76760e94b9460abe182c2c2992e2e8fb
Red Hat Security Advisory 2015-2378-01
Posted Nov 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2378-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. It was found that Squid configured with client-first SSL-bump did not correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a Squid server using a specially crafted X.509 certificate. This update fixes the following bugs: Previously, the squid process did not handle file descriptors correctly when receiving Simple Network Management Protocol requests. As a consequence, the process gradually accumulated open file descriptors. This bug has been fixed and squid now handles SNMP requests correctly, closing file descriptors when necessary.

tags | advisory, web, spoof, protocol
systems | linux, redhat
advisories | CVE-2015-3455
MD5 | 17e276f88b27c3e876ee6f16daa311dc
Red Hat Security Advisory 2015-2231-04
Posted Nov 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2231-04 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by spoofing ::1 addresses. A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.

tags | advisory, denial of service, spoof, protocol
systems | linux, redhat
advisories | CVE-2014-9297, CVE-2014-9298, CVE-2014-9750, CVE-2014-9751, CVE-2015-1798, CVE-2015-1799, CVE-2015-3405
MD5 | 738d8a326cd620fcecec2cb10f69355b
Alcatel-Lucent Home Device Manager Spoofing
Posted Nov 3, 2015
Authored by Dr. Ulrich Fiedler | Site swisscom.ch

A vulnerability has been discovered in the TR069 protocol that can potentially affect all Automatic Configuration Servers (ACS). The issue has been fixed in the Home Device Manager (HDM) product from Alcatel-Lucent with an anti-spoofing filter. HDM allows service providers to remotely manage CPEs, such as residential gateways, IP set-top boxes, and VoIP terminal adapters that comprise a home networking environment. The vulnerability allows an attacker to perform impersonation attacks by spoofing CPE using tr-069 (cwmp) Protocol. An attacker could gain unauthorized access to third-party SIP Credentials for the spoofed device and perform illegal activities (phone fraud). The vulnerability has been tested and confirmed. Versions prior to 4.1.10 may be affected.

tags | advisory, spoof, protocol
advisories | CVE-2015-6498
MD5 | 0d4969094c3655283cb43d570bec43e6
Cisco Security Advisory 20151021-asa-dns2
Posted Oct 22, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the DNS code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected system to reload. The vulnerability is due to improper processing of DNS packets. An attacker could exploit this vulnerability by sending a request to an affected Cisco ASA appliance to cause it to generate a DNS request packet. The attacker would need to spoof the reply packet with a crafted DNS response.

tags | advisory, remote, spoof
systems | cisco
MD5 | 2a98e7877133069aa557bb4f09adc256
Red Hat Security Advisory 2015-1888-01
Posted Oct 12, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1888-01 - Red Hat JBoss SOA Platform is the next-generation ESB and business process automation infrastructure. Red Hat JBoss SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. It was found that the code which checked that the server hostname matches the domain name in a subject's Common Name field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2012-6153, CVE-2013-7285, CVE-2014-0107, CVE-2014-0248, CVE-2014-3530, CVE-2014-3577, CVE-2014-3604
MD5 | 987305b75468f73ddd91c0d8c0bec9dc
Apple Safari 8.0.8 URI Spoofing
Posted Oct 5, 2015
Authored by Antonio Sanso

Apple Safari version 8.0.8 was prone to a URI spoofing vulnerability.

tags | advisory, spoof
systems | apple
advisories | CVE-2015-5764
MD5 | 3ac247c6c8b6633a8d362e695f04e462
Apple Security Advisory 2015-09-30-02
Posted Oct 1, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-09-30-02 - Safari 9 is now available and addresses spoofing, communication compromise, and various other vulnerabilities.

tags | advisory, spoof, vulnerability
systems | apple
advisories | CVE-2015-3801, CVE-2015-5764, CVE-2015-5765, CVE-2015-5767, CVE-2015-5780, CVE-2015-5788, CVE-2015-5789, CVE-2015-5790, CVE-2015-5791, CVE-2015-5792, CVE-2015-5793, CVE-2015-5794, CVE-2015-5795, CVE-2015-5796, CVE-2015-5797, CVE-2015-5798, CVE-2015-5799, CVE-2015-5800, CVE-2015-5801, CVE-2015-5802, CVE-2015-5803, CVE-2015-5804, CVE-2015-5805, CVE-2015-5806, CVE-2015-5807, CVE-2015-5808, CVE-2015-5809, CVE-2015-5810
MD5 | 630d3059674f988d08dfab9c6bb1fd5e
HP Security Bulletin HPSBGN03424 1
Posted Oct 1, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03424 1 - A potential security vulnerability was been identified in HP Cloud Service Automation version v4.5. The vulnerability could be exploited to allow remote authentication bypass. Note: HP C.A. contains a version of Node.js, that when used in FIPS mode is affected by Alternative Chains Certificate Forgery Vulnerability (CVE-2015-1793). The vulnerability may allow remote attacker to spoof a Certification Authority role and trigger unintended certificate verification. Revision 1 of this advisory.

tags | advisory, remote, spoof
advisories | CVE-2015-1793
MD5 | ea91af0da3cd17e871b4f1be10d6ab21
EMC Secure Remote Services Virtual Edition Insecure Certificate Check
Posted Aug 18, 2015
Authored by Securify B.V., Han Sahin

It was discovered that the server certificate validation checks performed by EMC Secure Remote Services Virtual Edition are insecure. Weak certificate validation allows attackers to perform a man in the middle attack against ESRS connections. This allows for eavesdropping on, and spoofing of provisioned devices in ESRS VE (including but not limited to home calls to the ESRS portal esrs.emc.com). Versions 3.02, 3.03, and 3.04 are affected.

tags | advisory, remote, spoof
advisories | CVE-2015-0543
MD5 | 7422644d438f591155d98b9d637802f4
Apple Security Advisory 2015-08-13-1
Posted Aug 13, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-08-13-1 - Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 is now available and addresses interface spoofing, arbitrary code execution, and various other vulnerabilities.

tags | advisory, arbitrary, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2015-3729, CVE-2015-3730, CVE-2015-3731, CVE-2015-3732, CVE-2015-3733, CVE-2015-3734, CVE-2015-3735, CVE-2015-3736, CVE-2015-3737, CVE-2015-3738, CVE-2015-3739, CVE-2015-3740, CVE-2015-3741, CVE-2015-3742, CVE-2015-3743, CVE-2015-3744, CVE-2015-3745, CVE-2015-3746, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-3750, CVE-2015-3751, CVE-2015-3752, CVE-2015-3753, CVE-2015-3754, CVE-2015-3755
MD5 | 54e34db5857a3e2b16149fb16bf2221b
Red Hat Security Advisory 2015-1551-01
Posted Aug 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1551-01 - Red Hat JBoss Fuse Service Works is the next-generation ESB and business process automation infrastructure. This roll up patch serves as a cumulative upgrade for Red Hat JBoss Fuse Service Works 6.0.0. It includes various bug fixes, which are listed in the README file included with the patch files. The following security issues are also fixed with this release: It was found that async-http-client would disable SSL/TLS certificate verification under certain conditions, for example if HTTPS communication also used client certificates. A man-in-the-middle attacker could use this flaw to spoof a valid certificate.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2013-7397, CVE-2013-7398
MD5 | da7d9181edf51aeee0873fbf7450b0b7
Red Hat Security Advisory 2015-1459-01
Posted Jul 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1459-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by spoofing ::1 addresses. A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.

tags | advisory, denial of service, spoof, protocol
systems | linux, redhat
advisories | CVE-2014-9297, CVE-2014-9298, CVE-2015-1798, CVE-2015-1799, CVE-2015-3405
MD5 | fae2ba19f95684d8408b3bc551cf47ea
Ubuntu Security Notice USN-2672-1
Posted Jul 9, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2672-1 - Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property. Watson Ladd discovered that NSS incorrectly handled Elliptical Curve Cryptography (ECC) multiplication. A remote attacker could possibly use this issue to spoof ECDSA signatures. Various other issues were also addressed.

tags | advisory, remote, spoof
systems | linux, ubuntu
advisories | CVE-2015-2721, CVE-2015-2730
MD5 | 3da8af7b7f62286279380765f4887ddc
NTP MON_GETLIST Query Amplification DDoS
Posted Jul 9, 2015
Authored by Todor Donev

A Network Time Protocol (NTP) Amplification attack is an emerging form of Distributed Denial of Service (DDoS) that relies on the use of publicly accessible NTP servers to overwhelm a victim system with UDP traffic. The NTP service supports a monitoring service that allows administrators to query the server for traffic counts of connected clients. This information is provided via the "monlist" command. The basic attack technique consists of an attacker sending a "get monlist" request to a vulnerable NTP server, with the source address spoofed to be the victim's address. This tool is a proof of concept that demonstrates this attack.

tags | exploit, denial of service, udp, spoof, protocol, proof of concept
MD5 | 927b290ed377bd2256daf8009c796658
ESRS VE 3.0x Certificate Validation / Insufficient Randomness
Posted Jun 29, 2015
Site emc.com

Secure Remote Services (ESRS) Virtual Edition (VE) versions 3.02, 3.03, and 3.04 do not properly validate certificates. Malicious users could potentially exploit this vulnerability to spoof trusted entities by using man-in-the-middle attacks. Session cookie used by ESRS VE is generated using insufficient random values. Malicious users could potentially exploit this vulnerability to gain unauthorized access to authenticated ESRS interfaces.

tags | advisory, remote, spoof
advisories | CVE-2015-0543, CVE-2015-0544
MD5 | da19ab19bdcb3356ed22c692dab516a8
Page 5 of 76
Back34567Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    6 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    3 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close