OpenStego is a tool implemented in Java for image based steganography, with support for password-based encryption of the data. It currently supports embedding of messages/files in a 24bpp images.
0e37d0f208d8a7bba8ad2e9bba60fec0f95d0e607d9f8dbb0fd784541e31949e
Secunia Security Advisory - Cold z3ro has discovered a vulnerability in osDate, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
1b120b53beadf6fa55ea299ad080f58f9e563352980b0db3e7d1ffe15f787e52
Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in MaxDB, which can be exploited by malicious people to compromise a vulnerable system.
158de747918ee47eb80231fe82c2af939d18d200c9f43f485e9695be35fe5430
Ubuntu Security Notice 567-1 - It was discovered that in very rare configurations using LDAP, Dovecot may reuse cached connections for users with the same password. As a result, a user may be able to login as another if the connection is reused. The default Ubuntu configuration of Dovecot was not vulnerable.
10edd7dfa552e081a9efdf0456b8b2e790f1e5e3ae9656b8eb5ae5af1f8914cb
Debian Security Advisory 1458-1 - A race condition in the OpenAFS fileserver allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock.
5180ac699d9ea80ee50b0c73321d1f53f9681d2216ece286275ee402e6eebdfc
Mandriva Linux Security Advisory - An integer overflow in the Exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
70fbc581a044cc32554907f321efaaabce87631eb2a2ae9602a232016225049b
The Apple Quicktime Player versions 7.3.1.70 and below suffer from a buffer overflow vulnerability during the filling of the LCD-like screen containing info about the status of the connection.
f26a1f120bf5f59a3f5ead9fa37499d578dc7f17d95a04199b428150d31705df
SunOS version 5.10 remote ICMP kernel crash exploit that uses a null pointer dereference.
4f502a1609d22fb4487af70f3928426c4d43ffa37155fbfbc203d14ead1d9fb3
ID-Commerce suffers from a blind SQL injection vulnerability in liste.php.
d0c244dc23bcb41e8703696b8e6c066d68d3e6f82e75ce062cf989db2c2bcba9
Information on pwning the BT Home Hub regarding the exploitation of IGDs remotely via UPnP.
cc12e6ccf90e535582c2741f87e8c2594e1580a93c102655f8b333c03ce6240f
Evilsentinel versions 1.0.9 and below disable exploit.
0595c9d3763d5054a1f2942824f6534b5cf192f5ec8514bc8743db39e1fd1a7d
DomPHP version 0.81 suffers from a remote file inclusion vulnerability.
053357975922c330c36cb948a52e0a78003a4c661402f0f348eaed977b148ce2
MTCMS versions 2.0 and below suffer from remote SQL injection vulnerabilities.
a8d5ec538dcdd832a4e6b49e1acbed4324ac43c07cf4eeecd3c4e1b40e88b757
Sun Java System Identity Manager version 6.0, Sun Java System Identity Manager version 7.0, and Sun Java System Identity Manager version 7.1 are susceptible to cross domain redirection, cross site scripting, and frame injection vulnerabilities.
d6006a16a69c00bd066f6cb36ecb14b95ece02d9fc7932ef0a831f29ef9988fd
CALL FOR PARTICIPATION uCon 2008 - uCon will be a totally informal and non-profit conference (actually a small gathering of friends, hackers, computer security enthusiasts and idiots alike) taking place in Recife, Pernambuco, in 9th of February 2008 -- three days after the best street carnival in the world. The conference aims to bring together academics, hackers and information security enthusiasts to share cutting-edge ideas and thoughts about their latest developments and techniques in the field.
56b2fc25a332c019fad771f0c6d0dcaa4ae83b9f3ccbd2e76d66b00aa2c9e53f
Secunia Security Advisory - Some vulnerabilities have been reported in Xen, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
944e383f361585e18d023271c87626378329e99d242962591152f91ebd32462c
Secunia Security Advisory - A vulnerability has been reported in vtiger CRM, which can be exploited by malicious people to disclose potentially sensitive information.
ddfa138b5aafdd4e9339fd64f777f3f3520db3e7c6b602e80439fce7b43628a9
Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in VLC Media Player, which can potentially be exploited by malicious people to compromise a user's system.
8b38a95aedacb3f85c3d87c01badd61bc4afa60397d2c5488e5d40217235eb20
Secunia Security Advisory - j0j0 has discovered a vulnerability in DomPHP, which can be exploited by malicious people to conduct SQL injection attacks.
5e367fe8d90b117d9f3e71e2deab3ec82babdeaeaf3131054f42b76e429a9518
Secunia Security Advisory - Ingate has acknowledged a vulnerability in Ingate Firewall and SIParator, which can be exploited by malicious people to cause a DoS (Denial of Service).
7eb0bbb8134d188757e0b956283837ce52154f0cab0bf2929b54506178ae7f91
Secunia Security Advisory - Debian has issued an update for dovecot. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.
179bb36280904c17f9aa674411794bf5f5bcf4a754d56ea2c5e57b8c26a6cf89
Secunia Security Advisory - Some vulnerabilities have been reported in Kolab Server, where one vulnerability has an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
753759cdecac84b9e7e2899fc307837bc5c293e919d0a22e6757e286a8c2deb0
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
c183e27457b7b8ad1e4394b63b761255bef9ab9117ed78332c749ab2060ec586
Ubuntu Security Notice 566-1 - Jan Pechanec discovered that ssh would forward trusted X11 cookies when untrusted cookie generation failed. This could lead to unintended privileges being forwarded to a remote host.
723ac7ad630c442447baba415ce306f18a8eedcd2fef5ba9b32127a0d187d85c
Ubuntu Security Notice 565-1 - It was discovered that Squid did not always clean up cache memory correctly. A remote attacker could manipulate cache update replies and cause Squid to use all available memory, leading to a denial of service.
fbb9452e0c8107c455ae7948edcffa61a8c4fc843e406b3dc1479c76067aee88