Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
ffe982babe45ec9f674c2df0bd0a79f87feded95e42a590feafaba4dbd11c5e7BoltWire versions 3.5 and below suffer from multiple cross site scripting vulnerabilities.
867b4ee582a95ee6f0520a36a920849d91e7188ae8a379ff7d0be0787ff1d938Uebimiau versions 2.7.11 and below suffer from open redirect and cross site scripting vulnerabilities.
5f6f119f3f4927edb7397c7d27ce0af76e8a5813ac1a85ffe0ce6012dea50016Feng Office version 2.3.2-rc suffers from a cross site scripting vulnerability.
40b47e9967f44d583ce89da957cbbc397e193b6e477657fb9f14023e55e027edALLPlayer version 5.6.2 suffers from a local buffer overflow vulnerability.
21120b218a8965b549f27058d730f8e3a32aae233b64ec6660ba4be0e1bb42c8Apache Sling versions 2.2.0 and 2.3.0 suffer from infinite loop issues that can lead to denial of service.
e8ca4a1b428c43b8ecffd2aa6fcbeba7528df723bd1d9862f6e62bef76dc47ebThis whitepaper demonstrates that an application with access to accelerometer readings on a modern mobile phone can use such information to recover text entered on a nearby keyboard. Note that unlike previous emanation recovery papers, the accelerometers on such devices sample at near the Nyquist rate, making previous techniques unworkable. Their application instead detects and decodes keystrokes by measuring the relative physical position and distance between each vibration. The authors then match abstracted words against candidate dictionaries and record word recovery rates as high as 80%. In so doing, they demonstrate the potential to recover significant information from the vicinity of a mobile device without gaining access to resources generally considered to be the most likely sources of leakage (e.g., microphone, camera).
8ffbeaacc095d55d31d06602fd31459f82961adc52831ec28255647e4ebb59fdCisco Security Advisory - Cisco Firewall Services Module (FWSM) Software for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by command authorization and denial of service vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.
24986f76d8e8103c8314a8401ba31a86c9b73fe2f064d9f21a04e6f5a03a88f6Cisco Security Advisory - Cisco Adaptive Security Appliance (ASA) Software is affected by multiple authentication bypass and denial of service vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of the vulnerabilities.
8a194b186690e867a497abdf334e2b707e6cfd5f582864047d65639a45a407deHP Security Bulletin HPSBGN02930 - Potential security vulnerabilities have been identified with HP Intelligent Management Center(iMC) and HP IMC Service Operation Management Software Module. The vulnerabilities could be remotely exploited resulting in authentication bypass, disclosure of information, unauthorized access, and SQL injection. Revision 1 of this advisory.
ed80653a7b39082fbd690748e17e6d6cb46a3a985f47c9488f5609c7fbb84338HP Security Bulletin HPSBGN02929 - Potential security vulnerabilities have been identified with HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (BIMS). The vulnerabilities could be remotely exploited resulting in code execution and disclosure of information. Note: The vulnerability solutions have been implemented in the iMC BIMS software updates. In order to be interoperable with the iMC BIMS updated software, software updates are required for Comware Based Switches and Routers that use BIMS. The software update information for the Comware Based Switches and Routers is also included in the Resolution section below. Revision 1 of this advisory.
1a9b0267d979f31cf869ca2179651c1ca9f3ca5eca762a3f8e5b9cbf8682aaaeDebian Linux Security Advisory 2771-1 - Hamid Zamani discovered multiple security problems (buffer overflows, format string vulnerabilities and missing input sanitising), which could lead to the execution of arbitrary code.
b57687c38e22878a98e500902d70eb33c32716e5c0fa274e018279b1c0e609baUbuntu Security Notice 1988-1 - It was discovered that Cyrus SASL incorrectly handled certain invalid password salts. An attacker could use this issue to cause Cyrus SASL to crash, resulting in a denial of service.
39d8525bda057699dec1836a6af557d5c5ce99412563368481023a98369849d3Ubuntu Security Notice 1987-1 - Daniel Kahn Gillmor discovered that GnuPG treated keys with empty usage flags as being valid for all usages. Taylor R Campbell discovered that GnuPG incorrectly handled certain OpenPGP messages. If a user or automated system were tricked into processing a specially-crafted message, GnuPG could consume resources, resulting in a denial of service.
fe6b43115bf990088629c8dd208be6d6502447a5e0f1583e80cfafa294f4b8a3Debian Linux Security Advisory 2770-1 - John Fitzpatrick of MWR InfoSecurity discovered an authentication bypass vulnerability in torque, a PBS-derived batch processing queueing system.
f2fdcb75a9312ce5e54011beca4f9336ca38ab399b314819a73d184a1bd429b0U3-Pwn is a tool designed to automate injecting executables to Sandisk smart usb devices with default U3 software install. This is performed by removing the original iso file from the device and creating a new iso with autorun features.
0b90cef33acefa6fd9de6019e76b1e135d077fc7555d57fbf8066aa1052a3f7dflv-player versions 3.5 and below suffer from cross site scripting and content spoofing vulnerabilities.
94fb74e35910da2fab16b7f9e805bd7b138ff19e20118c8c37830e0c8c1d9485
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed