exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files Date: 2005-08-26 to 2005-08-27

fileutils-4.1.txt
Posted Aug 26, 2005
Authored by Carlos Carvalho | Site nutshell.gotfault.net

Fileutils 4.1 programs crash when working with huge directory trees. Proof of concept included.

tags | advisory, proof of concept
SHA-256 | 9b92da80932cccb05d1b78007d83a22161864bc8382d6afa2e21cdfded8047e5
PSA-05-014.txt
Posted Aug 26, 2005
Authored by Paul J Docherty | Site portcullis-security.com

HP OpenView Network Node Manager 6.41 and 7.5 running on Solaris 8 and possibly other versions suffer from an input sanitization vulnerability leading to command execution.

tags | advisory
systems | solaris
SHA-256 | 3e81f46fdcedfadbe17c7ee06e37ef2087c97af56053ad55459cd886e0a9cd78
rt-sa-2005-014.txt
Posted Aug 26, 2005
Authored by RedTeam Pentesting | Site redteam-pentesting.de

The new iTAN security feature for online banking promoted by german banks does not protect against phishing attacks and trojans as claimed.

tags | advisory, trojan
SHA-256 | cb1adf92269713fa4bf2b3ab42a898b4be796883e01115470b2291968fd231e9
notSPIKEfile.tgz
Posted Aug 26, 2005
Authored by Adam Greene | Site labs.idefense.com

notSPIKEfile is a Linux based file format fuzzing tool. It was designed to automate the launching of applications and detection of exceptions caused by fuzzed files. It operates on an existing valid file and creates fuzzed files. It utilizes ptrace to pick up interesting signals and dump register state.

tags | fuzzer
systems | linux
SHA-256 | a2711126e8e8aebe618ca5d104cfa7e7468de6b5e3b1deee14a96dc6200dd065
FileFuzz.zip
Posted Aug 26, 2005
Authored by Michael Sutton | Site labs.idefense.com

FileFuzz is a graphical, Windows based file format fuzzing tool. FileFuzz was designed to automate the creation of abnormal file formats and the execution of applications handling these files. FileFuzz also has built in debugging capabilities to detect exceptions resulting from the fuzzed file formats.

tags | fuzzer
systems | windows
SHA-256 | 5a48c119109eb4bb7ff3b47201cae195735e48aa12255c9ab609f151d6fd7ee7
SPIKEfile.tgz
Posted Aug 26, 2005
Authored by Adam Greene | Site labs.idefense.com

SPIKEfile is a Linux based file format fuzzing tool, based on SPIKE 2.9. It was designed to automate the launching of applications and detection of exceptions caused by fuzzed files. It uses standard SPIKE scripts to generate files and utilizes ptrace to pick up interesting signals and dump register state.

tags | fuzzer
systems | linux
SHA-256 | 56cfbaebafdad233b4cdf6e8075cef5dfbee94c35cdf1f519178d47016e00352
airt-0.4.2.tar.bz2
Posted Aug 26, 2005
Authored by madsys | Site sourceforge.net

AIRT (Advanced incident response tool) is a set of incident response assistance tools for Linux. Tools allow you to look for hidden modules, processes, and ports. Additionally, two tools will dump and analyze hidden modules.

Changes: Bugfix release
tags | tool, forensics
systems | linux
SHA-256 | fa4e37a903f7eb885ccc5be899262208a30d0272b59169f9e477b5de7ea0879f
gsasl-0.2.7.tar.gz
Posted Aug 26, 2005
Authored by Simon Josefsson

GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.

Changes: Various minor fixes and additions.
tags | imap, library
SHA-256 | 77a6b3f2b104bd6387f228dfd1f65ac68c4fc61ecad61c8b62e4a332791f082f
sysmask-1.04.tgz
Posted Aug 26, 2005
Authored by XIAO Gang | Site wims.unice.fr

Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.

Changes: Some minor fixes and improvements.
tags | worm, arbitrary
systems | linux
SHA-256 | e79617a3497971702e0be67e1f70480b75311ba9e0f36b43e84dacf09d1d3019
Evil.Shell.Backdoor_1.0.5.c
Posted Aug 26, 2005
Authored by Lympex | Site l-bytes.tk

Password protected windows bind/reverse shell backdoor written in Visual C++ Archive password is set to p4ssw0rd. Use at your own risk.

tags | shell, trojan
systems | windows
SHA-256 | 0475009407cb1326228f33e0edd9b896
astaro-6.0.txt
Posted Aug 26, 2005
Authored by Oliver Karow | Site oliverkarow.de

Astaro Security Linux 6.0.0.1 suffers from several vulnerabilities.

tags | advisory, vulnerability
systems | linux
SHA-256 | 23dc7633c5a9b447fdb1049d7a5414bb229327bbae59eb7b99df53cbe0999110
Mandriva Linux Security Advisory 2005.152
Posted Aug 26, 2005
Authored by Mandriva | Site mandriva.com

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.

tags | advisory, overflow, arbitrary, perl
SHA-256 | e296dc932558876aa03691cc4ba4a8ff742813c8186cbe20bf4bf2e7e1e662ba
Mandriva Linux Security Advisory 2005.151
Posted Aug 26, 2005
Authored by Mandriva | Site mandriva.com

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.

tags | advisory, overflow, arbitrary, perl
SHA-256 | 67dac94f58834ac95814d61aff301273abab4bf7af28c2c919f89dbece0aae80
Mandriva Linux Security Advisory 2005.150
Posted Aug 26, 2005
Authored by Mandriva | Site mandriva.com

A vulnerability in bluez-utils was discovered by Henryk Plotz. Due to missing input sanitizing, it was possible for an attacker to execute arbitrary commands supplied as a device name from the remote bluetooth device.

tags | advisory, remote, arbitrary
SHA-256 | c78df857068d0651a0e2e8ea70b1df85952d226a1d91be949a7a2474ffc93450
Mandriva Linux Security Advisory 2005.149
Posted Aug 26, 2005
Authored by Mandriva | Site mandriva.com

Javier Fernandez-Sanguino Pena discovered that the pwmconfig script in the lm_sensors package created temporary files in an insecure manner. This could allow a symlink attack to create or overwrite arbitrary files with full root privileges because pwmconfig is typically executed by root.

tags | advisory, arbitrary, root
SHA-256 | 1eb757480487e5bde151ffe0b5c8a09b452e11ae2137fe90de1c1c1398988c76
Debian Linux Security Advisory 785-1
Posted Aug 26, 2005
Authored by Debian | Site debian.org

It has been discovered that libpam-ldap, the Pluggable Authentication Module allowing LDAP interfaces, ignores the result of an attempt to authenticate against an LDAP server that does not set an optional data field.

tags | advisory
SHA-256 | a74992637e7caddaf288f4816c0a816ce56ad09221e09eaa931c5a8815a9e774
Debian Linux Security Advisory 784-1
Posted Aug 26, 2005
Authored by Debian | Site debian.org

A problem has been discovered in the Courier Mail Server. DNS failures were not handled properly when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption. The default configuration on Debian has SPF checking disabled, so most machines are not vulnerable. This is explained in the "courier" manpage, section SENDER POLICY FRAMEWORK KEYWORDS.

tags | advisory
systems | linux, debian
SHA-256 | 4791db65b070115c9319262602f28a2428e8d493c034f745fedfc4a9a49b79ff
Gentoo Linux Security Advisory 200508-17
Posted Aug 26, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200508-17 - libpcre fails to check certain quantifier values in regular expressions for sane values. Versions less than 6.3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2005-2491
SHA-256 | 224bda203275253f4274882215e35069c1a73ee408abb30f862e41a7cc47ac47
050819-securing-mac-os-x-tiger.pdf
Posted Aug 26, 2005
Authored by Stephen de Vries | Site corsaire.com

Corsaire (www.corsaire.com/white-papers/) has released a fully updated version of their guide to securing Mac OS X to cover the new security features offered by Mac OS X 10.4 Tiger (such as ACLs) as well as incorporating additional security guidelines that were omitted in the original (10.3) guide.

systems | apple, osx
SHA-256 | 1ea81aaa2aa236628ac103090c6ba94ca9fabfeb20d246d321c0a91cc7b54d51
Secunia Security Advisory 16494
Posted Aug 26, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or bypass certain security restrictions.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux
SHA-256 | 51b1c5f0892cfab0d57a8221cd05d237a39bd44486061557538e74f451378444
Secunia Security Advisory 16534
Posted Aug 26, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Maksymilian Arciemowicz has discovered a vulnerability in PostNuke, which can be exploited by malicious administrative users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 133ece29c89761df1c92e41b04b9a93bdb747053223f15aa1c95b3621f9b2968
Secunia Security Advisory 16540
Posted Aug 26, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for tor. This fixes a vulnerability, which potentially can be exploited by malicious people to disclose or modify certain sensitive information.

tags | advisory
systems | linux, gentoo
SHA-256 | c673188a76d0dafc7c15679819b22ea46f7c6da5fa110372843de5dd81a15698
Secunia Security Advisory 16556
Posted Aug 26, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Donato Ferrante has discovered a vulnerability in Home FTP Server, which can be exploited by malicious users to access arbitrary files on a vulnerable system.

tags | advisory, arbitrary
SHA-256 | 2b755b75be2fa4b2ebd14998b8a07242a92f17271db2939dc5d2441e908f90d9
Secunia Security Advisory 16558
Posted Aug 26, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in phpGroupWare, which can be exploited by malicious administrative users to conduct script insertion attacks, or by malicious people to bypass certain security restrictions or compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 2cee8ba228708e549f7d184c6322bb69c7c38a1ec6d4ae42c915e108b42f8ea5
Secunia Security Advisory 16559
Posted Aug 26, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Filip Sneppe has reported a vulnerability in Apache, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 38f4737b6e6cdc8991b8227d81480f79f3ddfbc995425df1acd9c74c836cb2ca
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close