Debian Security Advisory 1364-1 - Several vulnerabilities have been discovered in the vim editor. Ulf Harnhammar discovered that a format string flaw in helptags_one() from src/ex_cmds.c (triggered through the "helptags" command) can lead to the execution of arbitrary code. Editors often provide a way to embed editor configuration commands (aka modelines) which are executed once a file is opened. Harmful commands are filtered by a sandbox mechanism. It was discovered that function calls to writefile(), feedkeys() and system() were not filtered, allowing shell command execution with a carefully crafted file opened in vim.
568c5f44ec4fc3ee2bced8b7d5302fe9094997142525e4dbfc74de8974db733e
Debian Security Advisory 1363-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
d5972fd85fbf1afaad38fdca77c8deaa6dfbbe2c955a9fdc5c8d980656e91d62
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
d47133f0c6737d2889bf8da7bdf389fc2268d1c7fa3cd11a52451501eab548bc
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.
6be2b9d8c80c3ce8623695fe34d59e1da13a69e745c495039e6e3840b294cafd
Nuface is a web-based administration tool that generates Edenwall, NuFW, or simple Netfilter firewall rules. It features a high level abstraction on the security policy set by the administrator, and works internally on an XML data scheme. Its philosophy is to let you agglomerate subjects, resources, or protocols into meta-objects, and use those meta objects to generate ACLs, which are then interpreted as netfilter rules by Nupyf, the internal XML parser. This tool may easily be extended to support firewall implementations other than Netfilter.
a7edf4f437067ed02eb4c5f69754186d91a97ae825ef13b44191f5f8ef3b5cde
strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.
137ae23716b42f0cb041571f380cdcd7f6ec9c7a44adf0bd8cc18f92ec335d40
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
fc0fb0c2891ae09854a69512c6b4988964f2eaf62ce80ed6644cb21f87f6056a
Patch for THC's Hydra that adds a dependency checks for openssl needed for the SIP module, modifies checks for libpq.so for Postgresql module, adds a new module for Netware NCP and for Firebird database.
a644e2e1a9eb85606bd9b9f29ac096834058d72e8ab3dca236b8146d7a98e302
The Mambo component AkoBook versions 3.42 and below suffer from a script insertion vulnerability.
f823e27062db2005da028cac1266f9af6b787c932b0f0f56d285469a54d781fa
Whitepaper entitled "Writing a fuzzer using the Fuzzled framework". The paper includes some of the techniques used to dismantle protocols including documentation, observation and static analysis.
85eff0372eb6b927c7f66e8380f04f54c2152fb1202fd191238c82796096ff34
Digital Armaments officially announce the launch of September-October hacking challenge. The challenge starts on September 1. For the September-October Challenge, Digital Armaments will give 5000 credits EXTRA for each submission that results in a Symbian Vulnerability.
99058117285f0858bb032729ae6a61bfc0ebec2e06d4c46647afcc0d6494f723
Marshal MailMarshal suffers from a tar unpacking vulnerability. Versions 6.2.1.3253 and below are affected.
c1af85897e8b92ddf021aaad0de00dfe12eccd804ac25fa5d013251d99085c36
Apache Tomcat version 4.1.31 ships with cal2.jsp that suffers from cross site scripting and cross site request forgery vulnerabilities.
1a5a1b5d1433ef9bdd312654ab6e90a7d50c41a4ade8e8bb2ca09c5eed70c8ed
212cafeBoard version 6.30 Beta suffers from a SQL injection vulnerability.
73543ab3f0681dad10d99843f73ff1ca597544dfa59b755b5c490890cb38cd29
The German fraction of THC stops all activities that have been labeled illegal under the German anti hacker law. The law forbids German citizens to research, discuss or disclose security problems. THC is an independent non-commercial security research organization with over 10 years of experience.
4ac519f2436e67eece867b309cf6040907b049cf37943a3bbf2e65ea4bc6881c
Apple QuickTime versions below 7.2 suffer from an integer overflow vulnerability when parsing SMIL files.
e36c02a2c04082aa2c63f8d1c8a1df4fb25b780e0fa834ce70d526c5f5c15948
ipgrab is a packet sniffing tool, based on the Berkeley packet capture library, that prints complete data-link, network and transport layer header information for all packets it sees. Specifically, this program reads and parses packets from the link layer through the transport layer, dumping explicit header information along the way.
97461e912921c4976ba10eff58e0c0b7cc05978d9fd48e1dd3f2b0992798fb30
Call For Papers for CHASE-2007 Lahore - Conference On Hacking And Security. This conference will be held December 7th through December 8th, 2007.
8f59738bb8a8443dc1cf7986a7e95a7ec1bb41eddeeba4e71b578653fa48a4ae
Toms G
68e5f5c7b6c320884cf7de99e0e04d5ea280d280301c1339f81c9b71d31c7714
Web Oddity web server version 0.09b suffers from a directory traversal vulnerability.
2faa2c5af5fcbc9fbb97e8381df51cef9082f48190169fa0ab55c92546671ff1
This Metasploit module exploits the YoungZSoft CCProxy suite versions 6.2 and below Telnet service. The stack is overwritten when sending an overly long address to the 'ping' command.
52024f7370a1424ff76db38bd57f234310a16730342fb87c67eea957054c84f9
Telecom Italy Alice Messenger remote registry key manipulation exploit.
5ced2ef887bd909dc01196510eb1d3d09b87d3be937a851965869d6005ab6df7
Microsoft Visual Basic version 6.0 VBP_Open OLE local code execution exploit.
2dde94986eb1a6eec380df5aae50265343027d4cff29eb3748ff4619878d5d70
OTSTurntables version 1.00 local buffer overflow exploit.
f95f08503c2a38bdc76c949d87cbd8a3f0fe3bb784328f264fa26ae2cf97e2d9
Virtual DJ version 5.0 local buffer overflow exploit.
330042c5c39c0c4b2b7c5d84de007f24205abbe218b0931722aca87da4ce5737