what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 70 RSS Feed

Files Date: 2007-04-12

strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Apr 12, 2007
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: Server side cookie support. Configuration options added. Fixed a bug in the pluto IKEv1 daemon.
tags | kernel, encryption
systems | linux
SHA-256 | 44ed6ce785e62d54671a98df35d522e7187e2f0b1bd55d2c097ebb2ae647f665
mimedefang-2.62.tar.gz
Posted Apr 12, 2007
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: Various enhancements and bug fixes.
systems | windows, unix
SHA-256 | 95fcc2b43f6b6de3e0349e97ddb4994024dd52157b285c31380f1a99e2348611
Pound-2.3.tgz
Posted Apr 12, 2007
Authored by roseg | Site apsis.ch

Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.

Changes: Added display of configuration switches. Added grace period for shutdown.
tags | web
SHA-256 | 2aec3da07856ca2b53b834bdba8a820a130854e02426de41d8eabcf6c4c11606
phpfaber-include.txt
Posted Apr 12, 2007
Authored by Dr.RoVeR

phpFaber TopSites version 3 suffers from a remote file disclosure vulnerability.

tags | exploit, remote
SHA-256 | 10eb9f8d61e9486a57dad483d4bda6b998dc7a939cfb79bbd11510cd05518533
chatness253-multi.txt
Posted Apr 12, 2007
Authored by Gammarays

Chatness versions 2.5.3 and below suffer from multiple vulnerabilities including file overwrite and password disclosure issues.

tags | exploit, vulnerability
SHA-256 | e5e0cc65179e56734e1e8783fea84346fb81d711d4417d44f34d53f1b0f3bce0
iDEFENSE Security Advisory 2007-04-12.1
Posted Apr 12, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 04.12.07 - Remote exploitation of a buffer overflow vulnerability in pfs_mountd.rpc included in multiple versions of Hewlett Packard Co. HP-UX allows for remote root access. If a remote user sends two specially crafted packets over UDP, the buffer overflow is triggered. One must first send a call to procedure 5, and soon thereafter send the actual payload to procedure 2. Due to the closed nature of the pfs_mountd.rpc protocol specification, it is unclear at this time what functions the respective procedures actually perform. iDefense has confirmed the existence of this vulnerability in HP-UX 11.11i. It is suspected that previous versions are also vulnerable.

tags | advisory, remote, overflow, root, udp, protocol
systems | hpux
SHA-256 | 7913b6361bb35be7ac9c32e720241afaa2fc35a3aae1a055514a85ef9ffa7179
airodump-ng.txt
Posted Apr 12, 2007
Authored by Jonathan So | Site nop-art.net

Aircrack-ng version 0.7 suffers from a buffer overflow vulnerability. Full exploit provided.

tags | exploit, overflow
SHA-256 | 6582f5ccdd7c448ca04681f9147f6023c764bd542165cfa411535d9790da8333
HP Security Bulletin 2007-13.39
Posted Apr 12, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified in HP-UX with the Portable File System (PFS). The vulnerability could be exploited remotely to gain an increase in privilege.

tags | advisory
systems | hpux
SHA-256 | 1e26e9e35bc4a6b069108b4e40f0d6cc2a542c4f77d867f726e60051920e964d
facdb-disclose.txt
Posted Apr 12, 2007
Authored by the_Edit0r | Site xmors-security.com

FAC GuestBook version 2.0 suffers from a remote database disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 17e0da7cb18e5c5707b68b4e5c371c29d182e2ff9a406e65fb6bf98ac8f647bf
phpwebnews1-xss.txt
Posted Apr 12, 2007
Authored by the_Edit0r | Site xmors-security.com

phpwebnews 1.x suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 4b02111e9551f1b07e3a0f78a6729624949d0737a89ef8016ca5a596641893a7
tumushika-xss.txt
Posted Apr 12, 2007
Authored by the_Edit0r | Site xmors-security.com

TuMusika Evolution version 1.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4a9550b19681bcc8a91d4af1660099431c0eab05da82ec9c4ffb9dd6776f99b6
doopCMS13x-xss.txt
Posted Apr 12, 2007
Authored by KaBuS | Site kabustr.com

Doop Content Management System 1.3.x suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | a59ba42fd83876b763b12ce676fcb9372e3d42c000aa54c5dcf166bd7b133a90
Cisco Security Advisory 20070412-wcs
Posted Apr 12, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Wireless Control System (WCS) works in conjunction with Cisco Aironet Lightweight Access Points, Cisco Wireless LAN Controllers, and the Cisco Wireless Location Appliance by providing tools for wireless LAN planning and design, system configuration, location tracking, security monitoring, and wireless LAN management. Cisco WCS contains multiple vulnerabilities that can result in information disclosure, privilege escalation, and unauthorized access through fixed authentication credentials.

tags | advisory, vulnerability, info disclosure
systems | cisco
SHA-256 | 70c67f785bad81482ffdaa8fe9d94b5ae40ff6c1058bbb52aa6857069255ae0c
Cisco Security Advisory 20070412-wlc
Posted Apr 12, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Wireless LAN Controller (WLC) manages Cisco Aironet access points using the Lightweight Access Point Protocol (LWAPP). The WLC contains multiple vulnerabilities that could result in a denial of service (DoS) condition, information disclosure, or access control list changes, or allow an attacker to gain full administrative access.

tags | advisory, denial of service, vulnerability, protocol, info disclosure
systems | cisco
SHA-256 | 7693ba2c5c97846ef00c583198c576061b370e4f9223a6770643dbd018c8d7f5
HP Security Bulletin 2007-13.54
Posted Apr 12, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.

tags | advisory, vulnerability
SHA-256 | 175ef1da000f7da99a7dbf86b9f482cc7918b335897055016ee550848b27a379
HP Security Bulletin 2006-11.20
Posted Apr 12, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running ARPA Transport. The vulnerability could be exploited by a local user to create a Denial of Service (DoS).

tags | advisory, denial of service, local
systems | hpux
SHA-256 | e7a2bbd565f1f912aeec9747f44d9163a5873de6eabda69fdfd7f42c491c0753
Gentoo Linux Security Advisory 200704-8
Posted Apr 12, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200704-08 - DokuWiki does not sanitize user input to the GET variable 'media' in the fetch.php file. Versions less than 20061106 are affected.

tags | advisory, php
systems | linux, gentoo
advisories | CVE-2006-6965
SHA-256 | 08bb3c941ee1cd1303d0a1e00598c882984049d723b0978d6979226e74545513
HP Security Bulletin 2007-13.12
Posted Apr 12, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with a Mercury Quality Center ActiveX control. The vulnerability could be exploited by a remote unauthorized user to execute arbitrary code on a Windows client running the ActiveX control.

tags | advisory, remote, arbitrary, activex
systems | windows
SHA-256 | 2176de5f1ff2cb9e0f450873d1eb3d46de6a6e1235f39841898004559b21d9db
dotclear-xss.txt
Posted Apr 12, 2007
Authored by nassim | Site securlabs.com

Two cross site scripting vulnerabilities have been discovered in dotclear 1.x.

tags | exploit, vulnerability, xss
SHA-256 | 4af0578d4225e5fd0d35d74368d90cc56003d17e5eb79b7c7a55e90060c64e31
INFIGO-2007-08.txt
Posted Apr 12, 2007
Authored by Leon Juranic | Site infigo.hr

During an audit of Enterprise Security Analyzer, multiple remote buffer overflows have been discovered in the ESA server (TCP port 10616). There are various stack and heap overflows in multiple ESA requests. The vulnerability has been identified in the latest available Enterprise Security Analyzer v2.5. Previous versions are believed to be vulnerable as well.

tags | advisory, remote, overflow, tcp
SHA-256 | 7cfad04c205329f1f36fe4c6cad33a97921cb4da56226e103ba111b14bd847cd
CVE-2007-1873.txt
Posted Apr 12, 2007
Authored by Hanno Boeck | Site hboeck.de

mephisto version 0.7.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2007-1873
SHA-256 | 84c3561d85dc79e1f03d58fe2d684422b948aa552404f0f3892c557b39343ed8
CVE-2007-1872.txt
Posted Apr 12, 2007
Authored by Hanno Boeck | Site hboeck.de

toendaCMS version 1.5.1 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2007-1872
SHA-256 | 8b014fa1afa7977911bb87c72ae3b8f2b6a0e3a8fa083c52487875a74043ecc8
CVE-2007-1871.txt
Posted Apr 12, 2007
Authored by Hanno Boeck | Site hboeck.de

chcounter version 3.1.3 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2007-1871
SHA-256 | 49556ce1b3b02159dcde4feb9763c44a651aa58ff57caaba25fea6fe15f8f7a3
e107-overwrite.txt
Posted Apr 12, 2007
Authored by Gammarays

E107 version 0.7.8 access escalation overwrite exploit.

tags | exploit
SHA-256 | e158f41d28fd26a0383fd8903e47eedbe5ba168c32616fbe60b32a8d820107ad
Ubuntu Security Notice 452-1
Posted Apr 12, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 452-1 - The Qt library did not correctly handle truncated UTF8 strings, which could cause some applications to incorrectly filter malicious strings. If a Konqueror user were tricked into visiting a web site containing specially crafted strings, normal XSS prevention could be bypassed allowing a remote attacker to steal confidential data.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2007-0242
SHA-256 | 8f76805162dcd0a6088e1b79c381c17323fe493921322a3e2021e1d467b25e82
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close