Conky Linux version 1.8.0 local denial of service proof of concept exploit.
ef5013e007ebfeff01b8e5f75c6128692db721569636df04aa5eb3a61a611421Moscrack is intended to facilitate the use of a WPA cracker on a cluster. Currently, it has only been used with Mosix (clustering software) and SSH nodes. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to separate processes that run in parallel. The parallel processes can then execute on different nodes in your cluster. All results are checked (to a degree) and recorded on your master node. Logging, error handling, etc. are all handled for you. Moscrack is designed to be run for long periods of time (days, weeks, or more).
f8937e68a9bd2310ef51ada559931442d443ed81fddcd3ca5b33dd8e43a602dastrongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.
631645e3769003c8bce92b4a712de00722eb45fcbe3bff698403133e45e479c5Mandriva Linux Security Advisory 2011-027 - Multiple vulnerabilities were discovered and corrected in OpenOffice.org. These range from directory traversal issues to use-after-free vulnerabilities.
39e3e2a8580de5d1a92c57975fbd1a8a00c08da89794e06bdc6722de174205e9RunCMS version 2.2.2 suffers from cross site scripting, path disclosure and remote SQL injection vulnerabilities.
3793b698af04151a932d7b23a7695b9ec52b335731e39e72ab65fc16418eb112VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a buffer overflow error in the Windows Shell graphics processor when parsing the "biCompression" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
e45dd38c15740c3e6e5ddc9d40c8fcbd4f3bb920137a89049bbe72c5ba971917VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "height" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
9a72023ae91a8044eca541def5bf1939d6dd53c305c5ed8be72523cab22c8350Debian Linux Security Advisory 2161-2 - It was discovered that the floating point parser in OpenJDK, an implementation of the Java platform, can enter an infinite loop when processing certain input strings. Such input strings represent valid numbers and can be contained in data supplied by an attacker over the network, leading to a denial-of-service attack.
a0ded925baff43a07590b4642526803be3c5f43236df53cf34ee4a2b37a08de7Debian Linux Security Advisory 2163-1 - Several vulnerabilities were discovered in the django web development framework. For several reasons the internal CSRF protection was not used to validate ajax requests in the past. However, it was discovered that this exception can be exploited with a combination of browser plugins and redirects and thus is not sufficient. It was discovered that the file upload form is prone to cross-site scripting attacks via the file name.
87f72613c0e91642c24a6eeecfcb0c3c15c5c30e179f7d4f7a4e7cdd06c9d13aMG2 version 0.5.1 suffers from multiple cross site scripting vulnerabilities.
d9e1492757a88b8aae40695552fa07b4741b360277a7016b7540c93273f43c48Microsoft Windows Server 2003 AD pre-auth browser election remote heap overflow exploit.
26b98c4caee82d08f9885e35420ee124ecacaecd6ac16b0fd17e21036c739c64McAfee Virusscan Antivirus Quarantined File Restore Utility is a useful python script that extracts a file quarantined with the BUP extension by McAfee Virusscan.
b8d0534550bfc32234180545ca6a832d08dbbaef57550859d2a80ae9c79315e3The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
b6d2274da8681f81d19fe74f770f71b70273a1d3d73151f797e21b2e05531e24ctunnel is a program for tunneling and proxying TCP or UDP connections via a cryptographic tunnel. ctunnel can be used to secure any existing TCP or UDP based protocol, such as HTTP, Telnet, FTP, RSH, MySQL, VNC, DNS, XDMCP, NFS, etc. You can also chain or bounce connections to any number of intermediary hosts.
a07bb5f48987ec0cb01d01ae7eb2fc00a06a1928fa25afe3999ceb4398f0941aMandriva Linux Security Advisory 2011-026 - Multiple vulnerabilities were discovered and corrected in phpmyadmin. When the files README, ChangeLog or LICENSE have been removed from their original place, the scripts used to display these files can show their full path, leading to possible further attacks. It was possible to create a bookmark which would be executed unintentionally by other users. The updated packages have been upgraded to the latest versions to mitigate these issues.
036a323ea6db3929f3d454c237b38f78b082641a4877eecb061b1c6b10296d55Whitepaper called Access Denied - A Guide For Code Breakers.
3d28c0b73d3a1ca635df5eae7c8f884e0751112cf1e4fc7784e166799a7264a1Debian Linux Security Advisory 2162-1 - Neel Mehta discovered that an incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications may be vulnerable to expose contents of a parsed OCSP nonce extension.
85bafee235722d8c60461177c2d6712b574cd4b5ea8e903eae3e2d9a139f0ed8Mac OS X suffers from a ftpd related information disclosure vulnerability.
c7e1f64cd4e638d0f9d91eb82e75faafba3b340b73fe38afbb8d624256f950a1Debian Linux Security Advisory 2161-1 - It was discovered that the floating point parser in OpenJDK, an implementation of the Java platform, can enter an infinite loop when processing certain input strings. Such input strings represent valid numbers and can be contained in data supplied by an attacker over the network, leading to a denial-of-service attack.
f7a54b756633f9ade15bc8c34eca924676f0a37a207ea3bcf2a91205739bcc4aDebian Linux Security Advisory 2160-1 - Several vulnerabilities were discovered in the Tomcat Servlet and JSP engine. It was discovered that the SecurityManager insufficiently restricted the working directory. It was discovered that the HTML manager interface is affected by cross-site scripting. It was discovered that NIO connector performs insufficient validation of the HTTP headers, which could lead to denial of service.
2a1315f00b8236ec986eb2d5b9be348185c3459b7a38920bda341559938be986VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "width" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
424e76ac6176134b9620fc780ea75da7e66aee6adb5388e91cf75fdc7beeb515VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a dangling pointer in the "mshtml.dll" library when handling certain object manipulations, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page. Internet Explorer versions 6, 7, and 8 are affected.
3ec085c704a69847706bc827f9318c129f1ec314e1cffd5e14399f41cbc973f2WordPress Plugin WP Forum Server version 1.6.5 suffers from multiple remote SQL injection vulnerabilities.
b1cbe56c1f57bab1edc287852bd2ec3cb1646ae7e01e005aed69d1ad2c1ad709VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave. The vulnerability is caused by a memory corruption error in the "DIRAPI.dll" module when processing the "LCTX" chunk within a Director File, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page. Adobe Shockwave Player versions 11.5.9.615 and prior are affected.
a14685bc6080babb1b766400a94d5de2768c47bc73bcd035cb57c90a363fe819AWCM version 2.2 Final suffers from a persistent cross site scripting vulnerability.
24fc75930da464d66a164fa6e7210db0740002786f16f9d6089e06c18e51fede
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed