w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more.
9aaa651e706fe0c4c2cff95879d614cdcb9791e5120cccc527fcb82922d76fc8strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.
88eeebfe9df6d18f320f396c7236f907e7a34c27f8382c7ce6e4239a7ecce31bThe OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
d9d6180b7b22fe7cf624753c4bf2dc400da1e1aa6ef30d21358e3a3e2a5c9c14Debian Linux Security Advisory 2240-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
e80a5985f8ab30d0e1b27069f1a8ac244b9edc0a3bb35aa75124e26c94b75e19This whitepaper describes a timing attack vulnerability in OpenSSL's ladder implementation for curves over binary fields. They use this vulnerability to steal the private key of a TLS server where the server authenticates with ECDSA signatures. Using the timing of the exchanged messages, the messages themselves, and the signatures, they mount a lattice attack that recovers the private key. Finally, they describe and implement an effective countermeasure.
a639445448cf4d50a71d847a0554fa7ab0640e8c63cc63998bd97f803f5b3b40Secunia Security Advisory - A vulnerability has been reported in Dovecot, which can be exploited by malicious people to cause a DoS (Denial of Service).
fa22346a655a7c732c704bed8ec712950d8e1e333a0cea4995a2a1081504da85A SQL injection vulnerability in Clipbucket version 2.4 RC2 645 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.
6f0d10f78695697be08aaad71f69ebf5932985db42e1fc464f2a06ce15f1d538A local file inclusion vulnerability in eGroupware version 1.8.001.20110421 can be exploited to include arbitrary files.
07ccc0d9a68de349319a1eceb37a6094b2810ad1e924bc4870669646a7b55753An open redirect in eGroupware version 1.8.001.20110421 can be exploited to redirect users to an arbitrary URL.
b4a29e3964e1d7bd72995d10043cf6c74cf999a044fb3fe26884221a0473da93DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.
0dab2e10f9c2cb2d1363b51284e9616725f85e84aea58719848f41626fa894d1Ubuntu Security Notice 1134-1 - Maksymilian Arciemowicz reported that a flaw in the fnmatch() implementation in the Apache Portable Runtime (APR) library could allow an attacker to cause a denial of service. This can be demonstrated in a remote denial of service attack against mod_autoindex in the Apache web server. Is was discovered that the fix for CVE-2011-0419 introduced a different flaw in the fnmatch() implementation that could also result in a denial of service.
33d0bcbf01e80fbf4f6e0b746d2ea03df29467c9bd9d72f3c02f2b79dfede4f4Debian Linux Security Advisory 2239-1 - Several vulnerabilities have been discovered Mojolicious, a Perl Web Application Framework. The link_to helper was affected by cross-site scripting and implementation errors in the MD5 HMAC and CGI environment handling have been corrected.
32a0b722e699971999dfac760e81d5ed750b47e2f3773d75c1d7af752653e626PHP socket connect() stack buffer overflow proof of concept code.
6abcba91bf7177e20f4ef770653563e589f25adaafe8dc216b107fff5b5e35b9Secunia Security Advisory - A vulnerability has been reported in Vordel Gateway, which can be exploited by malicious people to disclose sensitive information.
bbf9b946747ff2c4e74f8a13893f385cf6eb0fb986191a2e6465daa120d21b7bSecunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
3c5fde1929cc78f8310fb171a37fcc12487b03321c43fb7e87ce6832e46a725bSecunia Security Advisory - Fedora has issued an update for libmodplug. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
677187a5445b106b2b63f434fc97365e36f004623734924802e9cd15e17cfc36Secunia Security Advisory - SUSE has issued an update for rdesktop. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
be76f702ecd7cf0a6e8467e79b6646856fd8a202cadbfdac466fc8d10e5e2eb4Secunia Security Advisory - Ubuntu has issued an update for apr. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
34f14a6b411912a4db5433626bb325d85924a0628c1f0c64b8e24ec2995ebef6Secunia Security Advisory - Debian has issued an update for qemu-kvm. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges.
fbd93a9507a162808eda982ef8c09f455d8e8c7a4e0408322fd4d2c0383ffffdSecunia Security Advisory - AutoSec Tools has discovered a vulnerability in ClipBucket, which can be exploited by malicious people to conduct SQL injection attacks.
5e92b9fa6e47819229133797b6e5351199f42b88f3899465797de607ded572edSecunia Security Advisory - Fedora has issued an update for xen. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges.
4b2ec4a4513c0405aa71d087deaad0ee479fa8fb637f1807ab4ad4c34e52d8c2Secunia Security Advisory - SUSE has issued an update for exim. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
9c18c6efe8e945a492ca7f103d0b4e1732bbd22559aed235450c00944eb4113dSecunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and potentially gain escalated privileges.
d41fa13e62d59f43e27f9d798952191ee7648b6dec19267e444994d687ba93b4Secunia Security Advisory - A vulnerability has been reported in the JE Story submit component for Joomla!, which can be exploited by malicious people to disclose sensitive information.
4f30bb7d38e361c2464c7b8eaf012ac3efbd4d274cb34b01ea8c3741a4157336Secunia Security Advisory - A vulnerability and a security issue have been discovered in MidiCMS Website Builder, which can be exploited by malicious people to conduct cross-site request forgery and bypass certain security restrictions.
b32a0008a2ae0c35c8769d5a153fc7fe2e319d38c1b9a35c294a6c68a68063de
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed