«
Expand/Collapse
225 items tagged "library"
Related tags:
wordpress [+],
gnu c library [+],
arbitrary code execution [+],
hacks [+],
txt [+],
tiff library [+],
tiff [+],
pki [+],
path [+],
microsoft [+],
libpki [+],
ld library [+],
digital certificates [+],
cryptographic operations [+],
buffer overflow vulnerability [+],
application development [+],
xml security [+],
xml [+],
user [+],
tiff files [+],
security library [+],
sauli [+],
pahlman [+],
library version [+],
insecure [+],
ghostscript [+],
file [+],
digital signature [+],
default fields [+],
dan rosenberg [+],
c library [+],
book [+],
arduino [+],
zrtp [+],
xss [+],
ruby library [+],
ruby [+],
protocol library [+],
protocol [+],
posix [+],
phil zimmermann [+],
nessus [+],
mono [+],
media library [+],
media [+],
link library [+],
link [+],
library categories [+],
libcap [+],
integer overflow [+],
heap corruption [+],
day [+],
communication services [+],
bugtraq [+],
book library [+],
Programming [+],
zero day [+],
zero [+],
visualization [+],
video [+],
usn [+],
tune library [+],
tune [+],
tsmim [+],
stikom [+],
ssh [+],
sql injection [+],
sql [+],
spydus [+],
springshare [+],
source [+],
sort function [+],
software versions [+],
security advisory [+],
sanitization [+],
s system [+],
microcontrollers [+],
marc schoenefeld [+],
local [+],
loader [+],
libresolv [+],
library versions [+],
library user [+],
library software [+],
library search path [+],
library management system [+],
library component [+],
libanswers [+],
lessons [+],
koha [+],
joomla [+],
integer [+],
ffmpeg [+],
dynamic linker [+],
destination buffer [+],
cryptography [+],
component version [+],
civica [+],
categories [+],
attack [+],
apple tv [+],
apple security [+],
apple safari [+],
advisory [+],
Software [+],
vulnerability [+],
diffie hellman [+],
botan [+],
win [+],
vxworks [+],
vulnerabilities [+],
video encoding [+],
usa [+],
tool [+],
text element [+],
testing intrusion detection systems [+],
style [+],
service vulnerability [+],
safer use [+],
root privileges [+],
remote [+],
regular expression library [+],
regular expression [+],
red [+],
platinum [+],
patrick engebretson [+],
pango [+],
pal [+],
os solaris [+],
open source library [+],
multiple [+],
linux security [+],
library of congress [+],
libdvdread [+],
letter style [+],
kses [+],
josh pauli [+],
jeff layton [+],
invalid pointer [+],
intrusion detection systems [+],
imlib [+],
ids [+],
hp ux [+],
heap memory [+],
free document [+],
font [+],
expression [+],
exploits [+],
elliptic curves [+],
elliptic curve [+],
dvd [+],
dlopen [+],
directory [+],
dereference [+],
department of homeland security [+],
dat [+],
curve [+],
couchdb [+],
congress [+],
code execution [+],
code [+],
c standard library [+],
authentication [+],
audio file library [+],
audio [+],
arbitrary code [+],
application crash [+],
application [+],
adafruit [+],
gnu [+],
security [+],
crypto algorithms [+],
crypto [+],
algorithms library [+],
algorithms [+],
wpa psk [+],
work study job [+],
webkit [+],
vips [+],
v usb [+],
usb library [+],
usb firmware [+],
usb [+],
upnp [+],
tssa [+],
tiff image [+],
thomas [+],
technology [+],
tcpdf [+],
simultaneous attacks [+],
servo motors [+],
servo [+],
search [+],
sdk [+],
root [+],
roaraudio [+],
report library [+],
report [+],
read [+],
raw [+],
random number generator [+],
rafe [+],
pwm signals [+],
post [+],
poc [+],
png [+],
pin spacing [+],
pid [+],
photoshop [+],
pentest [+],
pdfill [+],
pcre [+],
pcb [+],
pcap [+],
parsing [+],
output [+],
otp [+],
original library [+],
newest technology [+],
mouse event [+],
microsoft mfc [+],
mfc library [+],
mfc [+],
memory pointer [+],
memory leak [+],
memory corruption [+],
mediggo [+],
magnetometer [+],
mac os x [+],
mac os [+],
loading [+],
links [+],
linker [+],
library v1 [+],
library code [+],
libpng [+],
language samples [+],
kevin finisterre [+],
javascript array [+],
java library [+],
java event [+],
java [+],
integer overflow vulnerability [+],
ins [+],
image structures [+],
image [+],
hot weather [+],
honeywell [+],
holoo [+],
hole [+],
handy piece [+],
hand [+],
hackaday [+],
gnucash [+],
glibc [+],
ganesha [+],
footprint [+],
file processing [+],
exif [+],
erlang [+],
emc [+],
ember [+],
element [+],
electrical projects [+],
eagle [+],
dsa [+],
disk library [+],
disk [+],
digital library [+],
digital [+],
design process [+],
denial of service exploit [+],
david keeler [+],
datadynamics [+],
dat file [+],
dan kaminsky [+],
custom protocols [+],
cs5 [+],
cryptanalysis techniques [+],
cross site scripting [+],
cross [+],
creator [+],
canon camera [+],
camera [+],
c programming language [+],
bristol [+],
bob clary [+],
bleeding edge technology [+],
bkd [+],
bill porter [+],
based buffer overflow [+],
attiny [+],
apple iphone [+],
antixss [+],
adobe [+],
accounting [+],
accelerometer [+],
Pentesting [+],
Newbie [+],
BackTrack [+],
Area [+],
communications protocols [+],
transport layer security [+],
application programming interface [+],
tgz [+],
tar gz [+],
tar [+],
cryptographic algorithms [+],
certificate requests [+],
denial of service [+],
ssh2 protocol [+],
privilege escalation vulnerability [+],
local privilege escalation [+],
libssh [+],
internet drafts [+]
-
-
18:37
»
Packet Storm Security Recent Files
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
-
18:37
»
Packet Storm Security Misc. Files
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
-
-
12:17
»
Packet Storm Security Recent Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
12:17
»
Packet Storm Security Misc. Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
-
16:01
»
Hack a Day
We don’t have much personal experience with DOF hardware, but this Arduino library which reads and compensates for three-axis magnetometer and accelerometer data looks very impressive. It should work for existing hardware, but there’s also a demo design using a Honeywell HMC5883L compass and a Freescale MMA8453Q accelerometer which you can build yourself. Unfortunately these come [...]
-
-
19:43
»
Packet Storm Security Recent Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
19:43
»
Packet Storm Security Misc. Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
-
19:09
»
Packet Storm Security Recent Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
19:09
»
Packet Storm Security Misc. Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
-
11:22
»
Packet Storm Security Advisories
Apple Security Advisory 2012-03-07-3 - Apple TV 5.0 is now available and addresses a libresolv library vulnerability that could lead to an unexpected application termination or arbitrary code execution.
-
11:22
»
Packet Storm Security Recent Files
Apple Security Advisory 2012-03-07-3 - Apple TV 5.0 is now available and addresses a libresolv library vulnerability that could lead to an unexpected application termination or arbitrary code execution.
-
11:22
»
Packet Storm Security Misc. Files
Apple Security Advisory 2012-03-07-3 - Apple TV 5.0 is now available and addresses a libresolv library vulnerability that could lead to an unexpected application termination or arbitrary code execution.
-
-
18:53
»
Packet Storm Security Recent Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
18:53
»
Packet Storm Security Misc. Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
-
7:32
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0305-03 - The boost packages provide free, peer-reviewed, portable C++ source libraries with emphasis on libraries which work well with the C++ Standard Library. Invalid pointer dereference flaws were found in the way the Boost regular expression library processed certain, invalid expressions. An attacker able to make an application using the Boost library process a specially-crafted regular expression could cause that application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
-
7:32
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0305-03 - The boost packages provide free, peer-reviewed, portable C++ source libraries with emphasis on libraries which work well with the C++ Standard Library. Invalid pointer dereference flaws were found in the way the Boost regular expression library processed certain, invalid expressions. An attacker able to make an application using the Boost library process a specially-crafted regular expression could cause that application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
-
-
19:20
»
Packet Storm Security Recent Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
19:20
»
Packet Storm Security Misc. Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
-
8:58
»
Hack a Day
The V-USB library is a pretty handy piece of code that lets you add USB connectivity to ATtiny microcontrollers (it was previously named tinyUSB). But if you’ve ever looked into adding the library to your own projects you may have been stymied by the complexity of the code. There are many examples, but there’s a lack of [...]
-
-
18:23
»
Packet Storm Security Recent Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
18:23
»
Packet Storm Security Misc. Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
-
19:57
»
Packet Storm Security Recent Files
libdvdcss is a cross-platform library for transparent DVD device access with on-the-fly CSS decryption. It currently runs under Linux, FreeBSD, NetBSD, OpenBSD, BSD/OS, Solaris, BeOS, Win95/Win98, Win2k/WinXP, MacOS X, HP-UX, QNX, and OS/2. It is used by libdvdread and most DVD players such as VLC because of its portability and because, unlike similar libraries, it does not require your DVD drive to be region locked.
-
19:57
»
Packet Storm Security Misc. Files
libdvdcss is a cross-platform library for transparent DVD device access with on-the-fly CSS decryption. It currently runs under Linux, FreeBSD, NetBSD, OpenBSD, BSD/OS, Solaris, BeOS, Win95/Win98, Win2k/WinXP, MacOS X, HP-UX, QNX, and OS/2. It is used by libdvdread and most DVD players such as VLC because of its portability and because, unlike similar libraries, it does not require your DVD drive to be region locked.
-
-
14:49
»
Packet Storm Security Recent Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
14:49
»
Packet Storm Security Misc. Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
-
7:38
»
Packet Storm Security Recent Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
7:38
»
Packet Storm Security Misc. Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
-
7:49
»
Packet Storm Security Misc. Files
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
-
-
4:00
»
Hack a Day
Servo8bit is a library for AVR microcontrollers that allows you to drive servo motors without the need for a 16-bit timer. Obviously, this is quite useful for smaller chips that only have 8-bit timers and it is specifically targeted at the ATtiny45 and ATtiny85 microcontrollers. The library offers 256 steps of resolution, and can drive up to [...]
-
-
10:23
»
SecDocs
Authors:
Josh Pauli Kyle Cronin Patrick Engebretson Tags:
IDS sniffer Event:
Black Hat USA 2010 Abstract: Testing Intrusion Detection Systems (IDS) to ensure the most malicious attacks are detected is a cornerstone of these systems, but there is no standardized method to execute these tests. Running live exploitations is not always a viable option – especially when the rule set isn’t finalized, and clients are often nervous about the use of “hacker tools” on their networks. Furthermore, educators struggle to teach IDS concepts as a standalone principle without teaching attack methodologies at the same time. We are releasing two artifacts to help solve these problems. First we introduce PAL, a PCAP Attack Library full of individual pre-captured attack files that can be easily replayed for IDS testing and education. This library is completely preassembled, clean, and extendable to include further additions of attacks. Our initial library is created from the findings in the Common Attack Pattern Enumeration Classification (CAPEC) from the Department of Homeland Security. Second, we introduce SprayPAL, a software tool that we’ve developed to replay the PCAP attack library files. Users can send attacks to a specific target or broadcast to an entire subnet of machines. Additional features include the ability to select individual or multiple simultaneous attacks as well as provide layer 2 and 3 packet level manipulation. We conclude by presenting a methodology for capturing attacks and adding them to the public library. Both our PCAP attack library and SprayPAL tool will be released at Black Hat 2010 to the general public.
-
10:23
»
SecDocs
Authors:
Josh Pauli Kyle Cronin Patrick Engebretson Tags:
IDS sniffer Event:
Black Hat USA 2010 Abstract: Testing Intrusion Detection Systems (IDS) to ensure the most malicious attacks are detected is a cornerstone of these systems, but there is no standardized method to execute these tests. Running live exploitations is not always a viable option – especially when the rule set isn’t finalized, and clients are often nervous about the use of “hacker tools” on their networks. Furthermore, educators struggle to teach IDS concepts as a standalone principle without teaching attack methodologies at the same time. We are releasing two artifacts to help solve these problems. First we introduce PAL, a PCAP Attack Library full of individual pre-captured attack files that can be easily replayed for IDS testing and education. This library is completely preassembled, clean, and extendable to include further additions of attacks. Our initial library is created from the findings in the Common Attack Pattern Enumeration Classification (CAPEC) from the Department of Homeland Security. Second, we introduce SprayPAL, a software tool that we’ve developed to replay the PCAP attack library files. Users can send attacks to a specific target or broadcast to an entire subnet of machines. Additional features include the ability to select individual or multiple simultaneous attacks as well as provide layer 2 and 3 packet level manipulation. We conclude by presenting a methodology for capturing attacks and adding them to the public library. Both our PCAP attack library and SprayPAL tool will be released at Black Hat 2010 to the general public.
-
-
21:48
»
Packet Storm Security Advisories
The libavcodec library, an open source video encoding/decoding library part of the FFmpeg and Libav projects, performs insufficient boundary check against a buffer index. The missing check can result in arbitrary read/write of data outside a destination buffer boundaries. The vulnerability affects the Chinese AVS video (CAVS) file format decoder, specially crafted CAVS files may lead to arbitrary code execution during decoding.
-
21:48
»
Packet Storm Security Recent Files
The libavcodec library, an open source video encoding/decoding library part of the FFmpeg and Libav projects, performs insufficient boundary check against a buffer index. The missing check can result in arbitrary read/write of data outside a destination buffer boundaries. The vulnerability affects the Chinese AVS video (CAVS) file format decoder, specially crafted CAVS files may lead to arbitrary code execution during decoding.
-
21:48
»
Packet Storm Security Misc. Files
The libavcodec library, an open source video encoding/decoding library part of the FFmpeg and Libav projects, performs insufficient boundary check against a buffer index. The missing check can result in arbitrary read/write of data outside a destination buffer boundaries. The vulnerability affects the Chinese AVS video (CAVS) file format decoder, specially crafted CAVS files may lead to arbitrary code execution during decoding.
-
-
14:01
»
Hack a Day
We’ve been hiding away in air-conditioned comfort to wait out the hot weather afflicting most of the US right now. Luckily we’re keeping busy with the great links coming into our tips box. [Brett] sent us a note about his work on the new Arduino PID library. He is the author of the original library [...]
-
-
8:01
»
Hack a Day
Here’s an Arduino library that will let you drive a very large number of LEDs. [Elco Jacobs], an electrical engineering student, is the author of the library. He has a work-study job that has him helping out others with their electrical projects and he was constantly being solicited for methods to control droves of light [...]
-
-
17:48
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
17:48
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
12:47
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
12:47
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
7:20
»
Packet Storm Security Advisories
A corrupt Canon Camera RAW file (.CR2) can cause a crash in the RawCamera library. This affects viewing files in both the Preview.app application or via Quick Look. Mac OS X 10.6.6 with RawCamera.bundle versions prior to 3.6 are affected.
-
-
15:18
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
15:18
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
6:22
»
Packet Storm Security Recent Files
ZRTP Protocol Library is an implementation of Phil Zimmermann's ZRTP protocol, created based on and interoperable with Zfone beta 2. Combined with the GNU RTP Stack (ccrtp), this offers the ability to create communication services that natively support the ZRTP protocol.
-
6:22
»
Packet Storm Security Misc. Files
ZRTP Protocol Library is an implementation of Phil Zimmermann's ZRTP protocol, created based on and interoperable with Zfone beta 2. Combined with the GNU RTP Stack (ccrtp), this offers the ability to create communication services that natively support the ZRTP protocol.
-
-
20:40
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
20:40
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
13:01
»
Hack a Day
When [Bill Porter] works on a project, he says that he typically writes his own NMEA standard communications protocols to fit the job at hand. While it makes things easy to troubleshoot, he admits that his custom protocols are wasteful of both processor time and bandwidth. Binary communications on the other hand are more efficient, [...]
-
-
20:29
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's iPhone Webkit library.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
19:47
»
Packet Storm Security Recent Files
XML Security Library is a C library based on LibXML2. It provides an implementation for major XML security standards: XML Digital Signature and XML Encryption.
-
19:47
»
Packet Storm Security Misc. Files
XML Security Library is a C library based on LibXML2. It provides an implementation for major XML security standards: XML Digital Signature and XML Encryption.
-
-
16:53
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
16:53
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
7:25
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
7:25
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
16:59
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
16:59
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
13:48
»
Packet Storm Security Advisories
Ubuntu Security Notice 1085-2 - USN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream fixes were incomplete and created problems for certain CCITTFAX4 files. This update fixes the problem. Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.
-
13:48
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1085-2 - USN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream fixes were incomplete and created problems for certain CCITTFAX4 files. This update fixes the problem. Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.
-
-
8:03
»
Packet Storm Security Advisories
Ubuntu Security Notice 1085-1 - Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.
-
8:03
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1085-1 - Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.
-
8:03
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1085-1 - Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.
-
-
7:54
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-101 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's iPhone Webkit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the library implements the .sort function for an array. The library will trust the implementation of a particular method which when executed can be used to manipulate elements out from underneath it. This can lead to code execution under the context of the application.
-
7:54
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-101 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's iPhone Webkit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the library implements the .sort function for an array. The library will trust the implementation of a particular method which when executed can be used to manipulate elements out from underneath it. This can lead to code execution under the context of the application.
-
7:54
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-101 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's iPhone Webkit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the library implements the .sort function for an array. The library will trust the implementation of a particular method which when executed can be used to manipulate elements out from underneath it. This can lead to code execution under the context of the application.
-
-
19:21
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
19:21
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
15:01
»
Packet Storm Security Recent Files
Libecc is a C++ elliptic curve cryptography library that supports fixed-size keys for maximum speed. The goal of this project is to become the first free Open Source library providing the means to generate safe elliptic curves, and to provide an important source of information for anyone with general interest in ECC.
-
15:01
»
Packet Storm Security Misc. Files
Libecc is a C++ elliptic curve cryptography library that supports fixed-size keys for maximum speed. The goal of this project is to become the first free Open Source library providing the means to generate safe elliptic curves, and to provide an important source of information for anyone with general interest in ECC.
-
-
14:22
»
Packet Storm Security Recent Files
The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI-enabled application development. The library provides the developer with all the needed functionality to manage certificates, from generation to validation. It helps developers integrate X509 digital certificates into their applications, and implement complex cryptographic operations with a few simple function calls using a high-level cryptographic API. The library constitutes the core of other OpenCA Labs Projects like the PRQP Server, the OCSP Responder, and the OpenCA-NG PKI.
-
14:22
»
Packet Storm Security Misc. Files
The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI-enabled application development. The library provides the developer with all the needed functionality to manage certificates, from generation to validation. It helps developers integrate X509 digital certificates into their applications, and implement complex cryptographic operations with a few simple function calls using a high-level cryptographic API. The library constitutes the core of other OpenCA Labs Projects like the PRQP Server, the OCSP Responder, and the OpenCA-NG PKI.
-
-
9:22
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
9:22
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
11:13
»
Packet Storm Security Recent Files
ZRTP Protocol Library is an implementation of Phil Zimmermann's ZRTP protocol, created based on and interoperable with Zfone beta 2. Combined with the GNU RTP Stack (ccrtp), this offers the ability to create communication services that natively support the ZRTP protocol.
-
11:13
»
Packet Storm Security Misc. Files
ZRTP Protocol Library is an implementation of Phil Zimmermann's ZRTP protocol, created based on and interoperable with Zfone beta 2. Combined with the GNU RTP Stack (ccrtp), this offers the ability to create communication services that natively support the ZRTP protocol.
-
-
16:23
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
16:23
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
4:12
»
Packet Storm Security Advisories
An off by one in the library libgs.so.8 shipped with Ghostscript in versions 8.70 and below generates an integer overflow, which in turn produces a heap corruption, resulting in a (remote) Denial of Service (crash) in several applications using this library when processing a specially crafted font. This vulnerability cannot be exploited to execute arbitrary code under GNU/Linux x86, to the best of our knowledge. Other targets, in particular Windows have not been tested and may or may not allow execution of arbitrary code.
-
4:12
»
Packet Storm Security Recent Files
An off by one in the library libgs.so.8 shipped with Ghostscript in versions 8.70 and below generates an integer overflow, which in turn produces a heap corruption, resulting in a (remote) Denial of Service (crash) in several applications using this library when processing a specially crafted font. This vulnerability cannot be exploited to execute arbitrary code under GNU/Linux x86, to the best of our knowledge. Other targets, in particular Windows have not been tested and may or may not allow execution of arbitrary code.
-
4:12
»
Packet Storm Security Misc. Files
An off by one in the library libgs.so.8 shipped with Ghostscript in versions 8.70 and below generates an integer overflow, which in turn produces a heap corruption, resulting in a (remote) Denial of Service (crash) in several applications using this library when processing a specially crafted font. This vulnerability cannot be exploited to execute arbitrary code under GNU/Linux x86, to the best of our knowledge. Other targets, in particular Windows have not been tested and may or may not allow execution of arbitrary code.
-
-
18:28
»
Packet Storm Security Recent Files
The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI-enabled application development. The library provides the developer with all the needed functionality to manage certificates, from generation to validation. It helps developers integrate X509 digital certificates into their applications, and implement complex cryptographic operations with a few simple function calls using a high-level cryptographic API. The library constitutes the core of other OpenCA Labs Projects like the PRQP Server, the OCSP Responder, and the OpenCA-NG PKI.
-
18:28
»
Packet Storm Security Misc. Files
The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI-enabled application development. The library provides the developer with all the needed functionality to manage certificates, from generation to validation. It helps developers integrate X509 digital certificates into their applications, and implement complex cryptographic operations with a few simple function calls using a high-level cryptographic API. The library constitutes the core of other OpenCA Labs Projects like the PRQP Server, the OCSP Responder, and the OpenCA-NG PKI.
-
-
19:02
»
Packet Storm Security Misc. Files
The libcap-ng library is intended to make programming with POSIX capabilities much easier than the traditional libcap library. It includes utilities that can analyze all currently running applications to locate applications that may have too many privileges.
-
-
20:00
»
Packet Storm Security Recent Files
The libavcodec library, an open source video encoding/decoding library part of the FFmpeg project, suffers from an arbitrary offset dereference vulnerability. The vulnerability affects the flic file format parser, insufficient restrictions on a writable buffer can be exploited to execute arbitrary code via the heap memory. A specific flic file can be crafted to trigger the vulnerability. Versions 0.6 and below are affected.
-
20:00
»
Packet Storm Security Advisories
The libavcodec library, an open source video encoding/decoding library part of the FFmpeg project, suffers from an arbitrary offset dereference vulnerability. The vulnerability affects the flic file format parser, insufficient restrictions on a writable buffer can be exploited to execute arbitrary code via the heap memory. A specific flic file can be crafted to trigger the vulnerability. Versions 0.6 and below are affected.
-
-
19:01
»
Packet Storm Security Misc. Files
The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI-enabled application development. The library provides the developer with all the needed functionality to manage certificates, from generation to validation. It helps developers integrate X509 digital certificates into their applications, and implement complex cryptographic operations with a few simple function calls using a high-level cryptographic API. The library constitutes the core of other OpenCA Labs Projects like the PRQP Server, the OCSP Responder, and the OpenCA-NG PKI.
-
19:01
»
Packet Storm Security Recent Files
The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI-enabled application development. The library provides the developer with all the needed functionality to manage certificates, from generation to validation. It helps developers integrate X509 digital certificates into their applications, and implement complex cryptographic operations with a few simple function calls using a high-level cryptographic API. The library constitutes the core of other OpenCA Labs Projects like the PRQP Server, the OCSP Responder, and the OpenCA-NG PKI.
-
-
12:01
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2107-1 - Dan Rosenberg discovered that in couchdb, a distributed, fault-tolerant and schema-free document-oriented database, an insecure library search path is used; a local attacker could execute arbitrary code by first dumping a maliciously crafted shared library in some directory, and then having an administrator run couchdb from this same directory.
-
12:00
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2107-1 - Dan Rosenberg discovered that in couchdb, a distributed, fault-tolerant and schema-free document-oriented database, an insecure library search path is used; a local attacker could execute arbitrary code by first dumping a maliciously crafted shared library in some directory, and then having an administrator run couchdb from this same directory.
-
-
17:13
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
17:13
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
18:01
»
Packet Storm Security Misc. Files
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
-
18:01
»
Packet Storm Security Recent Files
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
-
-
13:01
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
13:01
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
0:00
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-146 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's support for mouse events on a particular element. If a mouse event is dispatched to an element when one of it's attributes is undefined, the library will dereference a memory pointer pointing to arbitrary data. Usage of this element can then lead to code execution under the context of the application.
-
-
16:36
»
SecuriTeam
Under certain circumstances, an intruder may be able to take advantage of this flaw to execute arbitrary code with the privileges of the web server.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
12:01
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 10-142 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of the first-letter style in the context of an SVG text element. Upon applying the style to this element, the library will calculate the height for determining the overflow for an inline box. While traversing the elements for the height, the library will utilize data from a non-existent linebox. Successful exploitation will lead to code execution under the context of the application.
-
12:00
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-142 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of the first-letter style in the context of an SVG text element. Upon applying the style to this element, the library will calculate the height for determining the overflow for an inline box. While traversing the elements for the height, the library will utilize data from a non-existent linebox. Successful exploitation will lead to code execution under the context of the application.
-
-
0:01
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
0:01
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
1:01
»
Packet Storm Security Advisories
Ubuntu Security Notice 954-1 - Kevin Finisterre discovered that the TIFF library did not correctly handle certain image structures. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service. Dan Rosenberg and Sauli Pahlman discovered multiple flaws in the TIFF library. If a user or automated system were into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service.
-
-
20:09
»
SecuriTeam
A series of vulnerabilities were discovered in Visualization Library, which can be exploited by malicious people to compromise a user's system.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
0:02
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
0:01
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
23:00
»
Packet Storm Security Misc. Files
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
-
-
8:02
»
Hack a Day
Take a few moments and browse this gallery from the Library of Congress. Tasked with the job of preserving the roughly 150 million historical items, they are constantly developing new methods using bleeding edge technology. There is an odd balance of some of the oldest documents in tandem with some of the newest technology evident [...]
-
-
23:01
»
Packet Storm Security Tools
XML Security Library is a C library based on LibXML2. It provides an implementation for major XML security standards: XML Digital Signature and XML Encryption.
-
23:00
»
Packet Storm Security Recent Files
XML Security Library is a C library based on LibXML2. It provides an implementation for major XML security standards: XML Digital Signature and XML Encryption.
-
-
23:00
»
Packet Storm Security Recent Files
Ubuntu Security Notice 944-1 - Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon function. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service. (Ubuntu 10.04 was not affected.) Jeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges. Dan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges.
-
23:00
»
Packet Storm Security Advisories
Ubuntu Security Notice 944-1 - Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon function. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service. (Ubuntu 10.04 was not affected.) Jeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges. Dan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges.
-
-
9:00
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2045-1 - Bob Clary, Dan Kaminsky and David Keeler discovered that in libtheora, a video library part of the Ogg project, several flaws allow allow context-dependent attackers via a large and specially crafted media file, to cause a denial of service (crash of the player using this library), and possibly arbitrary code execution.
-
-
19:41
»
Packet Storm Security Misc. Files
The libcap-ng library is intended to make programming with POSIX capabilities much easier than the traditional libcap library. It includes utilities that can analyze all currently running applications to locate applications that may have too many privileges.
-
-
17:00
»
Packet Storm Security Tools
XML Security Library is a C library based on LibXML2. It provides an implementation for major XML security standards: XML Digital Signature and XML Encryption.
-
-
14:32
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
14:32
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
16:00
»
Packet Storm Security Recent Files
Secunia Research has discovered some vulnerabilities in Visualization Library, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by boundary errors within the vl::loadDAT() and vl::isDAT() functions in src/vl/vlDAT.cpp. This can be exploited to execute arbitrary code by e.g. tricking a user into opening a specially crafted DAT file. Visualization Library version 2009.08.812 is affected.
-
16:00
»
Packet Storm Security Advisories
Secunia Research has discovered some vulnerabilities in Visualization Library, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by boundary errors within the vl::loadDAT() and vl::isDAT() functions in src/vl/vlDAT.cpp. This can be exploited to execute arbitrary code by e.g. tricking a user into opening a specially crafted DAT file. Visualization Library version 2009.08.812 is affected.
-
-
1:00
»
Packet Storm Security Misc. Files
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
-
-
18:00
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
18:00
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
10:37
»
remote-exploit & backtrack
Does anyone know of a freely available pcap "attack library" which could be run through TCPreplay? Specifically, I'd like the ability to select either specific individual or multiple-simultaneous attacks and send those attacks down the wire.
I've run some searches but haven't come up with anything yet---thought I would post here before I start building it out myself.
Thanks!
-
-
21:36
»
Packet Storm Security Tools
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
21:36
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
14:50
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2019-1 - Marc Schoenefeld discovered an improper input sanitization in Pango, a library for layout and rendering of text, leading to array indexing error. If a local user was tricked into loading a specially-crafted font file in an application, using the Pango font rendering library, it could lead to denial of service (application crash).
-
14:49
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2019-1 - Marc Schoenefeld discovered an improper input sanitization in Pango, a library for layout and rendering of text, leading to array indexing error. If a local user was tricked into loading a specially-crafted font file in an application, using the Pango font rendering library, it could lead to denial of service (application crash).
-
-
9:01
»
Packet Storm Security Misc. Files
The libcap-ng library is intended to make programming with POSIX capabilities much easier than the traditional libcap library. It includes utilities that can analyze all currently running applications to locate applications that may have too many privileges.
-
9:01
»
Packet Storm Security Recent Files
The libcap-ng library is intended to make programming with POSIX capabilities much easier than the traditional libcap library. It includes utilities that can analyze all currently running applications to locate applications that may have too many privileges.
-
-
8:22
»
Packet Storm Security Misc. Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
8:22
»
Packet Storm Security Recent Files
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
-
-
15:00
»
Packet Storm Security Tools
nessus-xmlrpc is a Ruby library for the Nessus XML-RPC interface. It comes with an example command line program that shows how easy it is to interact with the Nessus scanner.
-
15:00
»
Packet Storm Security Recent Files
nessus-xmlrpc is a Ruby library for the Nessus XML-RPC interface. It comes with an example command line program that shows how easy it is to interact with the Nessus scanner.
-
-
13:00
»
Packet Storm Security Tools
nessus-xmlrpc is a Ruby library for the Nessus XML-RPC interface. It comes with an example command line program that shows how easy it is to interact with the Nessus scanner.
-
13:00
»
Packet Storm Security Recent Files
nessus-xmlrpc is a Ruby library for the Nessus XML-RPC interface. It comes with an example command line program that shows how easy it is to interact with the Nessus scanner.
-
-
14:01
»
Packet Storm Security Misc. Files
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
-
14:01
»
Packet Storm Security Recent Files
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
-
-
10:10
»
Hack a Day
Adafruit Industries has just added an Arduino shield footprint to their EagleCAD library. If you don’t know, the Arduino headers use non-standard pin spacing. Learn to deal with it, there’s too many Arduino shields in production to have any hope for a change in the future. This footprint should make it a lot easier to [...]
-
-
0:00
»
Packet Storm Security Misc. Files
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
-
0:00
»
Packet Storm Security Recent Files
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
-
-
12:00
»
Hack a Day
We love it when a PCB comes out right the first time. We’re careful enough with our designs that if something is wrong it’s usually a footprint problem, like we picked the wrong package for the components. Adafruit is helping to make the design process easier by sharing their Eagle library. Like the Eagle library [...]
-
-
17:05
»
remote-exploit & backtrack
Ok so I am running BackTrack 4 Final and I need some help. My friend currently has an AP with a WPA-PSK key. I went through and with aircrack-ng did -w /pentest/exploits/fasttrack/bin/dict/wordlist.txt ch#_caps-##.cap. Well his key is not in the library so I'm sort of stuck. I need help with using another library. I am pretty new to the BackTrack scene so bear with me. This would also help me with my own AP that has a WPA-PSK key on it. A link to a video or a tutorial would be great on another library in BT4 other than the one stated above. Thanks :D
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution