A vulnerability exists in the way that Shorewall handles temporary files and directories. The vulnerability can allow a non-root user to cause arbitrary files on the system to be overwritten.
6bbcf5bce92926266ba6aa58e3adb70e229a5eb9bfe6b537a38b1e8a69b62d57iDEFENSE Security Advisory 07.08.04: SSLtelnet contains a format string vulnerability that could allow remote code execution. The problem specifically exists within telnetd.c, on line 530 where an argument deficient call is made to syslog().
4e543388d663cd33875f49d23593b699a5be1be2e1f2f992845ce28c404f7be4Mozilla Security Advisory - Windows versions of Mozilla products pass URIs using the shell: scheme to the OS for handling. The effects depend on the version of windows, but on Windows XP it is possible to launch executables in known locations or the default handlers for file extensions. It could be possible to combine this effect with a known buffer overrun in one of these programs to create a remote execution exploit, although at this time we have confirmed only denial-of-service type attacks. Versions affected: Mozilla (Suite), Mozilla Firefox, Mozilla Thunderbird.
57a70625f36b6696077650b535747f47f76c4268befe5b019d687be4e6f7857dOutlook 2000 and 2003 allow execution of remote web pages specified within the data property of OBJECT tags when there is no closing /OBJECT tag, while forwarding an HTML email message using Word 2000 or 2003 as the email editor. This behavior happens regardless of Security Zone settings.
77a5bf7ed41d1d5076c78d070bbafd955f62a940782384b651ebf42c89e813daNmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.
1b75a20d79feeee28b5d39c239eb30468b742b7ddd073470e90cf0f92e2593daFLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
84b189826dc1420aa93d5606a2abac3ef90da339f45f43d57b91514047c8d749A .diff file, applied to the MySQL 5.0.0-alpha source distribution will allow building a MySQL client that can be used to connect to a remote MySQL server with no password.
576c8349f99ca721889a85397e1a11e6091d306a88102e339b9bede903f555e3Netwox is a utility that can be thought of as a one stop shop network toolbox. It includes a graphical front-end called Netwag. This kit comes with 150 tools that can be used to perform a multitude of tasks that are very useful to any administrator. It supports various protocols (DNS, FTP, HTTP, NNTP, SMTP, SNMP) and performs low level functions like sniffing, spoofing traffic, and playing client/server roles. Both Windows and Unix versions are included.
240958dc64c5ec558968cd9f12dabc9019c76506dbbae1c6fb366f02872ab4ff
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed