arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.
ca1333d85a5718316557bd95003212429c40990b2389791daae0519c2e764750
Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.
c130885a17eca8ca18458cd773dcbd66a798dfe0927c065744ac9b6cf93c330c
iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
0bd229e99ef61fe39fba6194031e5307a9da7e22c2a5b8a581f6ae8efae14762
DragonFly shopping cart allows for SQL injection attacks and price manipulation.
f3731ee7643b36fa0e65130b16541ef7e07f4dbac260d2b7479a4c697986b967
Practical Applications of Public-key Cryptography: Securing Email Communications with PGP. An 11 page tutorial that discusses practical uses of PGP desktop, the commercial version of PGP.
190fece747e9805af22848e10674c48feb4476aac8d5a9c2a691f4039cdc098b
NateOn Messenger version 3.0 suffers from a file sharing flaw that allows for traversal attacks allowing for directory listings.
a157445ef865217d7b1580f0f7ac5491ad8fecbb7adea172c98f43feaf172303
ASP.NET RCP/Encoded web services suffer from a denial of service vulnerability.
c933e234f71c9871f5f0e59739db7d3b43c7c63a8b26197942ac164c02600380
BlogTorrent versions 0.92 and below allow for direct access to the file storing users' password hashes and logins.
f16318de93bab383388f4c3616acf68cd72b4c6f8f36ecf5ef137730d472fc1b
Debian Security Advisory DSA 751-1 - The upstream developers have discovered a bug in the DNS lookup code of Squid, the popular WWW proxy cache. When the DNS client UDP port (assigned by the operating system at startup) is unfiltered and the network is not protected from IP spoofing, malicious users can spoof DNS lookups which could result in users being redirected to arbitrary web sites.
e9b8cb271a542d120f0d6481aaa3262031a074b35778911fc5612443c462be6a
Gentoo Linux Security Advisory GLSA 200507-09 - A buffer overflow has been discovered in the UnixAppOpenFilePerform() function, which is called when Adobe Acrobat Reader tries to open a file with the \Filespec tag. Versions less than or equal to 5.10 are affected.
75917ca72cdcc43905af705c0d94a1b62b42c3fbea34599058b31da755cced49
Debian Security Advisory DSA 748-1 - A vulnerability has been discovered in ruby 1.8 that could allow arbitrary command execution on a server running the ruby xmlrpc server.
172ca51e27ef5e4f0d94d04b618f60329db5e80a16e79cfe6cb35c316f6ea1fc
Debian Security Advisory DSA 750-1 - infamous42md discovered that dhcpcd, a DHCP client for automatically configuring IPv4 networking, can be tricked into reading past the end of the supplied DHCP buffer which could lead to the daemon crashing.
26d5c2c5250deb425c6530cdcff27616f5825a39ea2236c6a57dc16c0da9ceb7
Hosting Controller allows for unauthenticated session and user creation.
5c29c362c7dded2f739dd23b6b734d5204604a8bc9e120e4db8975962a1b20cd
A race condition vulnerability has been found in the ia32 compatibility execve() systemcall of the Linux kernel. The race condition may lead to heap corruption. Versions up to 2.4.31 and 2.6.6 are affected.
60d19fb55a1868fabc6dc3d7ddb54e27e89f5c9fb581589f667b2f5e0a5d2b9b
Gentoo Linux Security Advisory GLSA 200507-08 - The XML-RPC implementations of phpGroupWare and eGroupWare fail to sanitize input sent to the XML-RPC server using the POST method. Versions less than 0.9.16.006 are affected.
e6e4508d4d34b0338c98cad75efb14c9a7bbb24a8a963d701d075ce1f286752c
MSN's Messenger protocol will automatically kick users from a conversation if .pif is sent in a text message.
39d563c8cb90296982dd0bc5cba058620c23e5caff6e42dd15d54375ed1a38f9
Debian Security Advisory DSA 749-1 - A vulnerability was discovered in the ettercap package which could allow a remote attacker to execute arbitrary code on the system running ettercap.
bdeef153d602130b85417e5dee12c2d46a6187d93eb4e3c55bde14385ca13c7f
Debian Security Advisory DSA 747-1 - A vulnerability has been identified in the xmlrpc library included in the egroupware package. This vulnerability could lead to the execution of arbitrary commands on the server running egroupware.
b0b86440bb0360bbefc86c2863a7889904933148f078a1f19d96c3fcd6b2f2ad
Secunia Security Advisory - c0ntex has reported some vulnerabilities in SiteMinder, which can be exploited by malicious people to conduct cross-site scripting attacks.
e54b12acf9dd463c51e37e5c1825b7b2c051b47fa9657daf9b0088898814a3b2
Secunia Security Advisory - Defa has discovered a vulnerability in Id Board free, which can be exploited by malicious people to conduct SQL injection attacks.
726421448108d98faba009d03d65a798e799001a88aa43a7175a360794246934
Secunia Security Advisory - Ilja van Sprundel has reported a vulnerability in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.
d44ffa0c8ff372ea7466b0c6c9f5d8bac1c80c898136b110965c541b9a3ff127
Secunia Security Advisory - A vulnerability has been reported in dhcpcd, which can be exploited by malicious people to cause a DoS (Denial of Service).
06789d2db5928310e83291885e124454119d825f4f05e9196b37bf5ae6b7d3a8
Secunia Security Advisory - LazyCrs and pjphem have reported a security issue in Blog Torrent, which can be exploit by malicious people to gain knowledge of sensitive information.
aad382218100f5606de503a35c8af50d09c208f48a35e796972817ee31ff2763
Secunia Security Advisory - A vulnerability has been reported in MMS Ripper, which potentially can be exploited by malicious people to compromise a user's system.
1fa3b5f012fd6cd4104d34ebd9b2b753ad3eb9078d313e2814e6105c9872194b
Secunia Security Advisory - A vulnerability has been reported in Backup Manager, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
2bd352ce286b1217a08040beccc1ef95a2bb6dd371c589fd7f7c52e27860947d