strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.
44ed6ce785e62d54671a98df35d522e7187e2f0b1bd55d2c097ebb2ae647f665MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
95fcc2b43f6b6de3e0349e97ddb4994024dd52157b285c31380f1a99e2348611Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
2aec3da07856ca2b53b834bdba8a820a130854e02426de41d8eabcf6c4c11606phpFaber TopSites version 3 suffers from a remote file disclosure vulnerability.
10eb9f8d61e9486a57dad483d4bda6b998dc7a939cfb79bbd11510cd05518533Chatness versions 2.5.3 and below suffer from multiple vulnerabilities including file overwrite and password disclosure issues.
e5e0cc65179e56734e1e8783fea84346fb81d711d4417d44f34d53f1b0f3bce0iDefense Security Advisory 04.12.07 - Remote exploitation of a buffer overflow vulnerability in pfs_mountd.rpc included in multiple versions of Hewlett Packard Co. HP-UX allows for remote root access. If a remote user sends two specially crafted packets over UDP, the buffer overflow is triggered. One must first send a call to procedure 5, and soon thereafter send the actual payload to procedure 2. Due to the closed nature of the pfs_mountd.rpc protocol specification, it is unclear at this time what functions the respective procedures actually perform. iDefense has confirmed the existence of this vulnerability in HP-UX 11.11i. It is suspected that previous versions are also vulnerable.
7913b6361bb35be7ac9c32e720241afaa2fc35a3aae1a055514a85ef9ffa7179Aircrack-ng version 0.7 suffers from a buffer overflow vulnerability. Full exploit provided.
6582f5ccdd7c448ca04681f9147f6023c764bd542165cfa411535d9790da8333HP Security Bulletin - A potential security vulnerability has been identified in HP-UX with the Portable File System (PFS). The vulnerability could be exploited remotely to gain an increase in privilege.
1e26e9e35bc4a6b069108b4e40f0d6cc2a542c4f77d867f726e60051920e964dFAC GuestBook version 2.0 suffers from a remote database disclosure vulnerability.
17e0da7cb18e5c5707b68b4e5c371c29d182e2ff9a406e65fb6bf98ac8f647bfphpwebnews 1.x suffers from cross site scripting vulnerabilities.
4b02111e9551f1b07e3a0f78a6729624949d0737a89ef8016ca5a596641893a7TuMusika Evolution version 1.6 suffers from a cross site scripting vulnerability.
4a9550b19681bcc8a91d4af1660099431c0eab05da82ec9c4ffb9dd6776f99b6Doop Content Management System 1.3.x suffers from cross site scripting vulnerabilities.
a59ba42fd83876b763b12ce676fcb9372e3d42c000aa54c5dcf166bd7b133a90Cisco Security Advisory - The Cisco Wireless Control System (WCS) works in conjunction with Cisco Aironet Lightweight Access Points, Cisco Wireless LAN Controllers, and the Cisco Wireless Location Appliance by providing tools for wireless LAN planning and design, system configuration, location tracking, security monitoring, and wireless LAN management. Cisco WCS contains multiple vulnerabilities that can result in information disclosure, privilege escalation, and unauthorized access through fixed authentication credentials.
70c67f785bad81482ffdaa8fe9d94b5ae40ff6c1058bbb52aa6857069255ae0cCisco Security Advisory - The Cisco Wireless LAN Controller (WLC) manages Cisco Aironet access points using the Lightweight Access Point Protocol (LWAPP). The WLC contains multiple vulnerabilities that could result in a denial of service (DoS) condition, information disclosure, or access control list changes, or allow an attacker to gain full administrative access.
7693ba2c5c97846ef00c583198c576061b370e4f9223a6770643dbd018c8d7f5HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
175ef1da000f7da99a7dbf86b9f482cc7918b335897055016ee550848b27a379HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running ARPA Transport. The vulnerability could be exploited by a local user to create a Denial of Service (DoS).
e7a2bbd565f1f912aeec9747f44d9163a5873de6eabda69fdfd7f42c491c0753Gentoo Linux Security Advisory GLSA 200704-08 - DokuWiki does not sanitize user input to the GET variable 'media' in the fetch.php file. Versions less than 20061106 are affected.
08bb3c941ee1cd1303d0a1e00598c882984049d723b0978d6979226e74545513HP Security Bulletin - A potential security vulnerability has been identified with a Mercury Quality Center ActiveX control. The vulnerability could be exploited by a remote unauthorized user to execute arbitrary code on a Windows client running the ActiveX control.
2176de5f1ff2cb9e0f450873d1eb3d46de6a6e1235f39841898004559b21d9dbTwo cross site scripting vulnerabilities have been discovered in dotclear 1.x.
4af0578d4225e5fd0d35d74368d90cc56003d17e5eb79b7c7a55e90060c64e31During an audit of Enterprise Security Analyzer, multiple remote buffer overflows have been discovered in the ESA server (TCP port 10616). There are various stack and heap overflows in multiple ESA requests. The vulnerability has been identified in the latest available Enterprise Security Analyzer v2.5. Previous versions are believed to be vulnerable as well.
7cfad04c205329f1f36fe4c6cad33a97921cb4da56226e103ba111b14bd847cdmephisto version 0.7.3 suffers from a cross site scripting vulnerability.
84c3561d85dc79e1f03d58fe2d684422b948aa552404f0f3892c557b39343ed8toendaCMS version 1.5.1 suffers from cross site scripting vulnerabilities.
8b014fa1afa7977911bb87c72ae3b8f2b6a0e3a8fa083c52487875a74043ecc8chcounter version 3.1.3 suffers from cross site scripting vulnerabilities.
49556ce1b3b02159dcde4feb9763c44a651aa58ff57caaba25fea6fe15f8f7a3E107 version 0.7.8 access escalation overwrite exploit.
e158f41d28fd26a0383fd8903e47eedbe5ba168c32616fbe60b32a8d820107adUbuntu Security Notice 452-1 - The Qt library did not correctly handle truncated UTF8 strings, which could cause some applications to incorrectly filter malicious strings. If a Konqueror user were tricked into visiting a web site containing specially crafted strings, normal XSS prevention could be bypassed allowing a remote attacker to steal confidential data.
8f76805162dcd0a6088e1b79c381c17323fe493921322a3e2021e1d467b25e82
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed