fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
ac87bac78e9396f01d93b9abe1dab1d480a5be4898c824ca464ce1c82fca89a7FSlint is a toolkit to find various forms of lint on a filesystem. At the moment it reports duplicate files, bad symbolic links, troublesome file names, empty directories, non stripped executables, temporary files, duplicate/conflicting (binary) names, and unused ext2 directory blocks.
c738e6045e4617d8f9c9a151a644fb4ac0a2ff6ffbfc0e05878f9d7b2a3d4ef6Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.
a18dd7b7c40a4804421efd5666adff226e348c03cdb658e3dd530dff8888065aUbuntu Security Notice 514-1 - Aaron Plattner discovered that the Composite extension did not correctly calculate the size of buffers when copying between different bit depths. An authenticated user could exploit this to execute arbitrary code with root privileges.
004c307e7b215158bb8e240a4607895ad4b7d16fe6705f5301982d533c9e9437There are multiple vulnerabilities where a maliciously-crafted packet can crash Dibbler version 0.6.0. These include packets with options with large lengths (memory allocation failure via integer overflow), invalid lengths (buffer overread), and malformed IA_NA options in a REBIND message (null pointer dereference).
f2b090fcf8285f4556684e70a8d80dc062ceda4f629aff5c30aed4839cb633a6Secunia Security Advisory - Morgan has reported a vulnerability in the Joomla!FlashFun component for Joomla, which can be exploited by malicious people to compromise a vulnerable system.
748d3297e7e6e87fb31e7cdce4855c9b74e29f9691a5cd9a64428d5a0765c0b6Secunia Security Advisory - Morgan has reported a vulnerability in the Joomla!12Pictures component for Joomla, which can be exploited by malicious people to compromise a vulnerable system.
1c846da27233591eb71e89f1ccd1bab4ae30a73ea91f81e3464d39cef1fef093Secunia Security Advisory - MWR InfoSecurity has reported a vulnerability in Merak Mail Server, which can be exploited by malicious people to conduct script insertion attacks.
ac33bcba8bd767add5e45538463d8d588b03c3f480c4ab30436e51dc1f4a32f7Gentoo Linux Security Advisory GLSA 200709-11 - The result of a g_strsplit() call is incorrectly parsed in the files daemon/gdm.c, daemon/gdmconfig.c, gui/gdmconfig.c and gui/gdmflexiserver.c, allowing for a null pointer dereference. Versions less than 2.18.4 are affected.
22a45c640751cb41340b3a04d224310c2cd3063555622bd5f9f8171e69bbcb5cGentoo Linux Security Advisory GLSA 200709-10 - The PhpWiki development team reported an authentication error within the file lib/WikiUser/LDAP.php when binding to an LDAP server with an empty password. Versions less than 1.3.14 are affected.
481695bb332d9ad6c74b9e42a789f7db19404d4cbc313722f20006286717d8baUbuntu Security Notice 513-1 - Dirk Mueller discovered that UTF8 strings could be made to cause a small buffer overflow. A remote attacker could exploit this by sending specially crafted strings to applications that use the Qt3 library for UTF8 processing, potentially leading to arbitrary code execution with user privileges, or a denial of service.
31ffb680b3c4b7429d78be83949e8be8829f2eb22d387a6ff0412229eb5567fdttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
affa9667488c2f4b394d05e9046a26f0142d0e168708ec00bb65967c877ab7bdApple Quicktime with Internet Explorer .qtl version XAS remote exploit proof of concept.
de4404cb7f47bc2c5e0fcb7378ef9ef71fe35d3013f67082b48b39e11d466c91Remote SQL injection exploit for the Ktauber.com StylesDemo module for phpBB version 2.0.xx.
94b4cc81077955af22f4af28c889097080aa16e52913604876a174400605978eAirsensor M520 httpd remote preauth denial of service buffer overflow proof of concept exploit.
392a2c06e846eb34be94f8491f3cd9e418fb9922ce9d10cb8550bc8ea7efb3dbWifiZoo is a tool to passively gather wifi information. It works much along the lines of Ferret and Dsniff but is written in Python.
6d20942b58b0159c26031081ad1518b2af217fd3b4340e6fa98f5f1c91f5fbfbGCALDaemon version 1.0-beta13 is susceptible to denial of service attacks via a specially crafted HTTP request.
bf70ecc515ce42e68f77786ee109556869210e65b7c5f9d7ca197255326672c8Obedit version 3.03 suffers from a cross site scripting vulnerability.
5a714a66b655a6b7f1f0acd042b5d1ab20ce014ee37862f3c226e4c57185174dSecunia Security Advisory - Mandriva has issued an update for avahi. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
e0eb90610e2498f5442fee2753ea5948a1f8503d924d7ece64ae65b9b4bf2347Secunia Security Advisory - Some vulnerabilities have been reported in OpenOffice, which potentially can be exploited by malicious people to compromise a user's system.
fc080005327a6bafa967e574c5aff37065051eba0c2872fd9e1a2db0f3c9454aSecunia Security Advisory - Trustix has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or bypass certain security restrictions, and by malicious people to cause a DoS, conduct cross-site scripting attacks, or compromise a vulnerable system.
c36b0cf1b8a265ddecacfd09bc6e6d3dc63d4bb1ba34ff934b8e21b9f0ff0359Secunia Security Advisory - j00ru has discovered a vulnerability in WinImage, which can be exploited by malicious people to compromise a user's system.
41468722023b350dba37770b6af8d3f6bfda630a00c5b6e68fee6f29c3c8da9cSecunia Security Advisory - Adam Baldwin has reported a vulnerability and a security issue in RemoteDocs R-Viewer, which potentially can be exploited by malicious, local users to disclose sensitive information and by malicious people to compromise a vulnerable system.
295e6597ca74b54c7ff345e9c4e1b3224651969a97a80f63e20f8f00268a2f4dSecunia Security Advisory - Some vulnerabilities have been reported in OpenOffice, which potentially can be exploited by malicious people to compromise a user's system.
8009adb9b4c0cb73242136c207983dcad7c7b99492db30831fcb521aad58d3b4Secunia Security Advisory - malibu.r has reported a vulnerability in b1gMail, which can be exploited by malicious people to conduct cross-site scripting attacks.
f346ebd6c9c031728e9f469482ea034d4e2d774e0e1291df02ab14f17fbafd11
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed