authfail is a tool for adding IP addresses to an ACL when entities from those addresses attempt to log into a system, but cause authentication failures in auth.log. It reads data from auth.log in real time and adds the IP into netfilter with a DROP/REJECT policy.
78ac44c1e15704e0789d28dde32b9ad20f09e62b54a2fa747e8aca5d06229a17
Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
921fcd3033ecfd97d33cad2d940c0a5e5bbf8cb36fd7a62646fd486993a5a96f
FirstClass executes references to files stored in the bookmarks area, allowing the direct execution of arbitrary programs.
68149e6f4f225d381021d665b523e6d481af673a5f0d58bc67f5dc7753de7dc0
Secunia Security Advisory - Noam Rathaus has discovered a vulnerability in KMail, which can be exploited by malicious people to conduct spoofing attacks.
e49f31ef4249b30d8b2fefbfca92401a9efd85d3db38e657fc02f4b7c14068e4
FirstClass executes references to files stored in the bookmarks area, allowing the direct execution of arbitrary programs.
aef463767f7ee58aff3654b40aa58121b8aa9a377440a285100b3badac249509
Secunia Security Advisory - A vulnerability has been reported in Smart Cache, which can be exploited by malicious people to cause a DoS (Denial of Service).
9aa49bc8d4a9f41146d94c14e364ade257afaf199c683cba4e7d3d02d248b956
Secunia Security Advisory - cologic has reported a vulnerability in DC++, which can be exploited by malicious people to manipulate sensitive information.
1fcaeab4e9ffdc24e7fb90e400b63b152767838300d368065c3e15753787fec0
Secunia Security Advisory - Pluf has discovered a vulnerability in Sun Java JDK/SDK, which potentially can be exploited by malicious people to compromise a user's system.
f1cd73525383d7ff0ac73b125d904d8d3759cbf82b6d897b00bdceffb7339937
Secunia Security Advisory - Lostmon has discovered a security issue in DeluxeFTP, which can be exploited by malicious, local users to disclose sensitive information.
655088dbbdcd309798df6b58071762ea85915496901304144adb07b6c6f116df
Microsoft Jet exploit that makes use of an insufficient data validation vulnerability when the parsing of a database file is performed with msjet40.dll. Tested against Windows 2000 SP4, Windows XP SP0 and SP1.
4dae4b7e50491725c307cdd1f876883074a7cc46887580c6ace3bd07a956b421
icb was written to inject a small logical bomb in elf files without resizing sections of the file itself.
61287a1c4dface850c210335f648bd0a3137e0eb906f483141ebcb8d3f9c98af
Ubuntu Security Notice USN-110-1 - Alexander Nyberg discovered an integer overflow in the sysfs_write_file() function. A local attacker could exploit this to crash the kernel or possibly even execute arbitrary code with root privileges by writing to an user-writable file in /sys under certain low-memory conditions. However, there are very few cases where a user-writeable sysfs file actually exists. Olof Johansson discovered a Denial of Service vulnerability in the futex functions, which provide semaphores for exclusive locking of resources. A local attacker could possibly exploit this to cause a kernel deadlock.
b75f2c84a55b2e04ee2043041e22afaf2643084d37a90c1cfca04582ca9ed7c1
rsnapshot version 1.2.0 (and possibly others) allows users to increase their rights on the local filesystem by creating a symlink to a file they want to take control of. rsnapshot will then change the permissions on the file pointed to by that symlink, rather than the symlink itself, when taking a backup.
e3f3d7a015e9ab4794725874a88206caf515262ac559e069eb3013fba9ea9c5e
TowerBlog versions 0.6 and below allows for remote access of the administrative password hash.
c0f316cb7aa0bee4f3c9604080646ef61a3da5dddf1f138aa4035337587e7b17
ModernBill versions 4.3.0 and below suffer from file inclusion and cross site scripting vulnerabilities.
8172830d3e3f3a1b826acf07ac2c2a7b87cbce06b47b5f36cc43a041ac135017
Pine mail's rpdump is vulnerable to a race condition allowing local users to overwrite files which are writable by anyone using Pine.
de5bb033829419007c7d3461177a2e00c37c9a5805fb998a8137ae3ed4e1617b
ACNews 1.0 SQL injection exploit.
fdfe29871db02e59ccaa3adb1eee3e88e4170eaebe8bb401b3ad9a352ae153f4
AzDGDatingPlatinum 1.1.0 is susceptible to SQL injection and cross site scripting vulnerabilities.
2d8ffe249b1150e8cf2a3693d5743200ce6e574b5df8de0cd425644fb26f36d5
Firefly filetrading software version 1.0 stores proxy passwords, if configured, in a manner that leaves them vulnerable to being discovered by any other local users.
d01fc7dc93ba6ee2249f7b34a5da9cb6556b56356b3fbf0588e916958900176b
Another remote command execution exploit for The Includer CGI versions 1.0 and below.
9f98456648c2ae632d747f376f326d22fff1ab92e2cab230b07f594e7faf3bb6
The Includer CGI versions 1.0 and below remote command execution exploit.
b83fec761e5a9324a6511510e46ef2088b4889b6f74b10d6cf3f7e9e5423319c
Local proof of concept exploit for a buffer overflow in sash 3.7.
f89cf1c62b9ce8d8306e87bfb937c11e970a017004f263078df0583a5194119b
P2P Share Spy 2.2 local password exploit.
311bb24a5fabd8cd666e8dbbcb95d4fcaefad2e96efd92bb87582dd7e583fb10
RadBids Gold version 2 is susceptible to directory traversal, SQL injection, and cross site scripting vulnerabilities.
f9eec75ae476b0900b96947bbae0437f19c9ec7a69d17ee59288245dd0df16b3