Everscan is a daemonized network scanner that randomly scans at a very slow pace for machines and stores the data to a database. It comes with a client to query for finds.
77bd223cdf7333b925f764a701f80e35dc8875cc4c4e2daf460c38f450af3231Whitepaper discussing how injection of data can later be used to carry out an attack at a different point in time.
382baf0d9e247ca98e6e8644e2f15a095fb8b043e6c0d2995b5f0c01175b6c68Secunia Security Advisory - A vulnerability has been reported in haserl, which can be exploited by malicious people to manipulate critical environment variables. haserl executes shell scripts embedded in HTML documents using a cgi wrapper and sets all input parameters as environment variables. This could be exploited to cause certain programs and utilities to behave unexpectedly and potentially be exploited to execute arbitrary system commands. The vulnerability has been reported in version 0.5.1. Other versions may also be affected.
45cb74d7716992e98fe6859da3e2b789a39b55b01feabba99a99e3f999f80e88Secunia Security Advisory - A weakness has been discovered in Safari, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs.
65a93c2c41fea452cf3a867440ca6731f3db5de30cf6ec5961e685dfac53deb3Sun Security Advisory - Buffer overflow vulnerabilities in the Sun Java System Web Proxy Server may allow a remote unprivileged user to crash either the Web Proxy Server or the Admin Server (of the Web Proxy Server) or execute arbitrary code with the privileges of the respective server processes.
acd876ad54be3275bf34d9450eb66d713c98d9389c9f88c2f6b4d609924c4302Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
05312555cc4c68147451de805a5250d08167f2b1aae794dee35596ef849d08dbBeltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
9e23cf09345884289736d5006623bd289878d7fbaabb4ae5ea53d4a087f4d6aeMVC is a text mode v4l video capture program that features motion detection. It is very small and easy to use, and could be used to monitor and record the people that enter your room.
df690515c2fbbb14ec032c01aeb6dbe5854775eb74cef34e6317224f61ebdb6aSecunia Security Advisory - A vulnerability has been reported in Caudium 1.x, which can be exploited by malicious people to cause a DoS (Denial of Service).
71ea16a19e18c0324b4eb2a840c6d616edab70e3d85f6de4e3e85a0662ff9921Unl0ck Team Security Advisory - qwik-smtpd is susceptible to a format string vulnerability.
418658e48947300661cbd1ad921e3dc07c0dad1325ddccede292af4e45bf9c27Chesapeake TFTP server version 1.0 is susceptible to a classic directory traversal attack that allows an attacker to upload and download files anywhere on the disk. This server is also susceptible to a denial of service flaw.
5e7197c0ed578f8e2b63d7bbd3834572042a0a94802880af3cd57426c42ea545Debian Security Advisory 580-1 - Faheem Mitha noticed that the iptables command, an administration tool for IPv4 packet filtering and NAT, did not always load the required modules on it own as it was supposed to. This could lead to firewall rules not being loaded on system startup. This caused a failure in connection with rules provided by lokkit at least.
9c4a77395c5077c790355fab68e5345bb659c87293cc553f354d21e32ec95f34Debian Security Advisory 579-1 - A buffer overflow vulnerability has been discovered in the wv library, used for converting and previewing word documents. On exploitation an attacker could execute arbitrary code with the privileges of the user running the vulnerable application.
69c769d46131fc44b4ecba2d68dcb975581f4cf2b5cf88380614ce8970ceec6cGentoo Linux Security Advisory GLSA 200411-02 - Cherokee contains a format string vulnerability that could lead to denial of service or the execution of arbitary code.
71fd8bfc14169f8a7ca1ff18284d2f1c6b3837a6556da7b79fedd7043d7c14cbMaxPatrol Advisory - Land Down Under version 701 suffers from multiple SQL injection vulnerabilities and a path disclosure flaw.
f317a72ee5898739380ce812285573c9e2c582c2a35d3192ddd0beee0f9445e2XDICT 2002 through 2005 all suffer from a buffer overrun vulnerability when attempting to examine a word for translation.
5dbe9bbe636101bf3511f4a4133795ec15b27f6ee4b0120aec355af6a8c2814a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed