Everscan is a daemonized network scanner that randomly scans at a very slow pace for machines and stores the data to a database. It comes with a client to query for finds.
77bd223cdf7333b925f764a701f80e35dc8875cc4c4e2daf460c38f450af3231
Whitepaper discussing how injection of data can later be used to carry out an attack at a different point in time.
382baf0d9e247ca98e6e8644e2f15a095fb8b043e6c0d2995b5f0c01175b6c68
Secunia Security Advisory - A vulnerability has been reported in haserl, which can be exploited by malicious people to manipulate critical environment variables. haserl executes shell scripts embedded in HTML documents using a cgi wrapper and sets all input parameters as environment variables. This could be exploited to cause certain programs and utilities to behave unexpectedly and potentially be exploited to execute arbitrary system commands. The vulnerability has been reported in version 0.5.1. Other versions may also be affected.
45cb74d7716992e98fe6859da3e2b789a39b55b01feabba99a99e3f999f80e88
Secunia Security Advisory - A weakness has been discovered in Safari, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs.
65a93c2c41fea452cf3a867440ca6731f3db5de30cf6ec5961e685dfac53deb3
Sun Security Advisory - Buffer overflow vulnerabilities in the Sun Java System Web Proxy Server may allow a remote unprivileged user to crash either the Web Proxy Server or the Admin Server (of the Web Proxy Server) or execute arbitrary code with the privileges of the respective server processes.
acd876ad54be3275bf34d9450eb66d713c98d9389c9f88c2f6b4d609924c4302
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
05312555cc4c68147451de805a5250d08167f2b1aae794dee35596ef849d08db
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
9e23cf09345884289736d5006623bd289878d7fbaabb4ae5ea53d4a087f4d6ae
MVC is a text mode v4l video capture program that features motion detection. It is very small and easy to use, and could be used to monitor and record the people that enter your room.
df690515c2fbbb14ec032c01aeb6dbe5854775eb74cef34e6317224f61ebdb6a
Secunia Security Advisory - A vulnerability has been reported in Caudium 1.x, which can be exploited by malicious people to cause a DoS (Denial of Service).
71ea16a19e18c0324b4eb2a840c6d616edab70e3d85f6de4e3e85a0662ff9921
Unl0ck Team Security Advisory - qwik-smtpd is susceptible to a format string vulnerability.
418658e48947300661cbd1ad921e3dc07c0dad1325ddccede292af4e45bf9c27
Chesapeake TFTP server version 1.0 is susceptible to a classic directory traversal attack that allows an attacker to upload and download files anywhere on the disk. This server is also susceptible to a denial of service flaw.
5e7197c0ed578f8e2b63d7bbd3834572042a0a94802880af3cd57426c42ea545
Debian Security Advisory 580-1 - Faheem Mitha noticed that the iptables command, an administration tool for IPv4 packet filtering and NAT, did not always load the required modules on it own as it was supposed to. This could lead to firewall rules not being loaded on system startup. This caused a failure in connection with rules provided by lokkit at least.
9c4a77395c5077c790355fab68e5345bb659c87293cc553f354d21e32ec95f34
Debian Security Advisory 579-1 - A buffer overflow vulnerability has been discovered in the wv library, used for converting and previewing word documents. On exploitation an attacker could execute arbitrary code with the privileges of the user running the vulnerable application.
69c769d46131fc44b4ecba2d68dcb975581f4cf2b5cf88380614ce8970ceec6c
Gentoo Linux Security Advisory GLSA 200411-02 - Cherokee contains a format string vulnerability that could lead to denial of service or the execution of arbitary code.
71fd8bfc14169f8a7ca1ff18284d2f1c6b3837a6556da7b79fedd7043d7c14cb
MaxPatrol Advisory - Land Down Under version 701 suffers from multiple SQL injection vulnerabilities and a path disclosure flaw.
f317a72ee5898739380ce812285573c9e2c582c2a35d3192ddd0beee0f9445e2
XDICT 2002 through 2005 all suffer from a buffer overrun vulnerability when attempting to examine a word for translation.
5dbe9bbe636101bf3511f4a4133795ec15b27f6ee4b0120aec355af6a8c2814a