PIX Logging Architecture is a project allowing for correlation of Cisco PIX Firewall traffic, IDS, and informational logs. It parses Cisco PIX logs from syslog files, then pushes the parsed data to a database. It contains a Web-based front end for displaying and searching the Cisco PIX Firewall logs.
7acfcd8b49939dabb88c407d381b67bea6040cbcc34c4daf647db0ff9a19f225Multiple problems exist on support.msn.com, permitting to a possible attacker to conduct phishing attacks against a user.
73be9442c86ee5ea2be804b72d2cf52f4441182605f16d4c1aa0138aab4795eaosTicket versions 1.3.1beta and below suffer from SQL injection and file inclusion flaws.
062203da452a48183dabb5fa5083266edff71537df530e644965fbe3d188be59SpamAssassin is a mail filter to identify spam. Using its rule base, it uses a wide range of heuristic tests on mail headers and body text to identify spam, also known as unsolicited commercial email.
2195151ae9ccdb5e0e8a24cccf8186902b84289fc2a43f3d95bbd483d1f72142Debian Security Advisory DSA 736-1 - A vulnerability was recently found in the way that SpamAssassin parses certain email headers. This vulnerability could cause SpamAssassin to consume a large number of CPU cycles when processing messages containing these headers, leading to a potential denial of service (DOS) attack.
f3b700e578e892727fa2bf59c0b378c378962a8ef3b57358fc301295ad1a29c7Debian Security Advisory DSA 735-1 - A local user who has been granted permission to run commands via sudo could run arbitrary commands as a privileged user due to a flaw in sudo's pathname validation.
5e7dd410c5cdacd22e519121fd56132756f0ff0d38859de1ff91cb0691b46656PHPXMLRPC is vulnerable to a very high risk remote PHP code execution vulnerability that may allow for an attacker to compromise a vulnerable webserver. The vulnerability is the result of unsanitized data being passed directly into an eval() call in the parseRequest() function of the XMLRPC server. Versions 1.1 and below are affected.
d532a52f4c4eceb2ed9ed85e0b453c9a1a6711801fbca08c4ff753d2696e5281PEAR XML_RPC is vulnerable to a very high risk PHP code injection vulnerability due to unsanitized data being passed into an eval() call. Versions 1.3.0 and below are affected.
3793d7664e029e03c9787f198abb53e4415460735b9d7326c818daf85564aa6aSecunia Security Advisory - Lachlan. H has discovered some weaknesses in Golden FTP Server Pro, which can be exploited by malicious users to gain knowledge of various information.
a1ad5db500acfee4c6201f033027ce45fbfc3cafff5dfb304a5163021bab4616Secunia Security Advisory - A vulnerability has been reported in NetBSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
4c572f6258c5604a7be9d68632589c3878f65abb10f95ca1d36dd5dee1186e8fSecunia Security Advisory - James Bercegay has reported a vulnerability in phpAdsNew, which can be exploited by malicious people to compromise a vulnerable system.
0cbedfc63eb00cb1e4acca0bbf31a701db5091679ba8aa675cec9b653f28fe5eSecunia Security Advisory - A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.
425a315aa3f738c3bf6292bb477cd0d1976d3fbe1e08bca2de1d26d22d08b353Secunia Security Advisory - Tri Huynh has discovered two vulnerabilities in Prevx Pro 2005, which can be exploit to bypass security features provided by the product.
60a3f57f3ef56dc2f8502e224eee68398e3f9b27f11ae4481fb0ab88b434c172Secunia Security Advisory - SEC Consult has reported a vulnerability in Microsoft Internet Explorer, which potentially can be exploited by malicious people to compromise a user's system.
82b5420eab5431eb4bc2df098e5f532ad1c4d2479890c3fc17adb90c7f8c7f13Secunia Security Advisory - A security issue has been reported in SSH Tectia Server and SSH Secure Shell for Windows Servers, which can be exploited by malicious, local users to gain knowledge of sensitive information.
1d63a4bb1e7298d043c857a27132db074cd4dff3706a392bb98bffb9a907a35aSecunia Security Advisory - A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system.
e4f257b4639b629fba205d38eca06cf2d8948f9dcf7876f16f8909160e3bbf0dPacket Storm new exploits for June, 2005.
d7e9bdff78e3d99aaed825d2513b460e33ca950aba15e75021709f5b2bb516a9NetBSD Security Advisory 2005-001 - The Pentium CPU shares caches between HyperThreads. This permits a local process to gain a side-channel against cryptographic processes running on the other HyperThread. Testing for cached data can be accomplished by timing reads. Under some circumstances, this permits the spying process to extract bits of the key. This has been demonstrated against OpenSSL.
1b841f93dab7671b35f142bbbc58e744bd20646981c20572bd1835e0628b395cAn error in Microsoft Windows NTFS driver code causes the file system to incorrectly assign disk blocks to files before they have been initialized. Following a recovery from a system shutdown, uninitialized data may be visible in files from previously allocated disk blocks.
19a6813bec80b15a790ba4bf91503c452214f0dd11e222e2104658130b26d1f5Debian Security Advisory DSA 733-1 - Justin Rye discovered that crip, a terminal-based ripper, encoder and tagger tool, utilizes temporary files in an insecure fashion in its helper scripts.
eb99e39c5b9424f5d9cdb42cb81a156c69a61f9565b939d18a9e3c5e1a1d041cFreeBSD Security Advisory FreeBSD-SA-05:15 - Two problems have been discovered in the FreeBSD TCP stack. First, when a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection. Second, a TCP packet with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options.
30663ff4e4d6e6643116559b25a849f751e84dc20b68d90c0261a28842688ff7FreeBSD Security Advisory FreeBSD-SA-05:14 - Two problems have been discovered relating to the extraction of bzip2-compressed files. First, a carefully constructed invalid bzip2 archive can cause bzip2 to enter an infinite loop. Second, when creating a new file, bzip2 closes the file before setting its permissions.
81c864494c3fb7c1777f84c50d2ea5e1bb96b674001417c3e3f9e573fb1005a0FreeBSD Security Advisory FreeBSD-SA-05:13 - The ipfw tables lookup code caches the result of the last query. The kernel may process multiple packets concurrently, performing several concurrent table lookups. Due to an insufficient locking, a cached result can become corrupted that could cause some addresses to be incorrectly matched against a lookup table.
6b7aa2a12074c968569303a922ef2f40cc26ef0aef04894d3fd3b9ebce0d5e08A flaw has been discovered in the third-party XML-RPC library included with Drupal. An attacker could execute arbitrary PHP code on a target site.
c23af80afccc28c6e386c2d9c57c08cb7dcd67c51b1bdbfd76ab901c28db1291Kuba Zygmunt discovered a flaw in the input validation routines of Drupal's filter mechanism. An attacker could execute arbitrary PHP code on a target site when public comments or postings are allowed.
3cde9b7af7d34c526f434457021465af93437a68f76031f5ab71ab278732d190
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed