Sambar Server version 6.x has been found susceptible to directory traversal, direct file access, and cross site scripting attacks
5467d07e39bee02ec5cbf79f55db0f1dbd67f3df5968037eed86cdcbd00981a4If any ucd-snmp version, 4.2.6 and below, is installed setuid root, a local attacker can overwrite any file using the -P and -l parameters.
1016752386d08c853e5ec5531500830362c7331f992a62a1b91766d6ec8dab73Amusing flash movie from the Electronic Frontier Foundation that illustrates how silly the RIAA is being in their war against filesharing.
42c8ea31e39549d79eeef31878e139575b7abe570a879f84eda9e1317aacf54dvthrottle is an implementation of an SMTP throttling engine for Sendmail servers, based upon M. Williamson's mechanisms, as described in his 2003 Usenix Security paper. It allows the administrator to control how much email users and hosts may send, hindering the rapid spread of viruses, worms, and spam. Exceptions can be made using a whitelist mechanism, which can be generated manually or with the included tool vmeasure.
153f4f33f318d3141ce68d6b21c2a4d19c425bdc02bffd0fceffe0f0c762791aDNSSEC Walker is a tool to recover DNS zonefiles using the DNS protocol. The server does not have to support zone transfers, but the zone must contain DNSSEC NXT or NSEC records. Optionally, it can also verify DNSSEC signatures on the RRsets within the zone.
91ef193cba0d85329de8f9d7b30b1812e9b6d021f29cad9d13d598627d7c5803Scanlogd is a TCP port scan detection tool originally designed to illustrate various attacks an IDS developer has to deal with, for a here.
0ca9acc44e8421356790d2f865236ddf7ff0ee85ff255c6f2c1b93b70899a915Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
58e197fb51af2ae398f50f9e4f08749e94e5572cc6ef82bf74b7560f4236a419GreyMagic Security Advisory GM#007-OP - It is possible to use a shortcut icon in Opera to fool users into believing that they are in a domain they trust. Tested versions which are affected: Opera 7.23 and 7.50.
aa15d941d394ef2faa0357cea8954d563f49655812e96b374eebac771eef5fcaGreyMagic Security Advisory GM#006-MC - GreyMagic discovered that by sending a maliciously formed email to a Yahoo user it is possible to circumvent the filter and execute script in the context of a logged-in Yahoo! user due to a cross site scripting flaw.
b68af6d21ce14685b4eb42ae8efb1c84859267ea5fe66cfc86989825728682c8Multiple denial of service attacks exist against various Linksys routers, causing them to need a factory reset in order to function again. Version affected: Linksys BEFSR41, BEFSR41 v3, BEFSRU31, BEFSR11, BEFSX41, BEFSR81 v2/v3, BEFW11S4 v3, BEFW11S4 v4.
db186f84f45cf2b92a997aca7c56050a81e24eb42de92b84834c222e647b14e2A vulnerability in the mkdir system utility can allow an unprivileged user to gain root privileges in UNIX 7th Edition systems. Exploit for /bin/mkdir Unix V7 PDP-11 included.
4e41e05c7bd4f54ea62b0ae08d7f52783bf2b9ebe3351bf9003ef69884cf8358Tripwire commercial versions equal to and below 2.4 and Tripwire open source versions equal to and below 2.3.1 are susceptible to a format string vulnerability an email report is generated. This vulnerability allows an attacker to execute arbitrary code with the rights of the user running the file check, which is typically root.
92e5eef21ab6cff8a801d98be62205f1d78683b06bdc07dc1cffa5141ea0a2a7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed