PIKT is a cross-platform, multi-functional toolkit for monitoring systems, reporting and fixing problems, security management, and updating system configurations. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.
627ecf7ef8fe5e44be62b2bf7485ec6381524b786b943d1eac0935a7665653aaResults from a national wardial against Jenny 867-5309. This is hilarious.
3734b36cea09dd2fb42248bcb5c55133299b43df1b2750a7c4879ab77047f5f6EarthStation 5, aka ES5 or ESV, is a P2P application that has been poorly designed in that it will allow any remote attacker to delete any shared file on a victim's system.
f0515fcc25c2d6cddf08643062f26639e1bed49f3b3c65587b3c4ecec347344aThe scrutinizer toolkit is designed to protect Web servers from HTTP (D)DoS attacks. It is a toolkit consisting of an analysis engine which analyzes Web server access logfiles in almost real time, an Apache module which is able to block wrongdoers on the Web server, an extension to block offenders with netfilter firewalls, and a set of visualization tools. The analysis engine uses statistical anomaly detection to expose offenders. The engine has to be trained with old log files so that it can adapt itself to your system.
fe8229e6e1ba3f1138f6fe88ad1f3fe367b3d0b464201a4e94efcfcf33a39440tcpick is a textmode sniffer that can track TCP streams and saves the data captured in files or displays them in the terminal. It is useful for picking files in a passive way. It can store all connections in different files, or it can display all the stream on the terminal with colors.
b39c460e7292bef3f3e8b462b3ceb1e722250020ab9f1be5d883ed01a7f3a56bSID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
c01d1b8d56664efff0d94f0b02db8ab3f2c6986ec87d293a0fe7109663e1a8d4aescrypt2 is a command line file encryption program that relies on AES-CBC-128 plus HMAC-MD5. It has been designed to be portable as well as very straightforward to use. Works on all Unix flavors and Win32.
d310253df985b110578dc1ed45bd8015b31667e1ea783c5e2264bd37598bb148Logcheck parses system logs and generates email reports based on anomalies. Anomalies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.
fb722ddc9b901ff8165599523162a4808abb71c7014e7eee6649b81b486fe487Debian Security Advisory 630-1 - Jeroen van Wolffelaar discovered a problem in lintian, the Debian package checker. The program removes the working directory even if it was not created at program start, removing an unrelated file or directory a malicious user inserted via a symlink attack.
6ac7db37422a9969a351347b8cfcb41988ff42dca564a68196053031d5375916Gentoo Linux Security Advisory GLSA 200501-12 - A bug in TikiWiki allows certain users to upload and execute malicious PHP scripts.
c8e930bf288d078f7ba1aee6ea7548678bd0ff54258fb7f89c946fc97c7dd9e7The Invision Community Blog system is susceptible to a SQL injection attack on the eid variable.
36265105588ccc92584f9456a31f92502a12abd1b33d0faae8566e5fc2d61e61Woltlab Burning Board Lite version 1.0.0 and 1.0.1e are susceptible to a cross site scripting flaw.
6de24017e17875d943c41277f135a9f35263b691c2126505a2cfda4256449ff4Mozilla version 1.6 for Windows is susceptible to a denial of service flaw due to a mishandling of xbm graphic files.
6ff0b1b45147a640d253b8b58c6eeacb62ece17d85deb91c0b3549b9d177e928iDEFENSE Security Advisory IDEF0731 - Remote exploitation of a buffer overflow vulnerability in Exim 4.41 may allow execution of arbitrary commands with elevated privileges. Exim is a message transfer agent developed for use on Unix systems. The problem specifically exists in the auth_spa_server function. The function fails to check the length of input to spa_base64_to_bits(), which decodes a Base64-encoded string into a buffer of a fixed length. This string is user-controlled and passed to the program from a remote connection.
eaea44300f4db0cc20120ac86a85bd66994a7c19f63becd2b45bbb96582896ceiDEFENSE Security Advisory IDEF0725 - Local exploitation of a buffer overflow vulnerability in Exim 4.41 may allow execution of arbitrary commands with elevated privileges. The problem specifically exists in the host_aton function. The function fails to check the number of elements it stores in a fixed size array. The elements come from a user-controlled string and are passed into the program from a command line option.
7c0cd7036f28d3c7e849872d9ef7b92e03c20512b1b2af8c6787af85d4cd56bcSPHPBlog 0.3.7c is susceptible to a directory traversal attack. Fixed in release 0.3.7r2.
e36068983fcd00d46f6dcd628206297051c8060e3793ed88228add5b177e6284
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed