Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
2547978065347491bfd36aeeb4da7017b11b08670603270309246595b4d67ca6Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
12aa8e7506120af5d3dfb3a07869450f492f876d99f18d9f623d17120ac2475dPrelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
545d62181c6771db173fe746b0b19bbd69b5a939ad19e50b9464e604ea58c52eDNSSEC Walker is a tool to recover DNS zonefiles using the DNS protocol. The server does not have to support zone transfers, but the zone must contain DNSSEC NXT or NSEC records. Optionally, it can also verify DNSSEC signatures on the RRsets within the zone.
25c66ce7354d03287825452af6bc650a5e565a2bcd2347852c08bd2d5fae9fbdPlash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.
c1730657c910aacbef86fa23d3c0b9099cc0c4bc1b90989949ce4450b84d20b4fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
1a3db5f2e2e6ce86ed40c3650a3ac8263074d2683f7116fb900836068593d41cNetwork Security Policy Compiler (NetSPoC) is a tool for security management of large networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware - a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.
0d67531e902496a5cb011e9f0ca57847f06d4f64bf59c08c6325cfc000786ce2Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
44243b013df855799ad2810e2a1d88baa18ca8486a86f6b87edc7f1b2729a417Yersinia implements several attacks for the following protocols: Spanning Tree (STP), Cisco Discovery (CDP), Dynamic Host Configuration (DHCP), Hot Standby Router (HSRP), Dynamic Trunking (DTP), 802.1q and VLAN Trunking (VTP), helping a pen-tester with different tasks.
b62424a84bd94b55f8bae9867c037a68e293c27a4e6c852eee6294a673d550beUbuntu Security Notice USN-184-1 - David Watson discovered that umount -r removed some restrictive mount options like the nosuid flag. If /etc/fstab contains user-mountable removable devices which specify the nosuid flag (which is common practice for such devices), a local attacker could exploit this to execute arbitrary programs with root privileges by calling umount -r on a removable device.
be93a78c66efc846eede8be1dc0eb294490e16bd4d9e11002699104671b0e5b1Gentoo Linux Security Advisory GLSA 200509-13 - Clam AntiVirus is vulnerable to a buffer overflow in libclamav/upx.c when processing malformed UPX-packed executables. It can also be sent into an infinite loop in libclamav/fsg.c when processing specially-crafted FSG-packed executables. Versions less than 0.87 are affected.
5e2c7337c6e41d35f4d83f4502979fa959f429a1ba6b11d3dcbf90cda71c0d39Gentoo Linux Security Advisory GLSA 200509-12 - mod_ssl contains a security issue when SSLVerifyClient optional is configured in the global virtual host configuration (CVE-2005-2700). Also, Apache's httpd includes a PCRE library, which makes it vulnerable to an integer overflow (CVE-2005-2491). Versions less than 2.8.24 are affected.
a3b8bf8a9ed588fcf293e0f39c75f16aebcec3ebad2d43c5b100569496f78336Gentoo Linux Security Advisory GLSA 200509-11 - The Mozilla Suite and Firefox are both vulnerable to a buffer overflow while processing hostnames containing multiple hyphens. Note that browsers that have disabled IDN support are immune to this flaw. Versions less than or equal to 1.0.6-r6 are affected.
e2ddda670fca270b023918ae6376910370295f5b74fca04c5f46add1e5036841Alstrasoft Epay Pro versions 2.0 and below suffer from a directory traversal vulnerability. Exploitation details provided.
c750901229e42af7fda79c40bb063a109c9fb0152e9e851df5b6334e636f9510vBulletin versions 3.0.9 and below suffer from multiple SQL injection, cross site scripting, and arbitrary file upload vulnerabilities. Detailed exploitation provided.
c3bcb2d3c9990bc14acdbf2184f8f5317dab7ab4b3ed24c892e060b960fbbca2CuteNews version 1.4.0 remote code execution exploit. Earlier versions may also be susceptible. Flaw makes use of a lack of user input sanitization.
e9aae7c302b815f34a35f760a4578958fff6901febce6ebfa4e1b8bc73c3257fTAC Vista version 3.0 is susceptible to a directory traversal vulnerability. Exploitation details provided.
37ff2096e720eb5aa6bfe97bfabd2f99ed6f563e8ec52370138ea2234ca0b250PHP Session versions 3.x and 4.x are susceptible to a user login bypass vulnerability due to sharing session id information in the same location for multiple instances.
2a9e0f07429c4df5c6fcbef536321945931afbe922a19dbbf82e09b5391c2f74It appears that the use of a Reverse Character via unicode will allow for some negative side affects in portals like Orkut, Invision Power Board, etc.
fbdee435da38ceed5fc93cfff9ca855395c53c32ca7ffaca777d17b83e35aa45Avocents CCM console server has a flaw which enables users to bypass access control by using ssh with standard password based authentication. Tested on S/W Version 2.1, CCM4850.
d015b3ec967178a10f8a428777c7574d16032315ea1b85d776379013351c5708Gentoo Linux Security Advisory GLSA 200509-10 - The imap4d server contains a format string bug in the handling of IMAP SEARCH requests. Versions less than 0.6-r2 are affected.
a8c421a3e9c515c32db8d5286521230dba7afdc0aca36e92215ac0e4fc22ddc3Gentoo Linux Security Advisory GLSA 200509-09 - Arc Riley discovered that Py2Play uses Python pickles to send objects over a peer-to-peer game network, and that clients accept without restriction the objects and code sent by peers. Versions less than or equal to 0.1.7 are affected.
51512c8498bc3a3821fa4a44523f9326ef1cd0070c89130667a4ccd2f5fd00abDigital Scribe version 1.4 is susceptible to login bypass, SQL injection, and remote code execution attacks. Exploitation details provided.
6eb41799cc1101ced30129ff7c11dd6f995b290fc4edb183e16ef20ef0889388HP LaserJet printers have an extensive administrative user interface that is provided over SNMP. Pinion has discovered that HP LaserJet printers store information regarding recently printed documents. Information such as document name, title, number of pages, document size, user who has printed the document and the machine name where the print job was initiated can all be extracted via SNMP. Exploit provided. HP LaserJet 2430 is verified vulnerable.
05d0039b4bbc9f489d2f36b9ee57d0cc22a0fc181e945e9ae6fc339bb43387e0Airscanner Mobile Security Advisory #05081203: vxTftpSrv version 1.7.0 suffers from a buffer overflow vulnerability when supplied with an oversized filename.
01bad2cb9555f1c18e041e919c1f2a2527288cda767a957b776b912e7ec20e4e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed