radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
0464f7fbe4cadf2e6a0436a8011ed2a328885970bc8a0d5964f897f8053a31a2Secunia Security Advisory - A vulnerability has been reported in syslog-ng, which can be exploited by malicious people to cause a DoS (Denial of Service).
eb07055e12d4a30dc4a2fe898a674fcd90941222ff174e2a4175959452df598aSecunia Security Advisory - Peter
2807e35be1f76e627988cf66f39635e2418e2adf99c1fd50a5e6288ac9a93e26Mambo version 4.6.2 suffers from cross site scripting vulnerabilities.
f6dc3edf5b7fa7cefd5202b252ec8aab54ee34d60a7ae79c37d3c9e8a0c463a5Phearless Serbian/Croatian Security Magazine Issue #07 - In this issue: Symbian OS EXE Applications, Theory of dissasembling, Alex Protector 1 beta2, Symbian OS Crackme 0x01, NULL Pointer bugs in Linux kernel, Windows kernel - keyboard independent - keylogger, Hiding Processes Using Windows Drivers, Exploitation chitchat.
e9adfc7c678db387c73b81f31f2559a940c4b996cc5e42b8cffb568c4168f9d9iMesh versions 7.1.0.x and below IMWebControl Class remote heap exploit that takes advantage of IMWeb.dll 7.0.0.x.
bda7d1cdc934e1f0e4484e108927329c7550e60068d4168673d120bed0940cf7SyScan 08 Call For Papers - The Symposium on Security for Asia Network aims to be a very different security conference from the rest of the security conferences that the information security community in Asia has come to be so familiar and frustrated with. SyScan is a non-product, non-vendor biased security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and experience with all security enthusiasts in Asia.
026b7f20af4e971c9400f7404218003f300d2ca7545f24a716883c740567108bThe Appian Business Suite version 5.6 SP1 is vulnerable to a remote denial of service attack due to the way it handles packets on port 5400.
1f76c468925aedc32d38a0fdccfc67624b22ef52612446a33b31e5cc5b433621Secunia Security Advisory - Fedora has issued an update for autofs. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
e85da95e1e39977e8167f42402c3c25a64803945e7b26576fd41d71404b5e1edSecunia Security Advisory - Two vulnerabilities have been reported in Flyspray, which can be exploited by malicious people to conduct cross-site scripting attacks.
30fe8118504ac96e0ebcc2205c464e930e5e53ad8eeccd54949d76222abdb7f1A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard HP-UX operating system. Authentication is not required to exploit this vulnerability. The specific flaw exists within the function sw_rpc_agent_init (opcode 0x04) defined in swagentd. Specific malformed arguments can cause function pointers to be overwritten and thereby result in arbitrary code execution. HP-UX version 11.11 is affected.
1abafcb5cb1fcc5bbd807612d35e37e220db81abb0400e3292c7281a2cc6fb90A vulnerability allows attackers to execute arbitrary code on vulnerable installations of St. Bernard Open File Manager. Authentication is not required to exploit this vulnerability. The specific flaw resides in the Open File Manager service, ofmnt.exe, which listens by default on a random TCP port near 1000. The process blindly copies user-suppled data to a static heap buffer. By supplying an overly large amount of data, an attacker can overflow that buffer leading to arbitrary code execution in the context of the SYSTEM user. Open File Manager version 9.5 is affected.
64ae02d00f58cfdda007a487a6a7df5708c57c0600a56093e907ea52016a4852Vulnerabilities allow attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit these vulnerabilities. ServerProtect version 5.58 is affected.
6ad2eeb8a167a376f36d22822c5d9585abd6c666dd64e97382620b09b3251985Apple Mac OS X Software Update suffers from a remote command execution vulnerability. Full Metasploit module included.
1852939fa989f4ddf6144fb1874a746c14013a7706681e093ad78115be9ffd22Uber Uploader versions 5.3.6 and below suffer from a remote file upload vulnerability.
b6fdcb29513ea6a4a4faf2b21cd068e29a845194746c8b6132813b18d9ce48c3SurgeMail version 38k4 webmail Host header denial of service exploit.
49a73d329f08f1ae216aa0a1afcac1586fb07eb9337bcfd4563e094053c43addRaidenHTTPD version 2.0.19 ulang command execution proof of concept exploit.
673b614fe243897edcb2b2bdcbd71a1f52312222617148de6b1adb3a887a63acDemonstration exploit for PeerCast versions 0.1217 and below which suffer from a heap overflow vulnerability.
0b9f764854210167395cb576016f5581ea8c30f1c473288dee8c466e18c0f1f3PeerCast versions 0.1217 and below suffer from a heap overflow vulnerability.
b7e8b92014009079c464945496a557d99471ea50032928b5fef1806fbaef290bjetAudio version 7.0.5 COWON Media Center MP4 stack overflow exploit that spawns a shell on port 49152.
9966a3a61937c6205c492ff0838deb98091014de1060c911ebd623b8a2a26d2dThe Universal Hooker is a tool to intercept execution of programs. It enables the user to intercept calls to API calls inside DLLs, and also arbitrary addresses within the executable file in memory. The Universal Hooker tries to create very simple abstractions that allow a user of the tool to write hooks for different API and non-API functions using an interpreted language (python), without the need to compile anything, and with the possibility of changing the code that gets executed when the hooked function is called in run-time.
ad86281fae764946fa8c1dc1ab5897782191ffbe6896063de3efe371de9371bcsyslog-ng Open Source Edition versions below 2.0.6 and Premium Edition versions below 2.1.8 suffer from a denial of service vulnerability.
9621233c56ba9215cc1f498947ba24ca3cee28eb2becbd870b1a7eb6b1855480This patch backdoors and logs credentials into /tmp/.X11-map-enGB for OpenSSH 4.6p1. It is an update to the incSTK_ssh_client_trojan.
9f2909091cd02ea54266393bb947b6d0d6ed8c57886efd5197db154b5e3a4a5cFreeWebShop versions 2.2.7 and below remote admin password grabber exploit.
d7d88ab38b5769de456c878d45893e4515fa013bdfcb5240adfbaf5ea40cf5aaneuron news version 1.0 suffers from SQL injection and cross site scripting vulnerabilities.
3d8d9aefae55f94833c7185845e366e2e62989acbf442d79e1d694b458ea2405
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed