ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
f420f6fd1d85f1272c4ba95244e27bb7c54c3c5dd2be5df4a01673d04169da58
Secunia Security Advisory - Gentoo has issued an update for openoffice and openoffice-bin. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
bba0adba5d9bfc7f9c5ef557dd2438ed03ea5667f5732e50f7dc5e5192e7e221
iDefense Security Advisory 07.09.08 - Remote exploitation of a heap buffer overflow vulnerability in Novell Inc.'s eDirectory could allow an attacker to execute arbitrary code with the privileges of the affected service. The vulnerability exists due to an incorrect calculation when allocating a heap buffer to store the search parameters. By passing NULL search parameters, it is possible to overflow a heap based buffer with the string "(null)". This can result in the corruption of heap management structures, and depending on the layout of the heap, possibly function pointers. iDefense has confirmed the existence of this vulnerability in eDirectory version 8.8 SP2 for Linux. Other versions may also be affected.
627e6dd7ce09a52c670678f4c422f600ab53d2e3e6fcfe6e750bf708d64d17c2
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory. Authentication is not required to exploit this vulnerability. The specific flaw exists within dhost.exe, bound by default to TCP port 524. Flawed arithmetic applied to a user-supplied value results in an integer overflow and subsequently a complete stack smash allowing an attacker to execute arbitrary code via SEH redirection.
b8fab3a9c1fe5bdfe8b5490324976c46300330796237327dfa591f6ec5ca1bcb
Secunia Security Advisory - Red Hat has issued an update for openldap. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
9d45f6ffb2a15c2815e7d5ae0f1b8d382fae1b832c8aac27d26791ea890f8094
Secunia Security Advisory - Slackware has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, disclose sensitive information, or potentially compromise a user's system.
d623e7d1a01334bed4296e331bd246f33a6203c1cb0741b50bf2807ce129478e
Python script that cracks a 256-bit WPA-PSK hash (64 char) using wpa_passphrase and a wordlist.
64f83af457754e31a3d03e207fb755e633bab664fab632e28121f6d198cb0ca0
Several cross site scripting vulnerabilities were found in within Outlook Web Access (OWA) 2003/2007. An attacker can craft a malicious email which will trigger within a user's browser. Different version of OWA and different clients (Light and Premium) have different attack vectors which can result in an attacker gaining persistent control over a victim's use of Outlook Web Access.
6205a42f3bf0ba82a7bf26ac1fb8f7a9a54e2491097c347b64ff8486727cbf74
Secunia Security Advisory - k1tk4t has reported a vulnerability in AuraCMS, which can be exploited by malicious people to manipulate certain data.
49df3bb2bbfa329c7587548d2526f2c5168c1b7baba710d4294b3083a8b892d0
Secunia Security Advisory - Hussin X has reported a vulnerability in DreamPics Builder, which can be exploited by malicious people to conduct SQL injection attacks.
004e4c7ddc5555b2944dd8b0b67e1c24eef8503c13c50ba625432a7298fd8812
Secunia Security Advisory - Fedora has issued an update for java-1.7.0-icedtea. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose system information or potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.
1cb677812b72dd44d4b8e191ebe610f2458ca5e156552c042dbd60791183560a
Secunia Security Advisory - Slackware has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
f7d24a5aec385fcd0cf7137218c19ca8435639dbd0ff55fe37698111ffdf0380
Secunia Security Advisory - Some vulnerabilities have been reported in vbDrupal, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, session fixation, SQL injection, and script insertion attacks.
7af3d48a96f80b18c6b39f2d401d09e2246437871b81d710cb5b9a6e5edf1397
Secunia Security Advisory - Gentoo has issued an update for nx. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
d720095f588dbadd7b20e295ce24eee335c13070fd9c3c397a1a7113333264e6
Secunia Security Advisory - Gentoo has issued an update for apache. This fixes a some vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery attacks and cause a DoS (Denial of Service).
1824580692839faaaaa91c644edd7adec1f0b126ce0ec6260fefbfba8c519c35
Secunia Security Advisory - Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, session fixation, SQL injection, and script insertion attacks.
592fd9632da540ec09596b2729ae2c750ac46f9daa38f5d013f1de6c47a51105
Secunia Security Advisory - A vulnerability has been reported in Infoblox NIOS, which can be exploited by malicious people to poison the DNS cache.
cfa0a209bd2314cd0ad262d62d38c77e9933b93c02d94cd500b80cd3a8538ab6
Secunia Security Advisory - A vulnerability has been reported in Nixu Secure Name Server, which can be exploited by malicious people to poison the DNS cache.
6158abd92f736f6c1c41b241404b27ff6eaa9b48383ddb2b11fc48e064b2d3c0
Secunia Security Advisory - A vulnerability has been reported in some Sophos products, which can be exploited by malicious people to cause a DoS (Denial of Service).
9004dd169b1ed6c7659568507847ba051564f157b00de3548cc9f420a3780862
gapicms version 9.0.2 suffers from a remote file inclusion vulnerability.
5b85676724985ad2a1eb250ccd6d87902782fcf9c4daeed8f4317efd19663860
phpDatingClub suffers from a local file inclusion vulnerability in website.php.
3e18f03c175ccb6f59fcbe4f2150f91405040e958817805d174bbbbee0a8ba6f
The DreamNews Manager is susceptible to a SQL injection vulnerability.
98732797b4dcb4c761bc0e1f76e53fbced654cf7cd8ed204d54367fb1acc1cfd
Gentoo Linux Security Advisory GLSA 200807-07 - Multiple integer overflow and buffer overflow vulnerabilities have been discovered in the X.Org X server as shipped by NX and NX Node (GLSA 200806-07). Versions less than 3.2.0-r3 are affected.
de5dcf9d37e34e1ca625be05a6241f4dfac3593a33c3c3e46bdf53fcc1b1075d
Gentoo Linux Security Advisory GLSA 200807-06 - Multiple vulnerabilities in Apache might lead to a Denial of Service. Versions less than 2.2.9 are affected.
f81470d25768f8c79f9875c31bea172f9710de2892364cb602d9c02db8e85a6c
Gentoo Linux Security Advisory GLSA 200807-05 - Sean Larsson (iDefense Labs) reported an integer overflow in the function rtl_allocateMemory() in the file sal/rtl/source/alloc_global.c. Versions less than 2.4.1 are affected.
56902be5c5e213a71bea6f352a05ba6fb8539b4595fbd903b4dd774ddbc86008