Pandora is a monitoring system designed to watch systems and applications. It allows auditing of any element of a system, from a network interface being down to a defacement in a web site. Included in this tarball are PandoraFMS_Agent_UNIX-1.2.0.tar.gz, PandoraFMS_Agent_Windows_src-1.2.0.zip, PandoraFMS_Console-1.2.0.tar.gz, PandoraFMS_Documentation-1.2.0.zip, PandoraFMS_Server-1.2.0.tar.gz, and PandoraFMS_Windows_Agent_Setup-1.2-0.exe. These files make up the server, web console, and various agents to be used in the PandoraFMS.
dd690d510b277c38e2493ebedc80eb6bb78639a11af4a83db4ba863f16782723p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
32e1f026dd57ab647074756629038bd5a27a8e6656915da975aca3b0f3a7ca75Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
702cb5928bff3d0e647a4a6b505d434e3a0f10f2af74bddac5239a200b92d1e2Gentoo Linux Security Advisory GLSA 200612-10 - Tar does not properly extract archive elements using the GNUTYPE_NAMES record name, allowing files to be created at arbitrary locations using symlinks. Once a symlink is extracted, files after the symlink in the archive will be extracted to the destination of the symlink. Versions less than 1.16-r2 are affected.
07a25607b09e3b1f875e1084111e15847459500d6d338d883096613879c0fc03Mandriva Linux Security Advisory - A stack overflow in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion.
da1868ee50acc326997dc3fd859be00a6f61c1dddcd95047aa9f6596928656cfMandriva Linux Security Advisory - Multiple cross site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the mailto parameter in webmail.php, the session and delete_draft parameters in compose.php, and unspecified vectors involving "a shortcoming in the magicHTML filter."
f780fe058ce85352014c4edd201ec80a122360a88b9dab812c245504a3efbfc4The Web Application Security Consortium is proud to present 'MX Injection: Capturing and Exploiting Hidden Mail Servers'. This article discusses how an attacker can inject additional commands into an online web mail application communicating with an IMAP/SMTP server.
94bd8b84698e67eb59003ab5d105584a50366e226a59e7e88a6db217ff2cff30IBM WebSphere Host On-Demand (HOD) versions 6.0 through 9.0 suffer from a URL manipulation flaw that allows for administrative bypass. Version 10.0 may also be susceptible.
180a9ffd130b03530479c964bd2cae0050e0dfb3941fd1a11f5377d5f5296248The D-LINK DWL-2000AP+ with firmware version 2.11 is prone to two remote denial of service vulnerabilities because it fails to handle arp flooding.
87d03a41d7205746c6fdc2717648002c7605bc5def176cb29db02f70e7827bcfShopSite Shopping Cart suffers from a cross site scripting vulnerability.
af6ff849547eafbfd51d7e61b7468e9b5b678af80f18a74128bf85e483dd385dFFsniFF is a simple Firefox extension, which transforms your browser into a html form sniffer. Every time the user clicks on a 'Submit' button, FFsniFF will try to find a non-blank password field in the form. If it's found, the entire form (including the URL) is sent to the specified e-mail address. It also has the ability to hide itself in the 'Extensions manager'. This extension is meant to be as an example of the 'evil side of Firefox extensions'.
24faaf389eddc1d65202e4423d05fb29d55aadacf2cb93c14251101a81a742f8Secunia Security Advisory - Mandriva has issued an update for gnupg. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
ab90be0d3dccb9b07d3e218ca088072a7aef24dd59d5c7899f1b0a79cb32f113Secunia Security Advisory - Mandriva has issued an update for kdegraphics. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).
bade2254667b8ef6c09e9a4a669488d92a41fb7bcd524ee7048a3d7761b723b6Secunia Security Advisory - Gentoo has issued an update for emul-linux-x86-baselibs. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
4cc82eed87d5f071eb92b7e1a49ec7f34e9f723ce666d493f81c2210a595e416Secunia Security Advisory - Some vulnerabilities have been reported in Bluetrait, which can be exploited by malicious people to conduct SQL injection attacks.
56d88eca514d2a4c30d73d74a45c15a26c991b9db84912f38ba0b6393c01ec00Secunia Security Advisory - Mr_KaLiMaN has discovered several vulnerabilities in AnnonceScriptHP, which can be exploited by malicious people to disclose sensitive data, conduct SQL injection and conduct cross-site scripting attacks.
b8df3a4f0ef3b2da8393fb3fabcf65c832565cc3d69ffb7c0096a2ab1d58571b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed