exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 69 RSS Feed

Files from Andrea Barisani

Email addressandrea at inversepath.com
First Active2001-07-11
Last Active2023-06-09
Tenshi Log Monitoring Program 0.12
Posted Sep 18, 2010
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: FIFO read bugfix and opensuse rpm spec, see Changelog.
tags | system logging
systems | unix
SHA-256 | 953bbad01cb03674ab6135b70f707467ccd55dd1b8cb7257f1f49473d7767920
Open Source CERT Security Advisory 2010.3
Posted Sep 18, 2010
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

Free Simple CMS versions 1.0 and below suffer from a remote file inclusion vulnerability.

tags | advisory, remote, file inclusion
SHA-256 | 1f0bab6915c38374d04f3409e9cca75897c9d33487ecd6ea9df084d256e824ca
Open Source CERT Security Advisory 2009.19
Posted Dec 17, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

Ganeti versions greater than and equal to 1.2.9, 2.0.5, and 2.1.0-rc2 suffer from an arbitrary code execution vulnerability.

tags | advisory, arbitrary, code execution
advisories | CVE-2009-4261
SHA-256 | 38ad9fb8176a29c49ef7d6bc05a8b7d39a8a5f0fd8c68eab4b4ac8fe36fc89c9
Open Source CERT Security Advisory 2009.17
Posted Dec 1, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

PHP versions prior to 5.3.1 suffer from from several bugs that may pose a security risk. Issues such as buffer overflows, arbitrary memory reads, and more have been addressed.

tags | advisory, overflow, arbitrary, php
SHA-256 | c307d37e34d7297809aa54256b01c4c1dc7a04599f485122ab50a3cb3b7c3401
Open Source CERT Security Advisory 2009.15
Posted Oct 28, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

KDE suffers from multiple insufficient validation vulnerabilities that can result in the execution of active content. Versions below 4.3.2 are affected.

tags | advisory, vulnerability
SHA-256 | ecdec1474c60e06f8d03ae23981515ca996b2e57443237988e158fc66e77b190
Open Source CERT Security Advisory 2009.14
Posted Oct 5, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

All Android 1.5 RBxx versions suffer from two denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
advisories | CVE-2009-2999
SHA-256 | c995af456c843424b240f60482ba90ae28845ebea4d06ffb4d5017efb6ce1227
Open Source CERT Security Advisory 2009.13
Posted Sep 10, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

yTNEF, an open source filter program that decodes Transport Neutral Encapsulation Format (TNEF) e-mail attachments, and the Evolution TNEF attachment decoder plugin suffer from directory traversal and buffer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
SHA-256 | 80741074c87446822e602dc6983c0d6583846d23887b4bd2bf282906fe5d80a3
Tenshi Log Monitoring Program
Posted Jul 20, 2009
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Multiple bug fixes and resolve feature.
tags | system logging
systems | unix
SHA-256 | 68640aa0222c406ac5779aa923ff6eb803a2686f3bc9dbf6c05f30e8f42d668c
Open Source CERT Security Advisory 2009.11
Posted Jul 17, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

Android, an open source mobile phone platform, improperly checks permissions when applications access the camera and audio resources. All 1.5 GRBxx versions are affected.

tags | advisory
advisories | CVE-2009-2348
SHA-256 | 4b7c6f448acecc2ccbd344ea7c61afdac0b498f3432e5044a92d1cb41fd80890
Open Source CERT Security Advisory 2009.12
Posted Jul 13, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

The libtiff image library tools suffer from integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The libtiff package ships a library, for reading and writing TIFF, as well as a small collection of tools for manipulating TIFF images. The cvt_whole_image function used in the tiff2rgba tool and the tiffcvt function used in the rgb2ycbcr tool do not properly validate the width and height of the image. Specific TIFF images with large width and height can be crafted to trigger the vulnerability.

tags | advisory, overflow, arbitrary, code execution
advisories | CVE-2009-2347
SHA-256 | 9e9c7deaec9dd58d4d77399f154f17a206dba8d37ca5edc54e61b7f12217a6ad
Open Source CERT Security Advisory 2009.8
Posted Jul 6, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

Dillo, an open source graphical web browser, suffers from an integer overflow which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by HTML pages with embedded PNG images, the Png_datainfo_callback function does not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability. Versions 2.1 and below are affected.

tags | advisory, web, overflow, arbitrary, code execution
advisories | CVE-2009-2294
SHA-256 | 0a9bd01bbd35cd229feb029c2a84091f982b71b8dbf99cb85b892b57eae472c1
Open Source CERT Security Advisory 2009.7
Posted Jul 6, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

FCKeditor, a web based open source HTML text editor, suffers from a remote file upload vulnerability. The input of several connector modules is not properly verified before being used, this leads to exposure of the contents of arbitrary directories on the server filesystem and allows file uploading to arbitrary locations. The affected code is remotely exposed before authentication. An attacker can exploit this vulnerability to install remote shells on the victim server among other things, it should be noted that this vulnerability is being actively exploited in the wild. Versions 2.6.4 and below are affected.

tags | advisory, remote, web, arbitrary, shell, file upload
advisories | CVE-2009-2265
SHA-256 | e8fb00e2c1d4004e9c9d5b6c8091560a3a8bc7b786b95c5a80061e93d79b8354
Open Source CERT Security Advisory 2009.9
Posted Jul 2, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

CamlImages versions 2.2 and below suffer from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by PNG image parsing, the read_png_file and read_png_file_as_rgb24 functions do not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability.

tags | advisory, overflow, arbitrary, code execution
advisories | CVE-2009-2295
SHA-256 | 6bce357007801b08db39f99787240e44b3e48ab2eb8fd2ac497872dcab4f8b7e
Open Source CERT Security Advisory 2009.4
Posted May 11, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

AjaxTerm suffers from a session id collision vulnerability. Versions 0.10 and below are affected.

tags | advisory
SHA-256 | a26a4d03be722182ca819bc2bda3f25b415f54ecefc7b262acaebd030d3024e0
Open Source CERT Security Advisory 2009.3
Posted Mar 24, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

LittleCMS, an open source color management engine, suffers from several integer errors, resulting in stack based buffer overflows and various heap errors as well as dangerous memory leaks. Decoding a specially crafted image file will result in unexpected process termination, Denial Of Service conditions or arbitrary code execution due to stack overflow. Versions 1.17 and below are affected.

tags | advisory, denial of service, overflow, arbitrary, code execution, memory leak
advisories | CVE-2009-0723, CVE-2009-0581, CVE-2009-0733
SHA-256 | 5d153924342e064a181f332c2fe5c861183cf0ba99258a99b23ce5e1958ba492
Open Source CERT Security Advisory 2008.13
Posted Sep 29, 2008
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

The MPlayer multimedia player suffers from a vulnerability which could result in arbitrary code execution and at the least, in unexpected process termination. Three integer underflows located in the Real demuxer code can be used to exploit a heap overflow, a specific video file can be crafted in order to make the stream_read function reading or writing arbitrary amounts of memory. Versions 1.0 RC2 and below are affected.

tags | advisory, overflow, arbitrary, code execution
advisories | CVE-2008-3827
SHA-256 | f47bbc552774c9b5545581209953d5f8219b79416c8f70eb63e89a8fd31e6423
Open Source CERT Security Advisory 2008.7
Posted Jul 10, 2008
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

The Poppler PDF rendering library versions 0.8.4 and below suffers from a memory management bug which can allows for arbitrary code execution.

tags | advisory, arbitrary, code execution
advisories | CVE-2008-2950
SHA-256 | 0f357fc416cd3be3d0207302a38ee42eb9121ef982844b3425f2e54b4376193c
snmp-spoof.txt
Posted Jun 11, 2008
Authored by Andrea Barisani | Site ocert.org

Some SNMP implementations include incomplete HMAC authentication code that allows spoofing of authenticated SNMPv3 packets. Net-SNMP versions equal and below 5.4.1, 5.3.2, and 5.2.4 are affected. All versions of eCos and UCD-SNMP are affected.

tags | advisory, spoof
advisories | CVE-2008-0960
SHA-256 | ff4e903a00dd6d273a0bb7e2abb1a38e4e9b9f70707af856d4c0989f041b050e
Open Source CERT Security Advisory 2008.4
Posted Apr 17, 2008
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

The reference speex decoder from the Speex library performs insufficient boundary checks on a header structure read from user input, this has been reported in oCERT-2008-002 advisory. Further investigation showed that several packages include similar code and are therefore vulnerable.

tags | advisory
advisories | CVE-2008-1686
SHA-256 | 92ed6546867cd33c0088b7bc15e55f53e67e063a9ac84ec56cc42ae501ff00f3
Tenshi Log Monitoring Program
Posted Mar 14, 2008
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Multiple bug fixes and some improvements.
tags | system logging
systems | unix
SHA-256 | b57dd0c23f222c28d017394c57277d1e1077fddcfd6b5930bc0a43b4f082b432
Tenshi Log Monitoring Program
Posted Oct 6, 2007
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Improved debug messages, fixed buggy multiple tail processes handling.
tags | system logging
systems | unix
SHA-256 | 64e1f51e6dacc0a2d6a8e34bcdc18ef271f69110a1da8921e98c557f4c071dba
Tenshi Log Monitoring Program
Posted Sep 19, 2007
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Added tail_multiple option, added csv option for comma separated output to custom parser, merged tailargs and filterargs features in tail, filter ones, added FAQ file, another round of rpm spec fixes + fd leak fix.
tags | system logging
systems | unix
SHA-256 | a18dd7b7c40a4804421efd5666adff226e348c03cdb658e3dd530dff8888065a
Tenshi Log Monitoring Program
Posted Aug 21, 2007
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Fixed some rpm spec issues. Added support for queue escalation.
tags | system logging
systems | unix
SHA-256 | f8cc4600a25fc085cd5e3b9af07afd6c0b4607569dde134226e4dd928228c171
Tenshi Log Monitoring Program
Posted Mar 20, 2007
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: fifo option can be specified multiple times, logfile and fifo mode can be simultaneous, added sort_order option, added listen option for syslog server mode, see Changelog for full details.
tags | system logging
systems | unix
SHA-256 | 7c47d86205354a3ef578815482374f7bab3450b2bea08621dcbde639bfda768d
Tenshi Log Monitoring Program
Posted Oct 4, 2006
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: added group_host feature for selective hostname matching
tags | system logging
systems | unix
SHA-256 | 4d729d41b420e1075f78cdd31d2d0302ea9433cea9aae8ec2adc90da8e1f5696
Page 2 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close