SpamAssassin is a mail filter to identify spam. Using its rule base, it uses a wide range of heuristic tests on mail headers and body text to identify "spam", also known as unsolicited commercial email.
5215f2cf8a5eb47af16a7419f260aee06ca28f1c05df6c33be63d274f6c1c2a7libpng version 1.2.5 is susceptible to stack-based buffer overflows and various other code concerns.
9fc510600a44d8e31608573552503b13a04a1c01395734a87d480c64618ef40cfwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
9650502e2cea77f436fb0a866d6d49819e7bc22e6d8bb0817da57228f1fb6604GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.
e7fd87dd6a1343aea742814e47d7a04ffccc0d051817c916fab4657bea45b034Technical Cyber Security Alert TA04-217A - All applications and systems that use the libpng library versions 1.2.5 and below are susceptible to several vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system.
2e6b583e3cd882338a1877dfdce7abe25d050a36cd02d978497fe119a07f1f64Free Web Chat suffers from both denial of service and resource allocation bugs.
b362a9f9b51a02212145eb681c34e6703a1ce8028a93fa4e37eeca36ea288982thttpd version 2.07 beta 0.4 on Windows is susceptible to a directory traversal attack.
8ce037e5fde72e96c8c9a8d297d49ac93812fff192124870c7ada125fbc0c01eTHC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
74bb4d2e7a6dd6cc3d47ef3112f18d66021dcbbb8411a5bb7b5e5e8121445feaThe Doorman is a port-knocking listener daemon which helps users secure private servers. It allows a Unix server to run invisibly, with all TCP ports closed.
5669f3b557c15b343f152b34edc206bd33e874613ddc50ea1418d89cd20dc8ddA critical security vulnerability has been found in the Linux kernel code handling 64bit file offset pointers. Successful exploitation allows local users to have access to kernel memory. Kernel series affected are 2.4.26 and below and 2.6.7 and below. Full exploit provided.
92706af943a287522ac0045554f0149a454453a2c0f2f0482f4e4f98d714283aDatakey's tokens and smartcards suffer from a clear text password exposure vulnerability. The communication channel between the token and the driver is not encrypted. A user's PIN can be retrieved using a proxy driver or hardware sniffer. Systems affected: Rainbow iKey2032 USB token and Datakey's up-to-date CIP client package.
e6a95aba557fecb0404997af5ad693bdb744910e82a8e30d9cad43caeeb4742eGoScript version 2.0 allows for remote command execution due to a lack of input validation.
a20e454e6f775142f9f45026076fa8df5eb5fb923e053a1fe8d45bb307ae6d57JetboxOne CMS version 2.0.8 keeps system passwords in an unencrypted state and also has a remote code execution flaw.
b1e5dc4defffff99c27ff9d8f7a58a28058aa20c7886e2691265f0547b90ded7eNdonesia CMS version 8.3 is susceptible to full path disclosure and cross site scripting flaws.
60638bbb95e9a7ce651c3e384bfaaa636ff1aff85d2311db1f9d4c5907dfc386When over 40 connections are made to Webbsyte 0.9.0, the service crashes.
12c2dcce1b42eb0808a9da9ec432387ab867d5469e37f8251f8f8ea3d4e6ff64pam_usb is a PAM module that enables authentication using a USB storage device through DSA private/public keys. It can also work with floppy disks, CD-ROMs, or any kind of mountable device.
6e30403879ec19196e18de414075fa15c8adb0741e3c08b048e128243a55304dPutty client versions below 0.55 suffer from a flaw that allow for arbitrary code execution.
856165b9a1019d82da170dc548b0101ac9b2f7a3ed57d807f51a58edcb9bc56cSecunia Security Advisory - A vulnerability has been reported in WackoWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
871d905f6c1ccf7f4d9ef89edfa21e046946319eaf00cb0fc7ac0b68250d4f27Juniper Networks NetScreen Advisory 59147 - A malicious person who can connect to the SSHv1 service on a Juniper Networks Netscreen firewall can crash the device before having to authenticate. Upon execution of the attack, the firewall will reboot or hang, which will prevent traffic to flow through the device.
9bcd70260d6dde060190ee50a49684a445f003622c74f3d12acdfc64e035c869Impost is a multi-purpose scriptable network protocol security auditing tool designed for analyzing network attacks and exploitations while operating as a honey pot or packet sniffer.
328d901e82f37fe312a9613a3c34162a1cff4ff1757abb3e917170bb12532c54Sun Security Advisory - The XSLT processor included with the Java Runtime Environment (JRE) may allow an untrusted applet to read data from another applet that is processed using the XSLT processor and may allow the untrusted applet to escalate privileges. All variants of Sun Java JRE 1.4.x and Sun Java SDK 1.4.x are affected, except releases 1.4.2_05 and above.
441d16f4938f5f20a31b65a37e706bd5bb719aa73130e7418c55e5fea7934e5diDEFENSE Security Advisory 08.02.04: Netscape version 7.0, 7.1, and Mozilla 1.6 are susceptible to a SOAPParameter constructor integer overflow vulnerability that can allow for arbitrary code execution running in the context of the user running the browser.
88413467e44183e31e567dec2fc2a3d60529654bdf33627a4cbbcf7719b47e98A vulnerability in WHM Autopilot versions 2.4.5 and below allows malicious attackers the ability to access usernames and clear text passwords.
37a784924f73c52e2f1d8ba17ae1d4fb01c61b4651de4a06076fa4664d9f515dA security flaw in ripMIME version 1.x allows attackers to bypass filtering software.
1149ac92bd31c03d520f85fdf4148ad5d0356181a7f051c3a3dc6ae6132c231aProof of concept bindshell exploit code that makes use of a buffer overflow vulnerability found in BlackJumboDog FTP servers versions 3.6.1 and below.
086e7e22e2463b7bbcc13eb02b167f80971aed861197c0f0d06aaa01a7342f14
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed