alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.
63d5ba9842d5de0738638ceb7be659563822a2f5a0d865d998d7db3c29d53c73
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
bc3163c8b5ceaa27a0a38daac6146987dba202b556b8fe7a7e3fe136f528d9eb
This program listens for sound. If it detects any, it starts recording automatically and also automatically stops when things become silent again.
7746d6db4f2fc9c25f6eadf76a52e43e061078ee954a7016e9815714efa1bb78
The scrutinizer toolkit is designed to protect Web servers from HTTP (D)DoS attacks. It is a toolkit consisting of an analysis engine which analyzes Web server access logfiles in almost real time, an Apache module which is able to block wrongdoers on the Web server, an extension to block offenders with netfilter firewalls, and a set of visualization tools. The analysis engine uses statistical anomaly detection to expose offenders. The engine has to be trained with old log files so that it can adapt itself to your system.
3b5c3fcb0185c82c422da19ec48bef0aa8aa70190c1c6004f02a7d7f8184948d
Secunia Security Advisory - Nicolae Mihalache has reported a security issue in avelsieve, which potentially can be exploited by malicious users to cause a DoS (Denial of Service).
e6099b09429b5723bc67aa32914de8949b1f76b3cb0e3e7fdffaae0813df7fb8
New version of the phpBB worm that successfully works against a patched phpBB 2.0.11. The scripts in this tarball are the worm itself and the bot that is installed.
16b732162c823b5b45b96caf698d1e229ba187473030bd0dc6a87b8f4118faa4
STG Security Advisory: An input validation flaw in ZeroBoard versions 4.1pl4 and below can allow malicious attackers the ability to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user.
c308b0793660dff9bacda679d6ea1adf0cf46f3c7d0c38cbc80870f869879079
Internet Explorer will accept %0a and %0d in URLs. In FTP URLs, it will accept them in the username part of the URL. Due to the similarity between the FTP and SMTP protocols, this can be used to send mail.
e2e71c2a7f12cac58fb231beaf48bf5b486852f8767f80078d2102127d129720
Plesk, a popular server administration tool used by many web hosting companies, is susceptible to cross site scripting flaws.
561ab831ef114785159c21d59981cca959a4a7af271cbe8bf055ab77f58d6fb2
Simple tool to automate the creation of the URL needed to exploit phpBB versions below 2.0.11 using the viewtopic.php vulnerability.
97f48c8238366a517072f68c8271d01c882853ab1bf9dc15f358fd99045e5759
HP Security Bulletin - A potential security vulnerability has been identified with System Administration Manager (SAM) running on HP-UX that may allow local unauthorized privileges. Affected Versions: HP-UX B.11.00, B.11.11, B.11.22, and B.11.23.
319afe43d1b320a755cd24871491338f3e486749a9432161423cb91beaa6d5ca
SHOUTcast DNAS/Linux version 1.9.4 format string remote exploit. Tested on slackware 9.1 and 10.0. Bind a shell to port 7000.
d2c5f4ccf6da4f8162e3796a3521048971da31a1653d14c5d1dc589793cbd7bd
Secunia Security Advisory - Two vulnerabilities have been reported in Rpm Finder, which can be exploited by malicious people to compromise a user's system and by malicious, local users to perform certain actions with escalated privileges.
235e6abaff83d84e633690fa2b9e2648da4e8b729ea43505e4774ecdebf54457
NGSSoftware Insight Security Research Advisory #NISR2122004L - IBM's DB2 database server contains a procedure, generate_distfile. This procedure suffers from a stack based buffer overflow vulnerability. Systems Affected: DB2 8.1/7.x.
3ef55a702511cb8221131c88341c2991b45a10ee7c8b153e5ddda2eb0ad3028e
NGSSoftware Insight Security Research Advisory #NISR2122004J - IBM's DB2 database server contains a function, rec2xml, used to format a string in XML. This function suffers from a stack based buffer overflow vulnerability. Systems Affected: DB2 8.1/7.x.
b8613611d22ef6e27ef52155f6315c5d527c17d33199e9824cdca2fd21abca6f
NGSSoftware Insight Security Research Advisory #NISR2122004J - The code for PL/SQL procedures can be encrypted or wrapped to use the Oracle term. When a wrapped procedure is created a buffer overflow vulnerability can be triggered. Systems Affected: Oracle 10g/9i on all operating systems.
6b25554fd71f5fe123c25e28820f4b1f31d38e591f699777f1bf2d6ed93ae82c
NGSSoftware Insight Security Research Advisory #NISR2122004H - Oracle 10g and 9i suffer from multiple PL/SQL injection vulnerabilities. Systems Affected: Oracle 10g/AS on all operating systems.
6e5d05e4c37be6abe44d5313fc7449e528c71dc7700e7622039d9692cc8be6e9
NGSSoftware Insight Security Research Advisory #NISR2122004F - The 10g Oracle TNS Listener is vulnerable to a denial of service vulnerability. Systems Affected: Oracle 10g on all operating systems.
af6b33695e7d0331269bb9875337f50a3075042eadab32b1f8486a07d3fb6a67
NGSSoftware Insight Security Research Advisory #NISR2122004E - The 10g Oracle Application Server installs ISQL*Plus. Once logged in, an attacker can use load.uix to read files on the server. Systems Affected: Oracle 10g AS on all operating systems.
41e4563892e55bab629dadaa582258738d586ada2b237ca6ef0b6b3ebb0209ca
NGSSoftware Insight Security Research Advisory #NISR2122004D - The 10g Oracle database server may have passwords in clear text in world readable files. Systems Affected: Oracle 10g on all operating systems.
d3b0b872bbed09a293cc3e6d16fa8f3fd84179096e93c1d42e83f550db052afe
NGSSoftware Insight Security Research Advisory #NISR23122004C - The Oracle database server supports PL/SQL, a programming language. PL/SQL can execute external procedures via extproc. Extproc is intended only to accept requests from the Oracle database server but local users can still execute commands bypassing this restriction. Systems Affected: Oracle 10g/9i on all operating systems.
d564ebb6b5748561ebcce49b8dface7849a65669daeb969695defa9c396adb17
NGSSoftware Insight Security Research Advisory #NISR23122004B - The Oracle database server supports PL/SQL, a programming language. PL/SQL can execute external procedures via extproc. Extproc has been found to suffer from a directory traversal problem that allows attackers access to arbitrary libraries. Systems Affected: Oracle 10g/9i on all operating systems.
25c8b9a1837b4ad345045e140f4a5f8d0598d3455a856d252b974d56dca2fd4d
NGSSoftware Insight Security Research Advisory #NISR2122004A - The Oracle database server supports PL/SQL, a programming language. PL/SQL can execute external procedures via extproc. Extproc has been found to suffer from another buffer overflow vulnerability. Systems Affected: Oracle 10g on all operating systems.
40555a31fe2e6ad6539966721ecc71750f0e9aab14788315d6ec9c0e5f421632
NGSSoftware Insight Security Research Advisory #NISR2122004G - Due to character conversion problems in Oracle 10g with Oracle's Application server it is possible to bypass pl/sql exclusions and gain access to the database server as SYS. Systems Affected: Oracle 10g/AS on all operating systems.
8d1abd33755d60617a7f206475214c1c02523008459acccc97aaeff0494e01ba
NGSSoftware Insight Security Research Advisory #NISR2122004I - Database triggers exist to help maintain data integrity and perform certain actions when a table's data is modified. Many of the default triggers in Oracle can be abused to gain elevated privileges. Systems Affected: Oracle 10g/9i on all operating systems.
e72c95ea02cc6dce6f0b00cfde315e1752b174373db4397eb16a6eb2becf9523