tcpick is a textmode sniffer that can track TCP streams and saves the data captured in files or displays them in the terminal. It is useful for picking files in a passive way. It can store all connections in different files, or it can display all the stream on the terminal with colors.
cf3c3814518f5565df3884d07e1e3015d88ac1dbfe3885635dd6e67d6ce46dd2Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.
b3841a5ebab75b6d4fa3f3ae8e198d27ffb79e5d46add7daf7698daeb813a493Abuse problems exist for the DIRECTORY object in Oracle. Patches have been released for this issue.
b3b6b54f394e80b1a15a725f18af3bfdcad2376d96c5ff42d1c82ceca09cb3a2iDEFENSE Security Advisory 01.18.05 - Remote exploitation of a buffer overflow vulnerability in the xpdf PDF viewer included in multiple Unix and Linux distributions could allow for arbitrary code execution as the user viewing a PDF file. Version 3.00 is affected, possibly earlier revs as well.
89d6ddb5e54bacb2a94fd4f4dfbc53d26e9568506eecc1b65a89eb4db718dc90SCO Security Advisory - SCO has just come to terms with the fact that chroot jails can be broken out of.
ab65a3303eed13d35df02e8d19583bb970e1119ea57e1881df6d8e714d105a77It appears that the Microsoft patch released to fix the HHCTRL.OCX vulnerability discussed in MS05-001 can still be exploited using other IE bugs that are not patched.
cfbc753782aed6d9054b3947d4f7f8a765f39467a92023338ec8b4f26f03c149NGSSoftware has discovered SQL injection and buffer overflow vulnerabilities in Oracle 10g and 9i database servers.
baf731da1375e64c947d8c494fc1746862e81ce6a082d302261893019964db01Remote fingerprinting tool for Oracle and DB2 that allows for discovery of versions and OS information.
711cf852f57a8d6cb32e64517174948eb2cc24f467b787722763581494298148NodeManager Professional 2.00 buffer overflow exploit that binds a shell to port 2001.
d2760218e3f15342798e63cffabc4d5d0a5db7643df4ce807004ab02371da3e8Debian Security Advisory 644-1 - Danny Lungstrom discoverd a vulnerability in chbg, a tool to change background pictures. A maliciously crafted configuration/scenario file could overflow a buffer and lead to the execution of arbitrary code on the victim's machine.
b75fd8f5afe3033d96c198a09d76f99118139c7b3d93fe7c1f3d6fdec539d60fDebian Security Advisory 643-1 - jaguar of the Debian Security Audit Project has discovered several buffer overflows in queue, a transparent load balancing system.
018bc82187d673c2d0bfd0eb47c43061a32fdcce2da2bbe7f92f62359f04488dThe Netegrity SiteMinder smpwservicescgi.exe is susceptible to a remote data inclusion vulnerability that allows for phishing attacks.
ba2e8bce8ac6c15f997f1dbeffe9a186f5050292a7ea62b8f9c7ae2dde132eeeThe Novell GroupWise WebAccess error module handling has a flaw where a malicious attacker can circumvent the login procedure.
098deb19fae7350013e47a4e4b102a3848621eb8b4d993db52f880dc69b73b5eProof of concept local exploit for Exim version 4.41.
1a839bac6db247dda2ba272d3176761f8ca62bce03f16b97e11e0ac59b9bbd7cPeer2Mail Encrypt passdumper exploit version 1.0. Versions 1.4 and below are affected. Tested on Win XP SP2.
9e68cf5568109ed38a372ad93eb6b342c953163593ce9cb057b493fc49efe43cINCA nProtect Gameguard has a flaw where it allows for unrestricted I/O access.
e0ab632c5712190f0357f67c4ad2443c60afb8192a6ae0b879261b7e732e401a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed