PIX Logging Architecture is a project allowing for correlation of Cisco PIX Firewall traffic, IDS, and informational logs. It parses Cisco PIX logs from syslog files, then pushes the parsed data to a database. It contains a Web-based front end for displaying and searching the Cisco PIX Firewall logs.
7acfcd8b49939dabb88c407d381b67bea6040cbcc34c4daf647db0ff9a19f225
Multiple problems exist on support.msn.com, permitting to a possible attacker to conduct phishing attacks against a user.
73be9442c86ee5ea2be804b72d2cf52f4441182605f16d4c1aa0138aab4795ea
osTicket versions 1.3.1beta and below suffer from SQL injection and file inclusion flaws.
062203da452a48183dabb5fa5083266edff71537df530e644965fbe3d188be59
SpamAssassin is a mail filter to identify spam. Using its rule base, it uses a wide range of heuristic tests on mail headers and body text to identify spam, also known as unsolicited commercial email.
2195151ae9ccdb5e0e8a24cccf8186902b84289fc2a43f3d95bbd483d1f72142
Debian Security Advisory DSA 736-1 - A vulnerability was recently found in the way that SpamAssassin parses certain email headers. This vulnerability could cause SpamAssassin to consume a large number of CPU cycles when processing messages containing these headers, leading to a potential denial of service (DOS) attack.
f3b700e578e892727fa2bf59c0b378c378962a8ef3b57358fc301295ad1a29c7
Debian Security Advisory DSA 735-1 - A local user who has been granted permission to run commands via sudo could run arbitrary commands as a privileged user due to a flaw in sudo's pathname validation.
5e7dd410c5cdacd22e519121fd56132756f0ff0d38859de1ff91cb0691b46656
PHPXMLRPC is vulnerable to a very high risk remote PHP code execution vulnerability that may allow for an attacker to compromise a vulnerable webserver. The vulnerability is the result of unsanitized data being passed directly into an eval() call in the parseRequest() function of the XMLRPC server. Versions 1.1 and below are affected.
d532a52f4c4eceb2ed9ed85e0b453c9a1a6711801fbca08c4ff753d2696e5281
PEAR XML_RPC is vulnerable to a very high risk PHP code injection vulnerability due to unsanitized data being passed into an eval() call. Versions 1.3.0 and below are affected.
3793d7664e029e03c9787f198abb53e4415460735b9d7326c818daf85564aa6a
Secunia Security Advisory - Lachlan. H has discovered some weaknesses in Golden FTP Server Pro, which can be exploited by malicious users to gain knowledge of various information.
a1ad5db500acfee4c6201f033027ce45fbfc3cafff5dfb304a5163021bab4616
Secunia Security Advisory - A vulnerability has been reported in NetBSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
4c572f6258c5604a7be9d68632589c3878f65abb10f95ca1d36dd5dee1186e8f
Secunia Security Advisory - James Bercegay has reported a vulnerability in phpAdsNew, which can be exploited by malicious people to compromise a vulnerable system.
0cbedfc63eb00cb1e4acca0bbf31a701db5091679ba8aa675cec9b653f28fe5e
Secunia Security Advisory - A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system.
425a315aa3f738c3bf6292bb477cd0d1976d3fbe1e08bca2de1d26d22d08b353
Secunia Security Advisory - Tri Huynh has discovered two vulnerabilities in Prevx Pro 2005, which can be exploit to bypass security features provided by the product.
60a3f57f3ef56dc2f8502e224eee68398e3f9b27f11ae4481fb0ab88b434c172
Secunia Security Advisory - SEC Consult has reported a vulnerability in Microsoft Internet Explorer, which potentially can be exploited by malicious people to compromise a user's system.
82b5420eab5431eb4bc2df098e5f532ad1c4d2479890c3fc17adb90c7f8c7f13
Secunia Security Advisory - A security issue has been reported in SSH Tectia Server and SSH Secure Shell for Windows Servers, which can be exploited by malicious, local users to gain knowledge of sensitive information.
1d63a4bb1e7298d043c857a27132db074cd4dff3706a392bb98bffb9a907a35a
Secunia Security Advisory - A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system.
e4f257b4639b629fba205d38eca06cf2d8948f9dcf7876f16f8909160e3bbf0d
Packet Storm new exploits for June, 2005.
d7e9bdff78e3d99aaed825d2513b460e33ca950aba15e75021709f5b2bb516a9
NetBSD Security Advisory 2005-001 - The Pentium CPU shares caches between HyperThreads. This permits a local process to gain a side-channel against cryptographic processes running on the other HyperThread. Testing for cached data can be accomplished by timing reads. Under some circumstances, this permits the spying process to extract bits of the key. This has been demonstrated against OpenSSL.
1b841f93dab7671b35f142bbbc58e744bd20646981c20572bd1835e0628b395c
An error in Microsoft Windows NTFS driver code causes the file system to incorrectly assign disk blocks to files before they have been initialized. Following a recovery from a system shutdown, uninitialized data may be visible in files from previously allocated disk blocks.
19a6813bec80b15a790ba4bf91503c452214f0dd11e222e2104658130b26d1f5
Debian Security Advisory DSA 733-1 - Justin Rye discovered that crip, a terminal-based ripper, encoder and tagger tool, utilizes temporary files in an insecure fashion in its helper scripts.
eb99e39c5b9424f5d9cdb42cb81a156c69a61f9565b939d18a9e3c5e1a1d041c
FreeBSD Security Advisory FreeBSD-SA-05:15 - Two problems have been discovered in the FreeBSD TCP stack. First, when a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection. Second, a TCP packet with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options.
30663ff4e4d6e6643116559b25a849f751e84dc20b68d90c0261a28842688ff7
FreeBSD Security Advisory FreeBSD-SA-05:14 - Two problems have been discovered relating to the extraction of bzip2-compressed files. First, a carefully constructed invalid bzip2 archive can cause bzip2 to enter an infinite loop. Second, when creating a new file, bzip2 closes the file before setting its permissions.
81c864494c3fb7c1777f84c50d2ea5e1bb96b674001417c3e3f9e573fb1005a0
FreeBSD Security Advisory FreeBSD-SA-05:13 - The ipfw tables lookup code caches the result of the last query. The kernel may process multiple packets concurrently, performing several concurrent table lookups. Due to an insufficient locking, a cached result can become corrupted that could cause some addresses to be incorrectly matched against a lookup table.
6b7aa2a12074c968569303a922ef2f40cc26ef0aef04894d3fd3b9ebce0d5e08
A flaw has been discovered in the third-party XML-RPC library included with Drupal. An attacker could execute arbitrary PHP code on a target site.
c23af80afccc28c6e386c2d9c57c08cb7dcd67c51b1bdbfd76ab901c28db1291
Kuba Zygmunt discovered a flaw in the input validation routines of Drupal's filter mechanism. An attacker could execute arbitrary PHP code on a target site when public comments or postings are allowed.
3cde9b7af7d34c526f434457021465af93437a68f76031f5ab71ab278732d190