arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.
ca1333d85a5718316557bd95003212429c40990b2389791daae0519c2e764750Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.
c130885a17eca8ca18458cd773dcbd66a798dfe0927c065744ac9b6cf93c330ciptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
0bd229e99ef61fe39fba6194031e5307a9da7e22c2a5b8a581f6ae8efae14762DragonFly shopping cart allows for SQL injection attacks and price manipulation.
f3731ee7643b36fa0e65130b16541ef7e07f4dbac260d2b7479a4c697986b967Practical Applications of Public-key Cryptography: Securing Email Communications with PGP. An 11 page tutorial that discusses practical uses of PGP desktop, the commercial version of PGP.
190fece747e9805af22848e10674c48feb4476aac8d5a9c2a691f4039cdc098bNateOn Messenger version 3.0 suffers from a file sharing flaw that allows for traversal attacks allowing for directory listings.
a157445ef865217d7b1580f0f7ac5491ad8fecbb7adea172c98f43feaf172303ASP.NET RCP/Encoded web services suffer from a denial of service vulnerability.
c933e234f71c9871f5f0e59739db7d3b43c7c63a8b26197942ac164c02600380BlogTorrent versions 0.92 and below allow for direct access to the file storing users' password hashes and logins.
f16318de93bab383388f4c3616acf68cd72b4c6f8f36ecf5ef137730d472fc1bDebian Security Advisory DSA 751-1 - The upstream developers have discovered a bug in the DNS lookup code of Squid, the popular WWW proxy cache. When the DNS client UDP port (assigned by the operating system at startup) is unfiltered and the network is not protected from IP spoofing, malicious users can spoof DNS lookups which could result in users being redirected to arbitrary web sites.
e9b8cb271a542d120f0d6481aaa3262031a074b35778911fc5612443c462be6aGentoo Linux Security Advisory GLSA 200507-09 - A buffer overflow has been discovered in the UnixAppOpenFilePerform() function, which is called when Adobe Acrobat Reader tries to open a file with the \Filespec tag. Versions less than or equal to 5.10 are affected.
75917ca72cdcc43905af705c0d94a1b62b42c3fbea34599058b31da755cced49Debian Security Advisory DSA 748-1 - A vulnerability has been discovered in ruby 1.8 that could allow arbitrary command execution on a server running the ruby xmlrpc server.
172ca51e27ef5e4f0d94d04b618f60329db5e80a16e79cfe6cb35c316f6ea1fcDebian Security Advisory DSA 750-1 - infamous42md discovered that dhcpcd, a DHCP client for automatically configuring IPv4 networking, can be tricked into reading past the end of the supplied DHCP buffer which could lead to the daemon crashing.
26d5c2c5250deb425c6530cdcff27616f5825a39ea2236c6a57dc16c0da9ceb7Hosting Controller allows for unauthenticated session and user creation.
5c29c362c7dded2f739dd23b6b734d5204604a8bc9e120e4db8975962a1b20cdA race condition vulnerability has been found in the ia32 compatibility execve() systemcall of the Linux kernel. The race condition may lead to heap corruption. Versions up to 2.4.31 and 2.6.6 are affected.
60d19fb55a1868fabc6dc3d7ddb54e27e89f5c9fb581589f667b2f5e0a5d2b9bGentoo Linux Security Advisory GLSA 200507-08 - The XML-RPC implementations of phpGroupWare and eGroupWare fail to sanitize input sent to the XML-RPC server using the POST method. Versions less than 0.9.16.006 are affected.
e6e4508d4d34b0338c98cad75efb14c9a7bbb24a8a963d701d075ce1f286752cMSN's Messenger protocol will automatically kick users from a conversation if .pif is sent in a text message.
39d563c8cb90296982dd0bc5cba058620c23e5caff6e42dd15d54375ed1a38f9Debian Security Advisory DSA 749-1 - A vulnerability was discovered in the ettercap package which could allow a remote attacker to execute arbitrary code on the system running ettercap.
bdeef153d602130b85417e5dee12c2d46a6187d93eb4e3c55bde14385ca13c7fDebian Security Advisory DSA 747-1 - A vulnerability has been identified in the xmlrpc library included in the egroupware package. This vulnerability could lead to the execution of arbitrary commands on the server running egroupware.
b0b86440bb0360bbefc86c2863a7889904933148f078a1f19d96c3fcd6b2f2adSecunia Security Advisory - c0ntex has reported some vulnerabilities in SiteMinder, which can be exploited by malicious people to conduct cross-site scripting attacks.
e54b12acf9dd463c51e37e5c1825b7b2c051b47fa9657daf9b0088898814a3b2Secunia Security Advisory - Defa has discovered a vulnerability in Id Board free, which can be exploited by malicious people to conduct SQL injection attacks.
726421448108d98faba009d03d65a798e799001a88aa43a7175a360794246934Secunia Security Advisory - Ilja van Sprundel has reported a vulnerability in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.
d44ffa0c8ff372ea7466b0c6c9f5d8bac1c80c898136b110965c541b9a3ff127Secunia Security Advisory - A vulnerability has been reported in dhcpcd, which can be exploited by malicious people to cause a DoS (Denial of Service).
06789d2db5928310e83291885e124454119d825f4f05e9196b37bf5ae6b7d3a8Secunia Security Advisory - LazyCrs and pjphem have reported a security issue in Blog Torrent, which can be exploit by malicious people to gain knowledge of sensitive information.
aad382218100f5606de503a35c8af50d09c208f48a35e796972817ee31ff2763Secunia Security Advisory - A vulnerability has been reported in MMS Ripper, which potentially can be exploited by malicious people to compromise a user's system.
1fa3b5f012fd6cd4104d34ebd9b2b753ad3eb9078d313e2814e6105c9872194bSecunia Security Advisory - A vulnerability has been reported in Backup Manager, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
2bd352ce286b1217a08040beccc1ef95a2bb6dd371c589fd7f7c52e27860947d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed