MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
0cde9dfc4393678cdb9c07fc46588e51e0b7e5e9837818083ecb12f84573c576Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
178007b1519890e221e060754673fccc669e10f1e6e548d0ae3dd4ecdf9fc611WifiScanner is an analyzer and detector of 802.11b stations and access points which can listen alternatively on all the 14 channels, write packet information in real time, search access points and associated client stations, and can generate a graphic of the architecture using GraphViz. All network traffic may be saved in the libpcap format for post analysis. It works under Linux with a PrismII card and with the linux-wlan driver.
3c5bafd06589337c7c26c447a35d3c1023459449b59327f5169a20feb2f30ebbInteresting snoop shellcode for /dev/dsp that is 172 bytes in size for linux/x86.
93de8b0e73905521e654a7b38d9ceab202717b32e0e9c68b27515d9870e48ba1Wzdftpd SITE command arbitrary command execution Metasploit plugin exploit for versions 0.5.4 and below.
3e85d32db1a1b151f81bc4597b865d596dd534d0730ffb45e51d9520107e8d72eEye Security Advisory - eEye Digital Security has discovered a vulnerability in Macromedia Flash Player versions 6 and 7 that will allow an attacker to run arbitrary code in the context of the logged in user. An array boundary condition may be violated by a malicious SWF file in order to redirect execution into attacker-supplied data.
9fed5fc5b6f35c0a68064bb3eba38b089f2ea09373f01b1eca9cbef787d60c1fiDEFENSE Security Advisory 11.04.05 - Remote exploitation of a design error in Clam AntiVirus ClamAV allows attackers to cause a denial of service (DoS) condition. The vulnerability specifically exists with the libmspack library, which is included in ClamAV. iDEFENSE has confirmed this vulnerability on ClamAV 0.86.1. All previous versions are suspected vulnerable to this issue.
bcea57c167103a66fb37eb5eb6f4d6bb92c843f04b017d3538b507daaa57cfc1iDEFENSE Security Advisory 11.04.05 - Remote exploitation of a design error in Clam AntiVirus ClamAV allows attackers to cause a denial of service (DoS) condition. The vulnerability specifically exists in the tnef_attachment function within tnef.c. A user controlled value is used to fseek into the file that is being processed; this allows a user to specify the same block for scanning repeatedly, thus leading to an infinite loop. iDEFENSE has confirmed this vulnerability on ClamAV 0.86.1. All previous versions are suspected vulnerable to this issue.
0cc51f30257eaa85a7842e0a09d908ae6532b476ed082503b4b9ddcc42c237c1ZDI-05-002: A vulnerability in the way ClamAV handles files compressed with FSG version 1.33 may allow for arbitrary code execution. Affected are Clam AntiVirus versions 0.80 through 0.87.
81b7769f6d2d7fe0892f0f65b9bcf16063d186c007d81f5dda7d2bc11883692aDebian Security Advisory DSA 883-1 - The Debian Security Audit team has discovered that the syslogtocern script from thttpd, a tiny webserver, uses a temporary file insecurely, allowing a local attacker to craft a symlink attack to overwrite arbitrary files.
ea3a51b910f30ac15738c82b57ed5c2f6c9cece09275321119b110f63fc4e07fInvision Power Board 2.0.1 suffers from directory traversal and code execution flaws.
398d8aacd3c8b51056c0cd6ad5efa0f0eca76f364fcfbd5bd650081bd8a4ab33There is a vulnerability with how JDK is used with Parosproxy that allows the JDBC to be used as an attack path.
4f3fa44948cb97b0233e4284486e6b495f394d9dbae1b2fe29d244a601741407SUSE Security Announcement - Thomas Gerisch found that the setuid 'chfn' program contained in the pwdutils suite insufficiently checks it's arguments when changing the GECOS field. This bug leads to a trivially exploitable local privilege escalation that allows users to gain root access.
63b28ec52e8f7b5e60c818103591203255e607790646f5ae9dc1bc9f049b5f99Debian Security Advisory DSA 882-1 - Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer (OpenSSL) library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0.
cd42f43af4ff17b4a96cd242de7b34906d0e8a804bf8bb1a2a8dc70fd5b8ff9eExploit for the format string vulnerability found in the friendsd server that comes with GpsDrive. x86 version. Binds a shell to port 5074.
de673cde91a63e038403a137ba948626e811cb07bebe8fe092b400487c6d5169Exploit for the format string vulnerability found in the friendsd server that comes with GpsDrive. PowerPC version.
768ba4a55ceffa1d68472a0647f755e17c5a821c24580850c632022b10c98bd8The friendsd server that comes with GpsDrive contains an obvious format string issue compliments of a bad fprintf() call.
ec70d84c5f0cca691f8ba58bee71f8d6fe7cc9f04578b31c5892e4614ff209f0Spymac Web OS 4.0 is susceptible to multiple cross site scripting vulnerabilities. Full exploitation details provided.
244a313132b1eb86d6630a5e3c39dd3c83967f090e772d86ba20a2868b1928afWhitepaper regarding further advances in the exploitation in format string bugs.
1438a410763bf9a8d5234436f27914d00ca889bb639fc9bd97d90bdeb6882436Advisory regarding the ability to denial of service JBoss 4.0.2 with serialized java object due to vulnerabilities in JDK 1.4.2.
fb2df7f6d6ed871ffdb6e6a6ce634c2afd1a1a8f0e55f406bcd1e6987245d89fSecunia Security Advisory - Secunia Research has discovered a vulnerability in cPanel, which can be exploited by malicious people to conduct script insertion attacks.
677f5141462d7275c4adf2be80e4232538354ad2bf718040c5f8d36306c5d8dfSecunia Security Advisory - Some vulnerabilities have been reported in PunBB, which potentially can be exploited by malicious people to conduct spoofing attacks, disclose certain information, and conduct script insertion attacks.
00c63d41d6c3dcd1c3f67d65d656b56ba55afc20551f6a3cd9ce9193ec7353efSecunia Security Advisory - Some vulnerabilities have been reported in BLOG:CMS, which potentially can be exploited by malicious people to conduct spoofing attacks, disclose certain information, and conduct script insertion attacks.
313bd734c72a7b3170b3f89350ac66cda5ee4a7c00b96830d1cd64bce396e258
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed