Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
2a35c94f1aab51fee089b72c5bd299e281d6d44199a9fed942c554d76fb21ce2NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
8614a4bd3f06dcda0dd7f4bfeeb1904c79d09b3cf08f9a5f510d73e1392eadc7tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
0985993a0465b30c8b6c4ef50ec03fd810f520b1e344875e51df3db5bd18c538Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
3be8c89be5b927e73b77a82ca3d83f0f162fceea2d6a14ce1c0cf5333b36cd1cPound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
316545c126f11be95deab5fb60d6a26e1aa644f9a8b5972219062ce6521e1491Ixprim version 1.2 remote blind SQL injection exploit.
aec29fc93d3d359b2ff53e290036f5098f53c7fa9975ee28b67553cea97daac1Netragard, L.L.C Advisory - @Mail version 4.51 does not properly sanitize email allowing for cross site scripting attacks.
39e68d57bada5a83cf9b09964668a0c6d5d4d57328013bb0836d4cd7e2938ac1SQL injection digger is a command line program that looks for SQL injections and common errors in websites.
44417028b879d6d4fbf9915ad1cc1b82f2f4c92abdec94ba485af2b138092d0bSinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has. It only requires one open TCP port, sends only fully standard TCP packets, and limits the number of tests to 2 or 3.
b331059034af9107a5337cf0610c72d0451724675b3bc870cfbdbf7ae99ffe20NOD32 Antivirus software versions prior 1.1743 suffer from an arbitrary code execution flaw.
dcc3ac0483403c98b5780d90539d0fc3e3f9ac428aed9e62ae4ad4c049d3f440Debian Security Advisory 1240-1 - Teemu Salmela discovered that the links2 character mode web browser performs insufficient sanitizing of smb:// URIs, which might lead to the execution of arbitrary shell commands.
2fb87b3e15f1f071ef980b8d812b18f940443fa77e4eaea8cb13734a864200cdCAID 34876 - CA CleverPath Portal and other CA solutions that embed Portal technology contain a session verification vulnerability.
0f54412beb75b544d797f6a6475238fc984c6235fe7678318bc1b6e2c236672cTechnical Cyber Security Alert - Mozilla has released new versions of Firefox, Thunderbird, and SeaMonkey to address several vulnerabilities. Further details about these vulnerabilities are available from Mozilla and the Vulnerability Notes Database. An attacker could exploit these vulnerabilities by convincing a user to view a specially-crafted HTML document, such as a web page or HTML email message.
e107062e328dbd419858acefe8e2fad607022adda52781c93e6a34a0be90d649Mandriva Linux Security Advisory MDKSA-2006-234 - XSP (the Mono ASP.NET server) is vulnerable to source disclosure attack which allow a malicious user to obtain the source code of the server-side application. This vulnerability grants the attacker deeper knowledge of the Web application logic.
8a127f50798d6860d450a586a8af3b0175981db6294bc0df3a14b9c3c9dfd77cUbuntu Security Notice 397-1 - Jose Ramon Palanco discovered that the mono System.Web class did not consistently verify local file paths. As a result, the source code for mono web applications could be retrieved remotely, possibly leading to further compromise via the application's source.
94419be4f07c7c1769569c844a7f0de39d524d4f3ae40d536ad18d6482417771HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
5242bb67e4081b1f7e9f9ee63a21f4f1a19532ea06823226a4b41a89f43ae3f2Gentoo Linux Security Advisory GLSA 200612-21 - The read_multipart function of the CGI library shipped with Ruby (cgi.rb) does not properly check boundaries in MIME multipart content. This is a different issue than GLSA 200611-12. Versions less than 1.8.5_p2 are affected.
9b5880e8331459d98744c8c54e9c6c1f39c8fc5f0f33c650d9602d9ce86f86c4Gentoo Linux Security Advisory GLSA 200612-20 - M. Joonas Pihlaja discovered several buffer overflows in loader_argb.c, loader_png.c, loader_lbm.c, loader_jpeg.c, loader_tiff.c, loader_tga.c, loader_pnm.c and an out-of-bounds memory read access in loader_tga.c. Versions less than 1.3.0 are affected.
e28a5f46fd2cb63fa0d448c8c20cfe45f25c0fc0d77f910d130e27f8453c964eGentoo Linux Security Advisory GLSA 200612-19 - Steve Rigler discovered that pam_ldap does not correctly handle PasswordPolicyResponse control responses from an LDAP directory. This causes the pam_authenticate() function to always succeed, even if the previous authentication failed. Versions less than 183 are affected.
e64895cba6cea263dea3c75b42533b05a9f6df284ba411224f20bcd3856675f7The Mono XSP ASP.NET server allows for source code disclosure when a %20 is appended to a URI. Version 1.2.1 is affected.
35a0a5a28f626206a9628043116c7c862cab25d293bacf607501c972dd0dfa16ESET NOD32 Antivirus suffers from a arbitrary code execution vulnerability. Versions prior to 1.1743 are affected.
68c8e00a070400f31b4f79d8fd1f5ed916dc36dd5153dcfabf13efd85383835aSEC-CONSULT Security Advisory - Typo3 CMS versions 4.0.0 through 4.0.3 (along with other variants) suffer from a remote command execution flaw. Proof of concept included.
855559bf26aa89e08a42b32a4a13e9d2151e9b5cca1e5cb32c2673a8d897c507A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Affected versions are Mozilla Firefox 2.0.0.0 and Mozilla Firefox 1.5.0.4 through 1.5.0.8.
6c930915441d7aeff70bc73318e30776dc3e210ca3f2808e3a1360ebca8e497cMini Web Shop version 2.1.c suffers from a cross site scripting flaw.
970873219107890b1946642cf65764cbf57ed2a3ecf4f22de9e3d32e36d4e031Oracle 9i and 10g file system access via utl_file exploit.
6a855c171229fa36b67fcac3d0b5386b14c748ade5343c12a88b8cf49a41e5f0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed