Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
4fa74fdbfe677362b0fef226026e7f110d7de856baaad21b5fe3ebd0f627b112Ubuntu Security Notice 551-1 - Thomas Sesselmann discovered that the OpenLDAP slapd server did not properly handle certain modify requests. A remote attacker could send malicious modify requests to the server and cause a denial of service. Toby Blake discovered that slapd did not properly terminate an array while running as a proxy-caching server. A remote attacker may be able to send crafted search requests to the server and cause a denial of service. This issue only affects Ubuntu 7.04 and 7.10.
d77193488d3e81250b1087fc995f46a172b56f6fe7501029020c1bff97cc061cUbuntu Security Notice 550-1 - Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with user privileges.
8d3dcdef1feac2d1123b15e889bc4deba2b7a8eba999fb59ae42b1f89b89d79cUbuntu Security Notice 549-2 - USN-549-1 fixed vulnerabilities in PHP. However, some upstream changes were incomplete, which caused crashes in certain situations with Ubuntu 7.10.
9a0a4a1d82e27e9d74bb5eb17c3168dc8ab295a00a313b9b1b95a786a5cb345fMandriva Linux Security Advisory - A flaw in the Apache mod_proxy module was found that could potentially lead to a denial of service is using a threaded Multi-Processing Module. On sites where a reverse proxy is configured, a remote attacker could send a special reequest that would cause the Apache child process handling the request to crash. Likewise, a similar crash could occur on sites with a forward proxy configured if a user could be persuaded to visit a malicious site using the proxy. A flaw in the Apache mod_autoindex module was found. On sites where directory listings are used and the AddDefaultCharset directive was removed from the configuration, a cross-site-scripting attack could be possible against browsers that to not correctly derive the response character set according to the rules in RGC 2616.
a286f0e12d6b1be5948457a239b88839ccd7dd6c3da4cc348c762f897cc7efabMandriva Linux Security Advisory - Raphael Marichez discovered a denial of service bug in how vixie-cron verifies crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab could prevent vixie-cron from executing certain system cron jobs.
40f307c8b1af6bb704be677d974674f23ae54f9b68d252214f9ac3eb3cb91df0Symantec Vulnerability Research SYMSA-2007-014 - Beehive Forums versions 0.7.1 and below suffer from a SQL injection vulnerability.
a9ce0d069bb6ef66e465717b48e1301ca974b1da01c77cc0ea32b75d359c00dcMcAfee SecurityCenter Privacy Service version 8.1.0.136 suffers from a script insertion vulnerability.
2dad2c696d8f55b16c4255a857167be364bc90d1e0c94221ccb48dbfc0471731By performing an advanced search, unauthenticated users can enumerate valid usernames with a single HTTP request on the BEA Plumtree Portal.
776de6dc499e6ebfc575f8b19a3ac66c6953bcc956cb6a8b5c59f0a43584290aBEA Plumtree Portal is vulnerable to a internal hostname disclosure vulnerability.
866b56dd83ba8330356f8847ee9d66d1be2f67a4336cc14f44ee0a485a6a593aFirefox version 2.0.0.10 appears to inherit the charset of a parent page.
724418cd6fb332b578ca7acd25889fd7dc4e96ce25b54811cc3f66a60a0db7d2Lotfian Brochure is susceptible to cross site scripting and SQL injection vulnerabilities.
50a0c6fe118fea3458140762e9beb445dbb2fa75bc14286ff11982fb00d312b8Snitz Forums 2000 suffers from a remote SQL injection vulnerability in Active.asp.
7268062b76339d9053e70065f6628eb3367e276150211eb3819bfdb6cddc7b22phpBB Garage version 1.2.0 Beta 3 suffers from a remote SQL injection vulnerability.
9454b4c38d6b411c55effe36dd0e7072c2327ca560853e6b22691d5e727c2096Secunia Security Advisory - Ryan NA has reported some security issues in Ascential DataStage, which can be exploited by malicious, local users to disclose sensitive information and to manipulate certain data, and by malicious users to disclose sensitive information.
7baae7db817c9523429294b41000f0d1d4af8603778049d82b13d5a015709357Secunia Security Advisory - rPath has issued an update for nss_ldap. This fixes a security issue, which can be exploited by malicious people to manipulate certain data.
1e4216b12c95060a72ce250578111747fb203a2d321ae3e3bce8fdf563ca83a5Secunia Security Advisory - A security issue has been reported in CRM-CTT, which can be exploited by malicious users to bypass certain security restrictions.
c60de70fd91b8e4e9853fd304f373f4b41afbef4b53c0e01a1967163d8245032Secunia Security Advisory - ShAy6oOoN has reported a vulnerability in p.mapper, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
24b35ff8c571744f76da924448305962f0f665fce7517dfd4f318ffb45078c9bSecunia Security Advisory - A vulnerability has been reported in Solaris 10, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
f4ae2868f3777ef509215a0266668e952c1f4c1f21880dba9e20b3f927b66e91Secunia Security Advisory - Some vulnerabilities have been reported in VLC Media Player, which potentially can be exploited by malicious people to compromise a user's system.
4fae08d4f8f84f9fd106126574a5902473459a5765845fbf413ba20493cf783cSecunia Security Advisory - Debian has issued an update for cacti. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.
fac299f4d6e4882bc1e7d95ea6c8bbb4580e00d0a60b1732f9f7bd85eade0a75Secunia Security Advisory - Debian has issued an update for asterisk. This fixes a vulnerability, which can be exploited by malicious users to conduct SQL injection attacks.
0bcb52c617fc7627256da51708d19325ec11e111e311df6dd9028041117bb928Secunia Security Advisory - Slackware has issued an update for rsync. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions or potentially compromise a vulnerable system.
67684eb896df9d458c3201212ae8b3a27643391d3cd5e088811c90ac786a5996Secunia Security Advisory - A security issue has been reported in Claws Mail, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
105d99f94fa220ffe4d8fe8fb73dade6490c6c73f5f95989cb5e00e895fb6e6fSecunia Security Advisory - A security issue has been reported in Zsh, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
bce97f885ff3c6401ecbcb92d9374a14ecb32df9c6dc2a096e4f4e8cc4f2969d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed