This is the lidstools source package. It contains the source for the lidsconf and lidsadm utilities used to administrate systems enhanced with the Linux Intrusion Detection System kernel patch. These tools are useless without a LIDS enhanced kernel.
cc3f000869360abe657fb5983386ec6ad2278d6c8c3f26cb4e80cd2a34dd116dNmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.
efc986ad0288c71cdaf690b17d4a5a08445bbda1c1ab4c560f8e575a1dd7f6e5The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.
93b7374c32ad1d4530b04a2aee544e95c23d97e7b0f9febb5481915180233655Secunia Security Advisory - A vulnerability has been reported in the mod_imap module for Apache, which can be exploited by malicious people to conduct cross-site scripting attacks.
9af3362c5400bc8cd637232ee1731b3f735747e064c083c08285940c3ea357f0Adult Script unauthorized administrative access exploit.
40ee0f22dece88845192adbb71ceb8e17056522e2ce13f53fabe330bdc7b64beThe Trivantis CourseMill Enterprise Learning Management System version 4.1 SP4 suffers from a remote SQL injection vulnerability.
f8dbf8a62a7dc36781710bb72467a01e9e68c22253bacbe85e202a59c1d569b4Mandriva Linux Security Advisory - Stack-based buffer overflow in driver_wext.c in wpa_supplicant 0.6.0 allows remote attackers to cause a denial of service (crash) via crafted TSF data.
326f022248fb612a59499c6139f916bbccf96a827a3d52c923c8061485cee9bexml2owl version 0.1.1 suffers from a remote file disclosure vulnerability.
c1d621ff12b68aba01813b5de294d8315942cc1de7d537ee55cd87b077eb685cMMS Gallery in PHP version 1.0 suffers from a remote file disclosure vulnerability.
81fd428f9343ff6be1df1b34234a99a2b89c94444f4c219b1af5e624d8aca41dCMS Galaxie Software suffers from a remote SQL injection vulnerability.
d3f3d55a6e805ffac6b1631e35f9ac78ed748f12253a1c6205e2140006cca326CityWriter version 0.9.7 suffers from a remote file inclusion vulnerability.
c7d848602ae90b973f244de290d523908acaf5e45d0fd3550659f6cb1405923fGentoo Linux Security Advisory GLSA 200712-12 - loverboy reported that the default_encrypt() function in file encrypt.c does not properly handle overly long passwords. Versions less than 5.0.63 are affected.
7f3660c6997df1e0fbe1f78f60454147a35e8fa1449d19287da2e8d9089ef1fbSecunia Security Advisory - mrhinkydink has reported a security issue in Websense, which can be exploited by malicious people to bypass certain security restrictions.
83416d25b32e70f2b9f5d98f3c25dfc2f56f9644fa255ddd519fe96bd5977eaeSecunia Security Advisory - mu-b has reported a vulnerability in Mac OS X, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
536494c7930cbcb504902e2b4eaec45f4982801ce25d10f5e81bf1c16c7eb364Secunia Security Advisory - GoLd_M has discovered a vulnerability in xml2owl, which can be exploited by malicious people to disclose sensitive information.
f67a1f507b828090ca227e7f32fe38b9f3ecc821ddc978f1fb78f3d019a3f693Secunia Security Advisory - A vulnerability has been reported in JBoss Seam, which potentially can be exploited by malicious people to conduct SQL injection attacks against applications using the framework.
3b5c3aa52aeb67346f1a48bd0579883b9f88ba321ff2e0670054aee7eb2e41bbSecunia Security Advisory - A security issue has been reported in Robocode, which can be exploited by malicious people to bypass certain security restrictions.
ca20c74ddac0656aa56c017067a11e9435f018e84f2097664b17f6f59d7eefa0Secunia Security Advisory - Hitachi has acknowledged some vulnerabilities in the Hitachi Web Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
9b71cc8e36d28c40bcbf8925cc18fca4d980f905d65848efa8ec215434ce5197Gentoo Linux Security Advisory GLSA 200712-11 - Mike Frysinger reported that the etc-update utility uses temporary files with the standard umask, which results in the files being world-readable when merging configuration files in a default setup. Versions less than 2.1.3.11 are affected.
b079bf50bde36a56982489b809fb7f70516df67d0c7572464b41c90046f8bcb4OpenOffice versions 2.3.0 and 2.2.0 fail to protect certificate information in signed ODF documents.
e789309a3ef2dc6a169a094efc856d75de3ae1184ed5b11292c57394399862e9Microsoft Office 2007 fails to protect hyperlinks with the use of digital signatures on a document.
bca868f38217254076e297323a9729c6d95e47c979e1765c6880bc24451f68fcHP Security Bulletin - A potential security vulnerability has been identified with HP-UX running OpenSSL. The vulnerability could be exploited remotely to execute arbitrary code.
11b7fa8be5a8647cf0d17688095f41e921b6b6c89dda9098b77c88256dcb410fHP Security Bulletin - A potential security vulnerability has been identified with HP-UX applications running DCE such as Software Distributor (SD). The vulnerability could be exploited remotely to create a denial of service (DoS).
a16540ecf8f33085e24e145369499a113c42aff723d72615eb54b15f906d36d9Hosting Controller versions 6.1 Hot fix through 3.3 suffer from multiple vulnerabilities including administrative takeover and SQL injection.
460c4d681a9fab2d4f3f565fdcc64e818dd13324a6d143f1fcbe4b7ed76d10fdUbuntu Security Notice 550-3 - USN-550-1 fixed vulnerabilities in Cairo. A bug in font glyph rendering was uncovered as a result of the new memory allocation routines. In certain situations, fonts containing characters with no width or height would not render any more. This update fixes the problem. Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with user privileges.
fde98b6de45bea4444101246c3b1c8d2eb8c38bf2b3e9d872694441b7e4f72d9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed