This is a php script which goes to the database (Postgresql) and generate some statistics from the data. For more info see this snortdb page.
221ba130f9735cee45697fe01ed5f6eaec67d1b0ff3fa6bd692e2fdf50096ef5CERT Advisory CA-2000-20 - Name servers running ISC bind v8.2 through 8.2.2-P6 contains two denial of service vulnerabilities. The first vulnerability is referred to by the ISC as the "zxfr bug" and affects ISC BIND version 8.2.2, patch levels 1 through 6. The second vulnerability, the "srv bug", affects ISC BIND versions 8.2 through 8.2.2-P6. More information about these vulnerabilities available here.
cd95a6b1bc9eb41421ec292ed176c6f56b4fb75e5f0998df20e42d7175b1cfbfiXsecurity Security Vulnerability Report - The default installation of Compaq Web-Based Management on a Netware server reveals sensitive system files to anyone who can access TCP port 2301. Allows remote users to read the remote console password. Software version 2.28 verified vulnerable. Compaq advisory available here.
992ae643310081a28265d7edbe6fcf3cd675ed92732e4ecbee1271c805355517HP/UX 10.20 allows any file on the filesystem to be chmodded 644.
368ae0b6b600d64d563f95321811ba39e6896823d87ed0d1bd39969c6643ad34An exploitable buffer overflow vulnerability has been found in phf which is unrelated to the well known bad filter problem. All versions of phf should be removed.
ff285dd904fee784fd1e37931b106356da7e64de091e7f180c0b4cd0475e9bdbObject Enumeration in Novell Environments - Due to a combination of legacy support and default settings, Novell Netware servers using native IP will leak system information via TCP port 524 when properly queried. In mixed Novell/Microsoft environments, information regarding Microsoft devices is leaked via the Service Advertising Protocol (SAP) table. Third party products, such as those used to synchronize directory services between environments can further the problem. Essentially, a remote attacker can gather the equivalent information provided by the console command "display servers" and the DOS client command "cx /t /a /r" without authentication.
f09861f9843c17db74e28912eb8310b10f91156447711890837c68c8aac45b4eRed Hat Security Advisory - The usermode package contains a binary (/usr/bin/userhelper), which is used to control access to programs which are to be executed as root. Because programs invoked by userhelper are not actually running setuid-root, security measures built into recent versions of glibc are not active. If one of these programs supports internationalized text messages, a malicious user can use the LANG or LC_ALL environment variables (which are inherited by userhelper and, in turn, any programs it runs) to create a format-string exploit in these programs.
1db0f0456fa0d2b426f0fb186273f3437f1e0cbc4de2f5ae56b730e83a612f38Slackware Security Advisory - Pine 4.21 and below contains remote vulnerabilities. Upgrade to at least Pine 4.30.
9b969c6ac82ffea290161611e9b42207e6f66a62f417de73c296ad690c63b908Xato Security Advisory XATO-112000-01 - The Cart32 shopping cart v3.5 and below for Windows contains multiple remote vulnerabilities. Common user misconfigurations and bad password encryption make the application more vulnerable, often allowing a full compromise of the server.
1b68205e70ca4e4f88bcbe2c595d4abb3e3d2bc69c1f1a4b3a2ee611cee2a60cRemote exploit for rpc.sadmind which brute forces the offset. Tested against Solaris X86 and SPARC v2.6 and 7.0.
c543a35cc08b05e3cb588f1186f77256b06978241255de8c03f64460975820d7Red Hat Security Advisory - Adding specific headers to messages, the pine mail reader v4.21 and the imap server could be made to exit with an error message when users attempted to manipulate mail folders containing those messages.
940bdfed990b3d5a0cd95e63dddf3ebbbb155b9cb2670e92b144e217d665d80bRemote denail of service exploit for Microsoft Exchange 5.5 SP3 Internet Mail Service. A message containing charset = "" causes mail service to crash.
c78e67a1dba1114925190b261aaf34271dcd0f4d45718566b9aeb095f29a02b4Georgi Guninski security advisory #27 - There is a security vulnerability in IE 5.x, Outlook, and Outlook Express which allows searching for files with specific name (wildcards are allowed) or content. Combined with other local file reading vulnerabilities this allows attackers to search for and retrieve any file on a users drive. The problem is the "ixsso.query" ActiveXObject which is used to query the Indexing service and surprisingly it is marked safe for scripting. Exploit code included, demonstration available here.
3742942ac9c34bf744dba44bf01b4e6299d39d0c180e6b80617ec20f063387b0Red Hat Security Advisory - A remote denial of service attack is possible with bind versions prior to 8.2.2_P7.
230026a4ceabecb9b80e8daf329e37d2916897959e5ee27d66dc9ccc9a0cbfd4Many systems have the SUID bit set on cons.saver (/usr/lib/mc/bin/cons.saver), part of the Midnight Commander package. A denial of service vulnerability has been found which allows local users to overwrite a null character to any symlinkable file. Includes proof of concept exploit and a patch for cons.saver.
65e644ff14594df49724ef14d399326c53243a989d5213911a2bd76b3885227cNCPQuery is an open source tool that allows probing of a Novell Netware 5.0/5.1 server running IP. It uses TCP port 524 to enumerate objects with public read access, disclosing such information as account names, server services, and other various objects. A remote attacker can gather the equivalent information provided by the console command "display servers" and the DOS client command "cx /t /a /r" without authentication.
97f05208a1c028a90715780ea2c8dea387e4888c2aff9bf2d8ce53286f2f65ceThis paper discusses full disclosure, the necessity of legitimate network scanning, and the results of criminalizing security research and information. Overreactions to harmless activities not crossing legal boundaries are leading to a scenario where anyone acquiring basic information about a system needs to be afraid about potential consequences.
e221f988e97f22109eda8c7087b9b887b9ed8deda208b3f903f4f85474a6bd52sping sends ICMP ECHO requests to network hosts to determine whether they are 'alive'. It is a small and hopefully secure implementation of the common ping utility that offers far less control over the packet options that may be specified (packet size, delay between packets, etc.) - this is a feature, for both security and bandwidth reasons. sping has been tested on Linux 2.4.0-test8 but should work on other operating systems.
52e646017a626a2389a46f8af16b089194a24df5ab3b347cd25c4472aaca769atcpspy is a linux administrator's tool that logs information about incoming and outgoing TCP/IP connections: local address, remote address and, probably the most useful feature, the user name. The current version allows you to include and exclude certain users from logging - this may be useful if you suspect one of the users on your system is up to no good but do not want to violate the privacy of the other users.
be42a858d82aa8bc9eed613022377744edf6de8fe109da302c4dd48d5d059325libformat is a library for the Linux operating system that intercepts, among others, calls to the printf() family of functions to prevent format string attacks, in which a possibly malicious user supplied format string is used. This is a programming error, but has recently been used to break computer security. This library can be used to protect against compromises due to yet undiscovered vulnerabilities in privileged programs. libformat checks for format strings containing the %n format specifier in writable parts of a process' address space, and if found, the process is terminated with the KILL signal.
6f6b78a44959aef3e5a36b00f50a4946b6cc269063b016bb01f17e77fcb01caetinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
3192d3d8e0c1ecca4c6b8331bf6458eb6a3b3b4379f1d3c85f452c098537a1dbSuSE Security Announcement - Newer versions of /sbin/modprobe can be tricked into executing commands as root if setuid programs which can trigger the loading of modules are installed.
600ed3a3cac000cdeae2f9e19fa707d65d6b882e05aa67d20e04dbc68db5a864PIKT is a cross-platform, multi-functional toolkit for monitoring systems, reporting and fixing problems, security managment, and updating system configurations. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.
3a3f14641f881b3b319134edc1ab5df3ce97303f9e4de4219044947072651fb7sldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic. Tested on Linux, Solaris, FreeBSD, and HP/UX.
c35edc6a47dd9ec731693a1d92c22a6c43c64129490deb94e6fc6df430bb97e5Debian Security Advisory - Versions of BIND prior to 8.2.2p7-1 are vulnerable to a denial of service attack which causes the nameserver to crash after accessing an uninitialized pointer.
536c3d922dd395eb83a854e077ee0dd94b4857e267412af555f3c2f9e9429050
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed