FreeBSD Security Advisory - The oops port, versions prior to 1.5.2, contains remote vulnerabilities through buffer and stack overflows in the HTML parsing code. These vulnerabilities may allow remote users to execute arbitrary code as the user running oops.
6b5297110c94a870cd6dd4a7328fcc42fc3c830171f96973fba0b7a54701dd6aStunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.
5e30575cc63be30df6b4b637dd5e05ab0836a7fa95e367d067e9467d7e46bca6nscache is a simple program to browse the Netscape cache directory with a GTK UI. It shows the contents of the browser cache in a three level hierarchy of files: protocols, servers and documents or in sorted list. nscache permits you to view files from the cache, remove files, or gather various information about specific files.
df651862c22c4c0976cf3c5ee5ae6b2034297d5b5d99e50765a28d834f4c4ad9Snoopy is designed to log all commands executed by providing a transparent wrapper around calls to execve() via LD_PRELOAD. Logging is done via syslogd and written to authpriv, allowing secure offsite logging of activity.
265ef6d504ae0845cc74ac8071dd13d2d566681f45a60cdcf482172aaee828e5Mailfilter is a flexible utility to get rid of unwanted spam mails, before having to go through the trouble of downloading them into the local computer. It offers support for one or many POP3 accounts and is especially useful for dialup connections via modem. You can define your own filters (rules) to determine which e-mails should be delivered and which are considered waste.
a5b370fd8401c648a189e9be91ea89c2ecc7d631f547974d45cfb68ad897be50Bind-8.2.2P7 patch which logs all bind version requests to syslog.
d0d8c08c122dbec91cd98ddcd3c4ab3b3a49a3c1848f3c67bf6bec2aacc4dec0The Stealth Kernel Patch for Linux v2.2.18 makes the linux kernel discard the packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags. Does a very good job of confusing nmap and queso.
c9b80f8592515b7c5614c60bdf8d23e5306e04fcb2e021b964f0ed18041325ffCgichk is a web vulnerability scanner which automatically searches for a series of interesting directories and files on a given site. Instead of focusing on vulnerable CGI scripts, it looks for interesting and/or hidden directories such as logs, testing, secret, scripts, stats, restricted, code, robots.txt, etc.
8a0ab0f66d6a55d9091a4daa12b32a1dbbc5aec652a3158bb0b5ffb0464af184fwmon is a firewall monitor for Linux which integrates with ipchains to give you realtime notification of firewall events. It has fairly customizable output, allowing you to display a packet summary, hex, and ascii data dumps to stdout, a logfile, or tcpdump-style capture files. It also boasts some simple security features such as the ability to chroot itself, and does not need to run as root.
ade062b651435cad1292f8c79ec185edca2ffedd627f4042a5c91ed1bb0f77e2Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: A good year for the bad guys, and much more.
23b78fa26b43a92a1b64d9bea364ed236d79d46634eaeb1d9bbf14b2114ba066Red Hat Security Advisory - The ed editor used files in /tmp in an insecure fashion. It was possible for local users to exploit this vulnerability to modify files that they normally could not and gain elevated privilege.
603f90530a97c999b489e1a19cb700af30630f6caf6f02cf9dd87d401c6b6620everythingform.cgi uses a hidden field "config" to determine where to read configuration data from. Allows remote attackers to execute commands. Exploit URL's included.
01ce9f63078ea884e7545c04bce65a8e11c4e87b1fcbdb0508d60474d1357b4fItetris v1.6.2 local root exploit - Exploits a vulnerable system() call.
13a0ac0bf7a88ce8832d4b779b8bebc6e5d04c2c956942c7b7664e4ff6f8a7acDebian Security Advisory - A bug in the database reading code of slocate makes possible to overwrite a internal structure with some input. This can be used to trick slocate into executing arbitrary code by pointing it to a carefully crafted database. This is fixed in slocate v2.4.
24e59b5dc48649f6a9258edf08a87a8b7537a1b2ddb866b04b56715dceb03bcbDebian Security Advisory - The problem that was previously reported for joe also occurs with other editors. When nano (a free pico clone) unexpectedly dies it tries a warning message to a new file with a predictable name. Unfortunately that file was not created safely which made nano vulnerable to a symlink attack. This has been fixed in version 0.9.23-1 (except for powerpc, which has version 0.9.23-1.1).
6cf26c8a6c9303180c410ab4dc3cda34443b39eec2c11bf8bd3908081f04eff4Red Hat Security Advisory - A problem exists where BitchX will process malformed DNS answers, allowing an attacker to crash the client, or possibly access the BitchX session remotely. This is fixed in v1.0c17-3.
b63aa4217992472a30e4427aab9dce2b9401c5bb0e47d6b1a64b2995359b2286Exploit for the Bind NXT remote root vulnerability, which affects Bind v8.2 - 8.2.1. Compiles on Linux, tested against Irix, BSD, and Linux. Includes Irix shellcode for breaking chroot.
febfc0b34d825bb1fd2b1ea1e96374fa6816966c45c2f8ac101caef72cf4b91bReverb is a tool to access firewalled, dynamic-dialin and otherwise protected hosts.
9548ad877de5a2911412ee36598b233d8e3896399e75768fa1aa5b678c016314OpenBSD ftpd v2.4_BASE through 2.8 remote root exploit. Includes offsets for v2.6 through v2.8 and instructions for finding offsets of other versions. Requires a writable directory.
e60d36076da9b2566b60a358f1600945cb7392b7f05305acfc0f2dfa49415169Ckermit v7.0 local buffer overflow exploit for Linux/x86. Not setuid by default, but often installed setuid.
a764a6764b205afa2af181409160d382cd7900bb0e413755bae2fd0a686d98deThis Shareware program is an user friendly alternative to the built in eventlog viewer of Windows NT. Besides it allows to conveniently watch the eventlogs of the machines of your network. As soon as an unfiltered event occurs on one of the watched machines, a popup window will inform you about it. You can even start programs of your choice in response to events of your choice. Last not least Elwiz shows some important information about the watched machines.
7ad33242268057a6ff10e53683b25c4b8a5f24fcd639c460c40699edeb1b7fdfAdvanced Archive Password Recovery (or ARCHPR for short) can be used to recover lost or forgotten passwords to ZIP (PKZip, WinZip), ARJ/WinARJ, RAR/WinRAR and ACE/WinACE archives. At the moment, there is no known method to extract the password from such compressed files, so the only available methods are "brute force" and dictionary attacks (for ARJ and ZIP formats, known-plaintext attack is also available).
70f8aa78b7a0da27f290d5feade5857bfd0812119150cdd8cfc45bbd19470118Advanced Lotus Password Recovery v1.02 is a program to recover lost or forgotten passwords to the files/documents created in IBM/Lotus applications (all versions): Organizer, WordPro, 1-2-3 and Approach. The passwords are recovered instantly; multilingual passwords are supported.
0e8704380169052d315e597ecff7cd351e418e290db9c3baa4fdb06caeeba944NDiff compares two nmap scans and outputs the differences. It allows monitoring of your network(s) for interesting changes in port states and visible hosts. NDiff should be useful to network administrators, security analysts, and other interested parties who need to monitor large networks in an organized fashion.
f779f0dc5b5ec7204915096b9863b1b7c5c7fa078181c15dbceb4afb0fd0caffxlockmore is an enhanced version of xlock. It incorporates several new commandline options , which allow you to run it in a window, in the root window, in a different size/location, change the size of the iconified window, to install a new colormap and delay locking for use with xautolock.
9089db84a38d940c8efc42d7183198b9eb542928804e446207e6c28794a3261f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed