Apple has issued an updated version of Mac OS X, which fixes many unspecified vulnerabilities. An unspecified error reportedly exists within the NFS logging functionality when tracing system calls. Another unspecified error reportedly exists within LoginWindow when handling directory services lookups and console log files. Yet still another unspecified error exists within Packaging during package installation. Not to mention another unspecified error exists within the TCP/IP stack implementation when handling out-of-sequence TCP packets. Two more unspecified errors exist within AppleFileServer when using SSH and reporting errors and within Terminal when handling URLs.
b46294fcf891e166c1351e0f4c3af5105060325db5d31033b1620b4ca1e2bde8
OpenBSD has issued an update for xdm. This fixes a security issue, which potentially may allow malicious users to gain unintended access to a system. A CVS version of XFree86 xdm, which is included in some versions of OpenBSD, has an error that causes it to listen for queries on a random TCP socket, even though requestPort is set to 0 in the configuration file.
c82f31032c3a636e7f95a92cb1b1e6670b590120dc40af3b103d4cf8b2e8d341
Debian Security Advisory DSA 510-1 - jaguar discovered a format string vulnerability in jftpgw, an FTP proxy program, whereby a remote user could potentially cause arbitrary code to be executed with the privileges of the jftpgw server process, which runs as user nobody by default.
f55238d5fd6e9e9d981a76a2e1dc889b92861edfce10fd634692ef07f9ada8e8
Debian Security Advisory DSA 509-1 - Steve Kemp discovered a vulnerability in xatitv, one of the programs in the gatos package. If an administrator removes the default configuration file, a local attacker can escalate to root privileges.
3ce34d6d1e5e9badae4bd01e62d08cce72041031812e1163569eaca982b69ca5
e107 version 0.615 is vulnerable to full path disclosure, cross site scripting, remote file inclusion, and multiple SQL injection attacks.
4648aabab47f7963e174173f3f04af7209fa7f43cb1be7217a8b81b3f861061f
A cross site scripting vulnerability exist in the BBcodes of the LDU forum.
4a3e65669a7cee6e80864864c994010c9a21cbf66af3198951616a455f45c9e1
Mollensoft Hyperion FTP Server version 3.6 is vulnerable to a buffer overflow attack via the CD command.
d3a915968b3a808a8aab52a590f6e69f951b643bc6a5e43b19d531415b94bfe3
JPortal is susceptible to SQL injection attacks and also stores the administrator password in the clear.
c0618cb8789156cdb22120276d0f52027e54887b23146267952c77d16f08b639
rrs is a reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). The listener will accept the connection and receive a shell from the remote host. rrs features full pseudo-tty support, full OpenSSL support (high encryption, client/server authentication, choice of cipher suites), Twofish encryption, a simple XOR cipher, plain-text (unencrypted) session, peer-side session monitoring (snooping), daemon option and reconnection features. rrs is Free Software distributed under the MIT License and is known to compile and run under Linux, FreeBSD, NetBSD, OpenBSD and QNX.
ffd9098cf93da5bda65150fe241ec51eb0eb0e37edca038e6a2216bc12546e85
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
c7135d1f5ec0ac1b70c5dee0e15814bc3abb9d0b97f74703fb107e31cccd0262
Georgi Guninski has discovered a vulnerability in mod_ssl versions below 2.8.17, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Successful exploitation requires that the FakeBasicAuth option is enabled and that the malicious client certificate is issued from a trusted CA (Certificate Authority).
9510c3cbe496d79d6ba299e4a9cfefccde6cd32836986fc9c388bc98a38277d8
EncFS is an encrypted pass-through filesystem which runs in userspace on Linux (using the FUSE kernel module). Similar in design to CFS and other pass-through filesystems, all data is encrypted and stored in the underlying filesystem. Unlike loopback filesystems, there is no predetermined or pre-allocated filesystem size.
979d08d9da170e668c2d4d27feada234a9646720ec3872be41b7ad6b1844d52a
Simple UK GSM mobile network mail-bombing utility.
fa1c075f2a2f366d0d4b7b0e0c7a3091066aaa7868feb157fd2a0044ab8735ca
nbtstat.pl is a simple Perl script that provides the basic functionality of the nbtstat utility that is available on Windows. It grabs the NetBIOS name table from a remote machine. This is a Perl port of eSDee's nbtstat.c (http://www.netric.org/tools.htm), written with portability in mind. It only requires Perl and the IO::Socket module.
13166a14ceb220484c98d39013a6a4c0060355f3bb85f104f1f59e07c7141da8
WifiScanner is an analyzer and detector of 802.11b stations and access points which can listen alternatively on all the 14 channels, write packet information in real time, search access points and associated client stations, and can generate a graphic of the architecture using GraphViz. All network traffic may be saved in the libpcap format for post analysis. It works under Linux with a PrismII card and with the linux-wlan driver.
16751fe94097aa634d7d4fe4759ee5cfc710cf6685c825ca389f2f27494305d6
tacshell is a drop-in replacement for sdshell, the functionality used with RSA's ACE/Server. It uses the TACACS+ protocol for authentication.
ede71e0999d7bfd053f9057721f96d6f11df13cf7aa73e4d659afe677f8e6f14
Tutorial written by Covert Systems Research. It defines several of the common types of vulnerabilities together with their counterpart command line exploit sequences. The descriptions of these types of vulnerabilities range from stack to heap, function pointer and format string weaknesses. This whitepaper has been developed to help those seeking to improve their exploitation skills while also aiming to give the reader the knowledge for a more surgical aspect to manipulating vulnerable programs.
df7d9d5f892763880a05d4e45b7e6b4aa2abc083b26886bb80971593a3d97615
NGSSoftware Insight Security Research Advisory #NISR27052004 - It is possible to cause a number of buffer overruns within the WildTangent WTHoster and Web Driver modules via any method that takes a filename as a parameter. Version 4.0 tested and others are possibly affected.
1fd4a6d0da967ff355c42ac21d6118964e275521cf330235468cd3d7fe398cc5
Sun-Java-App-Server PE version 8.0 suffers from a path disclosure vulnerability when returning server error 500 pages.
80f7cd44aca210a567313a3abe3eec919dc378cf120eb973210189e875ca9082
Technical Cyber Security Alert TA04-147A - A heap overflow vulnerability in the Concurrent Versions System (CVS) could allow a remote attacker to execute arbitrary code on a vulnerable system. Systems affected: Concurrent Versions System (CVS) versions prior to 1.11.16. CVS Features versions prior to 1.12.8.
eb076a8b5b46b1ff5cdb1e09fb7058dfaf0b977564279a22443f627e735d5bc8
Use Of TCP/IP Reserved Port Zero Causes Integrated Lights-Out (iLO) To Stop Responding. LAN management products that use port zero when accessing an Integrated Lights-Out (iLO) in a ProLiant server will cause iLO to become unresponsive. Port zero is specified as a reserved port by the Internet Engineering Task Force (IETF) and should not be used.
89bf8595009c96fdcd64a1994970dee44c3b8ddbf57df3ebd1eaf1ce3c2b6205
MiniShare HTTP server version 1.3.2 is susceptible to a denial of service attack due to mismanagement of requests. If a HEAD or GET request is sent with only one line following it, the server will crash.
5c8714016e397698c8a92f9d1d06a4284a4966ce9ff23ddb246c6e039dd72d94
F-Secure Security Bulletin FSC-2004-1 - Certain malformed LHA archives cause a buffer overflow when scanning them for viruses. The error typically causes a restart of one of the modules in the product. This leads to performance degradation and makes denial of service attacks possible. Product lines affected: F-Secure Internet Security 2004, F-Secure Anti-Virus 2004, Solutions based on F-Secure Personal Express 4.6x and 4.7x.
8f08c9186c7fae40800fd260c2cd4a2448c15fac280f4b24f294d90a8c5af12f
Small whitepaper on nop usage and a random nop generation utility is included.
3406580aa94c1fef3dd119dcc1ae93a8d14aebba8e84a5657d72cce1e07e5292
Metamail remote exploit that makes use of a buffer overflow and upon successful exploitation, binds a listening socket to UDP/13330 awaiting shellcode. Affected versions: 2.2 through 2.7.
4b90ebafdf1d434a218d36dfbf9b51ff8ab8e7a904b5b69a39f31b140b267ee8