Secunia Security Advisory - Elac has discovered a vulnerability in dadaIMC, which can be exploited by malicious people to conduct script insertion attacks.
dc3e8ca90833e5d54256a1fddb7e28422e039946ecb82baf1331222f84f91f9cA vulnerability in LANDesk Management Suite 6.x through 8.x allows for a denial of service attack.
2aaf11eb33ca7bccfdcf5883943e1c384664269296634a56c56bdc6fa7f6c24eKismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
0d6e7e415cedeb9a97ec1cd957c6e3da0718b184bdcd44eedf9dfe2a94beb320mangleme is an automated broken HTML generator and browser tester, originally used to find dozens of security and reliability problems in all major Web browsers (Mozilla / Firefox / Netscape, Konqueror / Safari, MSIE, lynx, [e]links, w3m, elvis, etc), as reported on BUGTRAQ.
834ffbcab9fe491dcb7f248248f9542c337a4d42432f6b53633d5c5528041e9aAccess Point Utilities for Unix is a set of utilities that configure and monitor a Wireless Access Point under Unix. It is known to compile (with GCC and the IBM C compiler) and run under Linux, FreeBSD, OpenBSD, MacOS X, AIX, and QNX.
2fc07e0603d745f169b686ddb5101b31942dc6aa0a2f994f2685e5e249ef0f26Speaker Alarm Dir watches a selected directory and plays a custom PC speaker sound when a file is added or removed.
3e3a3c0eafb2b4f955d485d225fd6a78a40f3e6f712d19637cc17589fc965d7bIfchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.
831a4f304c8d235334dd1e8ae673404ee23c34646ce4e58b36ff8c407db0fc32afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
2144837c5196a9790b397cad71b7615fad76251b4cf01de33fe4de9710eac461Motiontrack is a set of tools that detects motion between two images. It is able to successfully distinguish random flicker from real object movement by applying a set of filters to the images, and can optionally ignore given colors and/or image regions. The roadmap provides for being able to identify objects by pattern detection and AI routines. Currently, this tool is able to turn line-art images into ASCII-art text as a demo feature.
b99a59cd8fef98d31f714922133970e640eebcc112814a0e77a995d77bf8404dOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
25121b5dbd2b830929519325e033086ce45861cff2d0000d928f48261b1e0b7cSecunia Security Advisory - A vulnerability with an unknown impact has been reported in WindowMaker.
5df51bc700e85bd57cee7e2dc7aee8c37596ebbc3a846131a95d07a9a41d24a0A full analysis of the fake Fedora-Redhat security alert with trojan source code.
8363031320a70cbe7df28708097e682234dcc27ea3743a8624775138f0c9cb39Secunia Security Advisory - Some vulnerabilities have been reported in IPplan 3.x, which can be exploited by malicious people to conduct SQL injection attacks. Some unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
e31ab912140ab0b39d36fcf75a5eee0a37acc1fcd55f4df1f022000b6af7cb72Gentoo Linux Security Advisory GLSA 200410-24 - The send-pr.sh script, included in the mit-krb5 package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.
e2c4491e1ab3af80cf5a1af8b784872ab77f49b04bccc4574b2da932241b6826This advisory covers three security bugs that have recently been discovered and fixed in the Bugzilla code: In the stable 2.16 releases, it is possible to make a specific change to a bug without permissions; and in the 2.18 release candidate, there are information leaks with private attachments and comments.
8f9c02f007a21f436c69cf3d72153a7a8d2ed21ef3cb018145a3e685a21f230aSecunia Security Advisory - A vulnerability has been reported in LinuxStat, which can be exploited by malicious people to disclose sensitive information.
57d30c24c3d56df6792e24bcc05ca8281ec50c79c631cf80673fc7fbb8f4d75cApparently some voting machines in New Mexico have decided to pick the opposite candidate of the ones early voters are choosing. More proof that electronic voting systems cannot be used in such an infant stage.
d00e6951b119298faa81ee46188cf2a207cefeea4a3a5e07e4253964a7e3e546Full write up and exploitation walk-thru for the Microsoft Internet Explorer ms-its scheme/CHM remote code execution vulnerability.
c10437988f65d562e543ddae063d81d560a65d91c131cdb441b41b5044e534ceDue to an input validation flaw, MoniWiki versions 1.0.8 and below are vulnerable to cross site scripting attacks.
6a63aea48ca31130e3ab7c679b4efa0a57dbfdc115b7028ceb6ef5aa8fa786fcVarious online German communities suffer from various cross site scripting flaws.
95d6b13a3f108816adabe97256be958fa1aa26689fffa6f11d7146aae65829bdMozilla Thunderbird 0.8 and Firefox 0.9.3 allows a temporary file to become world readable when using secondary applications to view the data.
0b1e7279d45dd44b682ecadf1c4f7ceda50e5ad2aa76c5c8076ff13b04ff70aaOpen WorkFlow Engine version 1.4.x allows for cross site scripting attacks and to be used as a port scanner.
2f7420d7b6d05ffc8c77381aed04c7f24293e98ae186923febe58d817ec42501IPtables scripts that support DoS attack protection, NAT, logging, and drops scans against the server.
628eaba039acd6d209a64194addfe637f45173829dd45b20c011d9d94b8bea33dwc_articles versions 1.6 and below suffer from various SQL injection attacks.
868b0d709c04337ab6679a6750c0c3949932eafe1e106b3ce4937e990b0ec271rssh versions below 2.2.2 suffer from a format string vulnerability that may allow for privilege escalation.
4e71754c1ea5a52d4e553addf2ba481fd95acd61c1c8fb641f366430dbdfc6a1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed