Secunia Security Advisory - Marc Ruef has discovered a weakness in e107, which can be exploited by malicious people to identify valid administrator accounts.
4d0ba5592426143b74204360543ad893392f0814348fa1142ae1c7deaa58ff2c
Secunia Security Advisory - Donnie Werner has reported two vulnerabilities in Cool Cafe, which can be exploited by malicious people to conduct SQL injection attacks and disclose sensitive information.
4d85337831db44b5228450a7b5284d12318a9fba375ca3b8a010d9510e6f9389
Secunia Security Advisory - A security issue has been reported in the amaroK Web Frontend plugin for amaroK, which can be exploited by malicious people to disclose potentially sensitive information.
d316d77301234232084b2d9c37a8bb97fb38c35df1e51a237b9818060d69f494
Secunia Security Advisory - A vulnerability has been reported in ajax-spell, which can be exploited by malicious people to conduct cross-site scripting attacks.
9f06d06850e2be88d7c1ffb4c95a3116e67fdea0727a72f1c00c3a9abf55e3ed
Secunia Security Advisory - A vulnerability has been reported in Contelligent, which can be exploited by malicious users to gain escalated privileges.
fae4cfb29d014ef17e199e17b9716135580d802e7e3a1d7e7019972a0140155d
Secunia Security Advisory - Two vulnerabilities have been reported in Razor-agents, which can be exploited by malicious people to cause a DoS (Denial of Service).
300bf0b8104f1214f5888ed6af63bdf362db9b1ea580a5037dc8142fee914318
Secunia Security Advisory - M. Eiszner has reported a vulnerability in Yaws, which can be exploited by malicious people to gain knowledge of potentially sensitive information.
1fdefd1ff853f24ab642da86790f8c45927389313712015cabf140cdf60a7ec4
afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
19cd426419baadcebc1b19df6da2121806a3290047903d2bb679ac71f549fe06
Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
0c15f24dafece7a89b91f0b9cce99e0e466142d5a64c31c7d746b4779dbde908
Iron Bars SHell is a restricted Unix shell. The user can not step out of, nor access, files outside the home directory. Two ASCII configuration files are used for more control. The system administrator can define which commands may be executed by the user. No other executables are allowed. The admin also has the opportunity to define what kind of files the user may create. If a file has a certain extension (such as .mp3, .c, etc.), ibsh automatically erases it.
4c40d0841527c76fc75ccc27d32b575543d02d661973fc3561004efb6033206d
The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
d0e51c10a398ac2345a217c0c2d573719f94a588438d740d8a713f4c6c4a844c
MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
178f91e6705b241f26200da467c002cac2c07ca6bcf86861ad6e4dcc7708d55b
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
3ba5bfda516296f4d437b8f084b73fdac28c4555721ac5f3c1c16d6a928b1051
devialog is a behavior/anomaly/signature-based syslog intrusion detection system which can detect new, unknown attacks. It fits comfortably in a heterogeneous Unix/Linux/BSD environment at the core of a central syslog server. devialog can generate its own signatures and can act upon anomalies as configured by the system administrator. In addition, devialog can function as a traditional syslog parsing utility in which known signatures trigger actions.
39c2fcf2300693ea3700193cf40cb49c90c1e34d63567bef1891076db8e3f013
Ultimate PHP Board versions 1.9.6 and below GOLD users.dat password decryption exploit.
fbe67e5833a5e0f4870a89b00be1d689fd46c141f96cb9caaa11871eb4a0d81a
PHP Arena paFileDB version 1.1.3 and below remote change password exploit.
21ff5493b3d13020027b781c3301e19fb02a44dc7fe9fb698a7a0a9e7dcca39d
eXtropia shopping cart web_store.cgi remote command execution exploit.
fef20979705881aca12128febe266420bb0d17e4e54cdb8c7cc2e3047af6a125
Mambo 4.5.2.1 + MySQL 4.1 fetch password hash exploit.
f9a8b250ec575ebc3bce0a780658be14c64dc39dde65caf8f5a99bb25084eb9b
IBM AIX paginit root exploit. Tested on 5.2.
7839c0d3be799de0ddeeb08bd69cf3ba663dd840e8a3f7a207c482afeeaa0eae
IBM AIX netpmon elevated privileges exploit. Tested on 5.2.
6ab363f721a614dbfb19cd969d56ede090d9267be4bbb24db85989246f7c0a09
Mac OS X 10.4 launchd race condition exploit.
31435d1354307eed3486347d5e3b4d98d667c7a6379b28e4cb4c0009229ac15d
Webhints version 1.0.3 and below remote command execution exploit.
c863f5e990784e8fee4133e4bb37fe00bff8c97f1d37ed5fe1ea0b9fdb534179
Webhints version 1.03 and below remote command execution exploit. Written in C.
9e761d2bce27b6bc094af54df8852e727a1fe6dd2d56fb50a9a2d01ed8014a5e
Webhints version 1.03 and below remote command execution exploit. Written in Perl.
41a30d39d634bcd07034cd4c3a5aede15a4e97236b8e2bfd2b87b8611b1cf3cd
WinZip command line local buffer overflow exploit. Tested with WinZip 8.1 on Win XP SP2 EN.
fab2e64730978d0a4446513212946fe3cd7f489153e5bd2e5ffe3b66a5b79698