ChurchInfo is susceptible to multiple path disclosure and SQL injection attacks.
73a6668e42877f21013a42244916fca67cffcafb36e829d4c99e49634370bab7
Debian Security Advisory DSA 771-1 - Several problems have been discovered in pdns, a versatile nameserver that can lead to a denial of service.
76b380918f984013380fc38aca2a520b0589b23e702396501ad88261b0d64c22
Ubuntu Security Notice USN-157-1 - A multitude of Mozilla Thunderbird vulnerabilities have been addressed in this advisory.
56b8c828690b1296b9878ed27bea60c011fbc5dda8b747a157832a7ac900320b
Gentoo Linux Security Advisory GLSA 200508-01 - Compress::Zlib 1.34 contains a local vulnerable version of zlib, which may lead to a buffer overflow. Versions less than 1.35 are affected.
bc9a69053ab214f7d9b24fa169499b25dd37e79dc612b68d4e5870746dbaa76e
Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
b788fd70ea3dfe1cfec3631d3c75d30809641b7f1dee6fadd8579804f2bd52e9
alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.
b376f1816b722fc736f128af1ad97188c2535954509ebc1bb38dbce10ab03bc2
Netquery 3.1 remote command execution proof of concept exploit.
3b2367e914621187e128ad68af7dadb8a12153971468d5ecdf4a3f427321eefb
iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
84ac04a28ae41e17df0f181d8bc0049ae7a83baae07296e890ea5977a2952318
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
4558b54d776b68b063d77a3447077ba60dce5615f78eb6d628c1ce184319f24e
Packet Storm new exploits for July, 2005.
ab545a8283c253b65bc2b58960d3e3e79415097ff6ceb8e59e6732fda91c568a
A buffer overflow in BusinessMail email server system 4.60.00 allows for a denial of service attack. Proof of concept exploit included.
e61c8d30334ddbd9c69cb79a6029b70f85e075638ce1f5ff51725124201c4044
A SQL injection flaw exists in phpList. Proper exploitation requires that a user be authenticated.
458fc9000f820a935ba9ad27ff4eb00f11f2f4489a319a93892a0c24a662dcf8
Gentoo Linux Security Advisory GLSA 200507-29 - Max Vozeler reported that pstotext calls the GhostScript interpreter on untrusted PostScript files without specifying the -dSAFER option. Versions less than 1.8g-r1 are affected.
87f159155381b36c21e0e0e3fefddc682bb5b863fd0a362a41d8482035a3a0f2
MySQL AB Eventum versions 1.5.5 and below proof of concept SQL injection exploit.
98ae37828a224b42ec7704aa466387c415edefa346151814689409183ced0496
MySQL AB Eventum versions 1.5.5 and below suffer from cross site scripting and SQL injection attacks.
486b62670eba7e416965890cfa7d6c70e4ce802a5432ee1a9a47b3799b7d5e9d
Phpeasynews version 1.13 RC2 is susceptible to cross site scripting, path disclosure, and user check bypass vulnerabilities.
1bcd3c76f6565004ab00f136803cee930fa5730fb78ad311913b6ad2b14f5279
OpenBook version 1.2.2 suffers from a SQL injection vulnerability.
99e3f6e9535131e4d3edf4332578daa55505501be55b27078e97c14c4266ecc7
Gentoo Linux Security Advisory GLSA 200507-28 - Earlier versions of emul-linux-x86-baselibs contain a vulnerable version of zlib, which may lead to a buffer overflow. Versions less than 2.2 are affected.
089895ad37abaac24f0dad3f6afe89af8a82368d5cba6cecff5434588a1426fb
PC-EXPERIENCE/TOPPE CMS suffers from cross site scripting and login bypass flaws.
8b93fec850be69043b24c38d724a3fee23aae77ca336c591a5aee6c961ce8456
Kayako liveResponse versions 2.x suffer from cross site scripting, SQL injection, script insertion, and other vulnerabilities.
467ff6e05fcb9f7bcfe64a7911a6f281382e754685facee0e1c93532010dc5fa
Easyxp41 suffers from multiple cross site scripting and data disclosure flaws. An excessive amount of detailed exploitation is provided.
b11be99fc0ea0ceadd4afffe67998e76b1846a48d50741151bb21bbbc661d62d
Plugged-Blog 0.4.8 suffers from multiple cross site scripting, SQL injection, and other flaws. Detailed exploitation provided.
ebbca1ecec9d8e1ddadf735c12f8d774717fd83bf4c04b5d8fc5c63731f562aa
Trillian Pro 3.1 Build 121 saves a user password in clear text in a temporary file that is world readable when attempting to connect to Yahoo mail.
3bf36659581229e54569a2d59e27539a97b5f16685e7c71abe83814a914d88df
Kshout versions 2.x and 3.x allow for direct file access to their configuration files.
8c0896bc4a509cbcf7c2ba24fcda2dd282d65861445774e2bdc42115d9afe375
Technical Cyber Security Alert TA05-210A - Cisco IOS IPv6 processing functionality contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service.
612a6aab63407f47dd2f70f9f5daac057671dae53d6365bd25ada10a0b1fb803