pam_usb is a PAM module that enables authentication using a USB storage device through DSA private/public keys. It can also work with floppy disks, CD-ROMs, or any kind of mountable device.
1f2c49cb404730eac047ebdb2a69629e4140763aa2af7d4a8bb37579a3be212c
Logcheck parses system logs and generates email reports based on anomalies. Anomalies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.
0c323cfcd78aabc9d13d858b0c0cef01c3baacfd55ec7c052caf1f70399bd2ad
TinyCA is a simple GUI written in Perl-Gtk to manage a small certification authority. It works as a frontend to OpenSSL. TinyCA lets you manage x509 certificates. It is possible to export data in PEM or DER format for use with servers, as PKCS#12 for use with clients, or as S/MIME certificates for use with email programs. It is also possible to import your own PKCS#10 requests and generate certificates from them. It also lets you create and manage SubCAs for more complex setups. The most important certificate extensions can be configured with the graphical frontend. English and German translations are included.
c828b55ccd9d8b41da5a4c55509a2d052c6291e620bd12ed6143e8e95380d713
dietsniff is a tiny tool for analyzing traffic on a network. It is not intended to replace well-known tools like tcpdump or ethereal. It is intended for the case when a small and especially static sniffer is required. Accordingly, it is also by far not that powerful, and is also bound to Linux as a platform.
05083d6b643b14af548bd671d5a61805780693cc7fe4f091ab4305a19897e1a7
DIIT provides a simple tool that can hide a message inside a 24-bit colour image so that knowing how it was embedded, or performing statistical analysis, does not make it any easier to find the concealed information. It also provides a framework for implementing other steganography algorithms for use in the tool. Source and jar included in tarball.
eac123a770b32ddf0edbbea42b59cc2c84ac1571674678d0fa641974b5629b0d
Antispyd is an HTTP/HTTPS threat filtering proxy server. The main characteristic of this project is the modularity of its conception. The program is organized around an HTTP/HTTPS gateway service and a set of filters that can be enabled or disabled, and are all configurable with a single configuration file. Current filters are: URL filtering, content filtering, content-type filtering, cookie removal, pop-up removal, shell code attack blocking, Web traffic anonymizing, and a signature-based filtering engine. All filtering is done on the fly, without blocking downloads in any case. It uses only POSIX primitives and is built with autotools, and was created with security in mind.
112077dbccabe269e2b6aa19460bc0804e6d4aa3bd778b7012df29c46016e0e0
Mudpit is an intelligent, modular, and reliable spool processor for Snort's unified format.
074ee4f86bbb5ab665f7b6a03b8f8ca579b5c3c24b1e4d27925bcd84a9f60ebd
Secunia Security Advisory - Some vulnerabilities have been reported in Mantis, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.
984383cb421f6ccc88debbc3effe23d50a2f4c813b2109e8256b605222bee8ca
Secunia Security Advisory - Lostmon has reported some vulnerabilities in Flyspray, which can be exploited by malicious people to conduct cross-site scripting attacks.
7813a1bb45483efb82a4beeea157e1e4712a362555b9703db218839e78e87797
Secunia Security Advisory - Debian has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
f3dcfa0b2e2c44da5fe7a3c3230d5da81f06c0df070029a412480997de7dfa79
Secunia Security Advisory - Steve Kemp has reported two vulnerabilities in GNOME-DB libgda, which potentially can be exploited by malicious people to compromise a user's system.
784ed426b2a20fd88333e7e13e598e99aef92184ede969415d15c8abd89ba3a6
Secunia Security Advisory - Sven Tantau has reported a vulnerability in CHM Lib (chmlib), which potentially can be exploited by malicious people to compromise a user's system.
d1e5397d7a5037f693318cd1593ce85656f991647c895a98748375b7aa278ee4
Secunia Security Advisory - Red Hat has issued an update for ethereal. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
1afcc5ea7c95bfa6218a9f5f430fbe16097ad6e4452bf9207adca05b8530a4ad
Secunia Security Advisory - Francesco aScii Ongaro has discovered a vulnerability in PHP iCalendar, which can be exploited by malicious people to compromise a vulnerable system.
22354fbd1b4ed30e79a706a3378a1d1594bf495433d59b32a509b1336a1ad0b8
Secunia Security Advisory - Daniel Fabian has discovered a vulnerability in Snoopy, which can be exploited by malicious people to compromise a vulnerable system.
9a0237dbfdcab60f26953b5153a546608d7cb40a910d17da10405cc0b8864f44
Secunia Security Advisory - SEC Consult has reported a vulnerability in RSA ACE/Agent for Web, which can be exploited by malicious people to conduct cross-site scripting attacks.
12d8adffe0e916ebde01961fd5eca46c4d6b78c1ea686f6ba4d45dbc8356e242
Secunia Security Advisory - Debian has issue an update for koffice. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
6f926128147e15f476d1ff00bb2d6a612811d91291eaf0fd9db6818e540c6c7c
Secunia Security Advisory - SGI has issued a patch for SGI Advanced Linux Environment. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to gain knowledge of sensitive information, bypass certain security restrictions and compromise a user's system.
d86e4272f26f8fd0a2eda7175d7a3232bb3cda13da014ba7370fc6b1af821ce2
Secunia Security Advisory - Debian has issued an update for libgda2. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
360b383f70942d3899be1061d03a76ecbc42bfc9d2314c70c47412f3d10ebe21
SCO Security Advisory - Buffer overflow in xpdf 3.00, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
c12e6d6bc481931dcd7411f64221e71a6d5e58832187420893295ac95607b08d
iDEFENSE Security Advisory 10.20.05 - Remote exploitation of a buffer overflow vulnerability in the Service Location Protocol (srvloc) dissectors within Ethereal, as included in various vendors' operating system distributions, could allow attackers to crash the vulnerable process or execute arbitrary code.
f84a2cd36e4396316ddd959b480a5923aa5ec3cbd094fbefa3f0372f500ea2eb
Nightmare TeAmZ Advisory 011 - multiple sql injection, XSS, and HTML injection vulnerabilities exist in Zomplog blogging software. POC included.
a6018601dd4804eec98dbf68da4ae123df219bbbff9b7373071b420fc139d4a0
NEURAL NETWORKS and their applicability in security field - Neural networks are widely used for prediction, pattern recognition, and classification. Voice or handwriting recognition problems are very hard to solve using standard programs and algorithms. This paper discusses the applicability of neural networks in security applications.
9cf3e295b1ff5abc3b9a786a4d77a990eefb258ac7155442425949d74d590315
Chipmunk Forum, Topsites, Directory, and Guestbook suffer from multiple XSS and path disclosure vulnerabilities.
23cac3529e4cae30ba7ad7123e1343b17e4ac7da4d4902d5bd9b5eb3dfbe7921
Oracle Workflow is part of the database or application server installation. The parameter end date is vulnerable against XSS/CSS attacks.
2015cccd11fc56c421cc335833dd6265eb14354db7e65f1005b9a8dc48d71dc8