arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.
9bfb12da950f19a0f8d4d72432c0ef3df379fd765630c710fa97aab5a220fddfOpenSC consists of a SmartCard library that uses any common transport API (e.g. PC/SC, CT-API, OpenCT) as its backend and applications that use the library. It has been tested extensively on Finnish Electronic Identity (FINEID) cards, but a number of other PKCS #15 and ISO 7816 compatible cards work too. Also implemented are a PKCS #11 module (e.g. for Mozilla Web/email usage), a PAM module, somewhat working OpenSSH support, an OpenSSL engine, a few basic tools, and a PKCS #15 structure generation tool for supported cards.
53d7d4ffa4599b13f1805801805d8913fee8edec69a082ff9e9aa29d6193a526New Packet Storm exploits for October, 2005.
698e4f77033a3e807e82317dd0e4d7c7ba22daae9e6cda2b09f4f01044396696Flaws for Finder, Software Update, memberd, Keychain, and the kernel have all been addressed in this latest Apple update.
2c633f5d3e2fe72b1fff28459607162165bb542d1f00be4465e76886d8aa7a66Snippet of code from the Voyager Beta worm.
0a9d34add4e646f517537712d241a8537ff7a4bcc502318fa6bb16b5087e7474look_for_hidden_files is a script which uses debugfs to read the contents of the filesystem without using the kernel's filesystem support and then compares the resulting list with the analogous output from ls. If there is a discrepancy, it indicates some sort of trouble, most likely invasion of the system by a malicious intruder.
50f3d1a95d7e9a46cd6bb0a9d23a73156c732008394c738db3b8e0202c854e93During the development of the Hardening-Patch which adds security hardening features to the PHP codebase, several vulnerabilities within PHP were discovered. This advisory describes one of these flaws concerning a weakness in the file upload code, that allows overwriting the GLOBALS array when register_globals is turned on. Overwriting this array can lead to unexpected security holes in code assumed secure. This vulnerability can allow for remote PHP code execution. Affected versions are PHP4 versions 4.4.0 and below and PHP5 versions 5.0.5 and below.
f8dc972de9ab9723e24e079bb1aa1db52acccf6b34d75a662360600fa9ba97a0During the development of the Hardening-Patch which adds security hardening features to the PHP codebase, several vulnerabilities within PHP were discovered. This advisory describes one of these flaws concerning a weakness in the implementation of the parse_str() function. Under certain conditions triggering the memory_limit request shutdown during a parse_str() call will result in the core of PHP believing that the register_globals directive is turned on (for the rest of the lifetime of the involved webserver process). This may allow an attacker to exploit security flaws in PHP applications that exist due to uninitialized global variables. Affected versions are PHP4 versions 4.4.0 and below and PHP5 versions 5.0.5 and below.
10f101097fd39138422e2a7874bdb94d072b4fbdce038e8405003d6abe5001f5A weakness in PHP's phpinfo() function allows for cross site scripting attacks. Affected versions are PHP4 versions 4.4.0 and below and PHP5 versions 5.0.5 and below.
36fa6835dbeb10584c5e0f7fa40b5dfc12ef31a054c790a4bd79c93d91e4cddbOpenVPN version 2.0.x contain a remotely exploitable format string bug in the processing of its command-line and configuration arguments.
ac9aae219661e250d8c14e1b49f62bdb7c92bc9fd23b145253ed6ab7f2d03578phpBB versions 2.0.17 and below are susceptible to multiple cross site scripting and SQL injection flaws.
b87a7fdac987ea5f043c9ea4c2452f356b8ee2127f77b05d8e0b347a4f218b3eInvision Gallery version 2.0.3 is susceptible to SQL injection attacks.
88deef477a9b0f6f017143b36dff6e0f5585637cb11e6d1741f2126aea14979cmwcollect is an easy solution to collect worms and other autonomous spreading malware in a non-native environment like Linux.
21ae6a8d58a5ef93483cc8c163cf219d57d4772a2f4875558329e397b4c8be5bSome forum.php script is susceptible to SQL injection attacks.
d290f47e77ca8e107b5c908d731a65fe539ce781eaa0dcb0584ed3ddd53491deUbuntu Security Notice USN-213-1 - Tavis Ormandy discovered a privilege escalation vulnerability in sudo. On executing shell scripts with sudo, the P4 and SHELLOPTS environment variables were not cleaned properly. If sudo is set up to grant limited sudo privileges to normal users this could be exploited to run arbitrary commands as the target user.
edc8f0c244d39ceb41c3da1b77060c73e66a52308b7156971890553733a48bb9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed