Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
75748df3b03a20d3063e3565280198e69e1538cea83a3758157b825f166f7a1f
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
53500286c24dca595772df08191380ae8220e6c87395c9d2713bece043a09762
Proof of concept exploits in both C and Perl that demonstrate the existence of the local vulnerability found in Xmame version 0.102.
c3388752d7a8d0c6d2b09698274bde8c9b9e265470e71b5cefc5da1e5e1af37e
Secunia Security Advisory - A vulnerability has been reported in Powersave, which can be exploited by malicious, local users to gain escalated privileges.
c4cf310d6a37128b27e38350638f6d4492e645f2ab2b43c6327afb9ba2f674a8
Secunia Security Advisory - A vulnerability has been reported in Sygate Management Server (SMS), which can be exploited by malicious people to conduct SQL injection attacks.
a4e425f81864245395d828b683ec8018056f5a5854bcf14536b149be9edbc445
Disit is a new open source disassembler engine.
7aceb71d9143184a945084ed93d86e101db05cbb842250649377f0303dc4d23d
FarsiNews versions 2.1 and below suffer from a remote file inclusion vulnerability.
e9800eaa837cbd442672ad2b872cf44b2c12293f5ddbf626a03e504a00c77d98
Debian Security Advisory DSA-960-1 - Niko Tyni discovered that the Mail::Audit module, a Perl library for creating simple mail filters, logs to a temporary file with a predictable filename in an insecure fashion when logging is turned on, which is not the case by default.
9dc541f4f27186467dcd5ec1cc9c3cacce5ce88b5add72432a5ca318e7dba422
Debian Security Advisory DSA 957-2 - Florian Weimer discovered that delegate code in ImageMagick is vulnerable to shell command injection using specially crafted file names. This allows attackers to encode commands inside of graphic commands. With some user interaction, this is exploitable through Gnus and Thunderbird. This update filters out the '$' character as well, which was forgotton in the former update.
6d693b7e624f9f9aa08698c4f2a9e87113822bba8d9d984d08dccb8e8d268461
CommuniGate version 5.0.6 LDAP vulnerability exploit.
658773f0490e5d4c3a8255d41a1f2903010a94e71c4893ca3e135b3b5b976345
BrowserCRM suffers from cross site scripting flaws.
bbf5cafa02324de24c5e8dc25dfc4655f0acf38e9ebb093f4b008c23b66ed414
Cerberus Helpdesk is susceptible to cross site scripting attacks.
cf2d09cbd1042ef92d0fb7818fe5945de7185b3508ea74695f4cb5c4ae6ede46
Paps is a passively active port scanner. It scans while posing as other hosts in the same network segment and sniffs for responses in order to determine port status. It is multithreaded and supports syn, fin, null, xmas, udp and random scanning.
e286975c28613fbdd69ded3bb018938eebb0cfadd21db7be7a30ed53ef6fef96
Secunia Security Advisory - Mandriva has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious people to conduct HTTP response splitting attacks and potentially to conduct cross-site scripting attacks.
c1b2b7417c739b68bb54c4cd5b46af7932ee9251207676f220a15e7c2a4b2d24
MG2 Image Gallery version 0.5.1 suffers from cross site scripting flaws.
fc1ab06ecc3a6210dc49e299a541a6fde658c083cc84c1562acf22c8dcb7f10a
Gentoo Linux Security Advisory GLSA 200601-17 - Chris Evans has reported some integer overflows in Xpdf when attempting to calculate buffer sizes for memory allocation, leading to a heap overflow and a potential infinite loop when handling malformed input files. Versions less than 3.01-r5 are affected.
fb8d5f1d10a939f1d9d4c064488425b364fe30c20112564816ad724684e23eca
Gentoo Linux Security Advisory GLSA 200601-16 - MyDNS contains an unspecified flaw that may allow a remote Denial of Service. Versions less than 1.1.0 are affected.
4c7d071e7f267bae67d61b9f84b77e0239dee5300edd6cc6e89479cbc1c5ec5f
Debian Security Advisory DSA 959-1 - The Debian Audit Project discovered that unalz, a decompressor for ALZ archives, performs insufficient bounds checking when parsing file names. This can lead to arbitrary code execution if an attacker provides a crafted ALZ archive.
1a750e99e1e7b0bd0b55e0627ceee9ea92cac4f844f2d514b7c69cadfe7194cc
Cisco AP remote denial of service exploit that makes use of maliciously crafted ARP requests.
4083da861a5b98c1c4884acb301763e04d58d02fe2ac8140746df0c0400371a0
ashnews version 0.83 is susceptible to cross site scripting attacks.
33d52a464825b5f267effc7b044d24162c57885c59ed5013b5fab39e13688852
arpcheck checks /proc/net/arp for MAC/IP combinations and compares them to a static list (shorewall style) or a dynamically learned MAC list. If a rogue MAC/IP is found, arpcheck alerts you.
67cda0930283469be20ea4838b22386519cbac3fdfbc70e2a3b5aad1999acf83
Arescom NetDSL-1000 remote denial of service exploit that floods the telnetd of the device.
680a2a302fdf95197142af3b1352222efa0708228123926a53cb2d0151a2280a
Secunia Security Advisory - Hamid Ebadi has reported a vulnerability in FarsiNews, which can be exploited by malicious people to compromise a vulnerable system.
324d61ed000ddc0700ff08e53807c83faf669e3f6d71dc09391fe798581d9636
Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information, gain escalated privileges and cause a DoS (Denial of Service), or by malicious people to gain knowledge of potentially sensitive information and potentially cause a DoS (Denial of Service).
3ce5a6729c23590d9043a15cae459c1ec1a5f6951997838bb7c55e22a6074f36
Secunia Security Advisory - Red Hat has issued an update for gd. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system.
01de12ad98a19b84c4db2371baf23353125976488c983133641c9147903c9484