Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
75748df3b03a20d3063e3565280198e69e1538cea83a3758157b825f166f7a1fNuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
53500286c24dca595772df08191380ae8220e6c87395c9d2713bece043a09762Proof of concept exploits in both C and Perl that demonstrate the existence of the local vulnerability found in Xmame version 0.102.
c3388752d7a8d0c6d2b09698274bde8c9b9e265470e71b5cefc5da1e5e1af37eSecunia Security Advisory - A vulnerability has been reported in Powersave, which can be exploited by malicious, local users to gain escalated privileges.
c4cf310d6a37128b27e38350638f6d4492e645f2ab2b43c6327afb9ba2f674a8Secunia Security Advisory - A vulnerability has been reported in Sygate Management Server (SMS), which can be exploited by malicious people to conduct SQL injection attacks.
a4e425f81864245395d828b683ec8018056f5a5854bcf14536b149be9edbc445Disit is a new open source disassembler engine.
7aceb71d9143184a945084ed93d86e101db05cbb842250649377f0303dc4d23dFarsiNews versions 2.1 and below suffer from a remote file inclusion vulnerability.
e9800eaa837cbd442672ad2b872cf44b2c12293f5ddbf626a03e504a00c77d98Debian Security Advisory DSA-960-1 - Niko Tyni discovered that the Mail::Audit module, a Perl library for creating simple mail filters, logs to a temporary file with a predictable filename in an insecure fashion when logging is turned on, which is not the case by default.
9dc541f4f27186467dcd5ec1cc9c3cacce5ce88b5add72432a5ca318e7dba422Debian Security Advisory DSA 957-2 - Florian Weimer discovered that delegate code in ImageMagick is vulnerable to shell command injection using specially crafted file names. This allows attackers to encode commands inside of graphic commands. With some user interaction, this is exploitable through Gnus and Thunderbird. This update filters out the '$' character as well, which was forgotton in the former update.
6d693b7e624f9f9aa08698c4f2a9e87113822bba8d9d984d08dccb8e8d268461CommuniGate version 5.0.6 LDAP vulnerability exploit.
658773f0490e5d4c3a8255d41a1f2903010a94e71c4893ca3e135b3b5b976345BrowserCRM suffers from cross site scripting flaws.
bbf5cafa02324de24c5e8dc25dfc4655f0acf38e9ebb093f4b008c23b66ed414Cerberus Helpdesk is susceptible to cross site scripting attacks.
cf2d09cbd1042ef92d0fb7818fe5945de7185b3508ea74695f4cb5c4ae6ede46Paps is a passively active port scanner. It scans while posing as other hosts in the same network segment and sniffs for responses in order to determine port status. It is multithreaded and supports syn, fin, null, xmas, udp and random scanning.
e286975c28613fbdd69ded3bb018938eebb0cfadd21db7be7a30ed53ef6fef96Secunia Security Advisory - Mandriva has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious people to conduct HTTP response splitting attacks and potentially to conduct cross-site scripting attacks.
c1b2b7417c739b68bb54c4cd5b46af7932ee9251207676f220a15e7c2a4b2d24MG2 Image Gallery version 0.5.1 suffers from cross site scripting flaws.
fc1ab06ecc3a6210dc49e299a541a6fde658c083cc84c1562acf22c8dcb7f10aGentoo Linux Security Advisory GLSA 200601-17 - Chris Evans has reported some integer overflows in Xpdf when attempting to calculate buffer sizes for memory allocation, leading to a heap overflow and a potential infinite loop when handling malformed input files. Versions less than 3.01-r5 are affected.
fb8d5f1d10a939f1d9d4c064488425b364fe30c20112564816ad724684e23ecaGentoo Linux Security Advisory GLSA 200601-16 - MyDNS contains an unspecified flaw that may allow a remote Denial of Service. Versions less than 1.1.0 are affected.
4c7d071e7f267bae67d61b9f84b77e0239dee5300edd6cc6e89479cbc1c5ec5fDebian Security Advisory DSA 959-1 - The Debian Audit Project discovered that unalz, a decompressor for ALZ archives, performs insufficient bounds checking when parsing file names. This can lead to arbitrary code execution if an attacker provides a crafted ALZ archive.
1a750e99e1e7b0bd0b55e0627ceee9ea92cac4f844f2d514b7c69cadfe7194ccCisco AP remote denial of service exploit that makes use of maliciously crafted ARP requests.
4083da861a5b98c1c4884acb301763e04d58d02fe2ac8140746df0c0400371a0ashnews version 0.83 is susceptible to cross site scripting attacks.
33d52a464825b5f267effc7b044d24162c57885c59ed5013b5fab39e13688852arpcheck checks /proc/net/arp for MAC/IP combinations and compares them to a static list (shorewall style) or a dynamically learned MAC list. If a rogue MAC/IP is found, arpcheck alerts you.
67cda0930283469be20ea4838b22386519cbac3fdfbc70e2a3b5aad1999acf83Arescom NetDSL-1000 remote denial of service exploit that floods the telnetd of the device.
680a2a302fdf95197142af3b1352222efa0708228123926a53cb2d0151a2280aSecunia Security Advisory - Hamid Ebadi has reported a vulnerability in FarsiNews, which can be exploited by malicious people to compromise a vulnerable system.
324d61ed000ddc0700ff08e53807c83faf669e3f6d71dc09391fe798581d9636Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information, gain escalated privileges and cause a DoS (Denial of Service), or by malicious people to gain knowledge of potentially sensitive information and potentially cause a DoS (Denial of Service).
3ce5a6729c23590d9043a15cae459c1ec1a5f6951997838bb7c55e22a6074f36Secunia Security Advisory - Red Hat has issued an update for gd. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system.
01de12ad98a19b84c4db2371baf23353125976488c983133641c9147903c9484
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed