what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2006-12-12 to 2006-12-13

Posted Dec 12, 2006
Authored by Sancho Lerena, Raul Mateos, Esteban Sanchez, Jonathan Barajas, Joss Navarro, Antonio Dos Santos | Site pandora.sourceforge.net

Pandora is a monitoring system designed to watch systems and applications. It allows auditing of any element of a system, from a network interface being down to a defacement in a web site. Included in this tarball are PandoraFMS_Agent_UNIX-1.2.0.tar.gz, PandoraFMS_Agent_Windows_src-1.2.0.zip, PandoraFMS_Console-1.2.0.tar.gz, PandoraFMS_Documentation-1.2.0.zip, PandoraFMS_Server-1.2.0.tar.gz, and PandoraFMS_Windows_Agent_Setup-1.2-0.exe. These files make up the server, web console, and various agents to be used in the PandoraFMS.

tags | web
systems | unix
SHA-256 | dd690d510b277c38e2493ebedc80eb6bb78639a11af4a83db4ba863f16782723
Posted Dec 12, 2006
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.

Changes: Extended db schema. Added support for SQLite.
tags | tool, remote, local, scanner
systems | linux, netbsd, unix, solaris, freebsd, openbsd
SHA-256 | 32e1f026dd57ab647074756629038bd5a27a8e6656915da975aca3b0f3a7ca75
Clam AntiVirus Toolkit 0.88.7
Posted Dec 12, 2006
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various bug fixes including some memory leaks.
tags | virus
systems | unix
SHA-256 | 702cb5928bff3d0e647a4a6b505d434e3a0f10f2af74bddac5239a200b92d1e2
Gentoo Linux Security Advisory 200612-10
Posted Dec 12, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200612-10 - Tar does not properly extract archive elements using the GNUTYPE_NAMES record name, allowing files to be created at arbitrary locations using symlinks. Once a symlink is extracted, files after the symlink in the archive will be extracted to the destination of the symlink. Versions less than 1.16-r2 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
SHA-256 | 07a25607b09e3b1f875e1084111e15847459500d6d338d883096613879c0fc03
Mandriva Linux Security Advisory 2006.227
Posted Dec 12, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A stack overflow in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2006-6297
SHA-256 | da1868ee50acc326997dc3fd859be00a6f61c1dddcd95047aa9f6596928656cf
Mandriva Linux Security Advisory 2006.226
Posted Dec 12, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Multiple cross site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the mailto parameter in webmail.php, the session and delete_draft parameters in compose.php, and unspecified vectors involving "a shortcoming in the magicHTML filter."

tags | advisory, remote, web, arbitrary, php, vulnerability, xss
systems | linux, mandriva
advisories | CVE-2006-6142
SHA-256 | f780fe058ce85352014c4edd201ec80a122360a88b9dab812c245504a3efbfc4
Posted Dec 12, 2006
Authored by Vicente Aguilera Diaz | Site webappsec.org

The Web Application Security Consortium is proud to present 'MX Injection: Capturing and Exploiting Hidden Mail Servers'. This article discusses how an attacker can inject additional commands into an online web mail application communicating with an IMAP/SMTP server.

tags | paper, web, imap
SHA-256 | 94bd8b84698e67eb59003ab5d105584a50366e226a59e7e88a6db217ff2cff30
Posted Dec 12, 2006
Authored by Dave Ferguson

IBM WebSphere Host On-Demand (HOD) versions 6.0 through 9.0 suffer from a URL manipulation flaw that allows for administrative bypass. Version 10.0 may also be susceptible.

tags | exploit, bypass
SHA-256 | 180a9ffd130b03530479c964bd2cae0050e0dfb3941fd1a11f5377d5f5296248
Posted Dec 12, 2006
Authored by poplix

The D-LINK DWL-2000AP+ with firmware version 2.11 is prone to two remote denial of service vulnerabilities because it fails to handle arp flooding.

tags | advisory, remote, denial of service, vulnerability
SHA-256 | 87d03a41d7205746c6fdc2717648002c7605bc5def176cb29db02f70e7827bcf
Posted Dec 12, 2006
Authored by DoZ | Site hackerscenter.com

ShopSite Shopping Cart suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | af6ff849547eafbfd51d7e61b7468e9b5b678af80f18a74128bf85e483dd385d
Posted Dec 12, 2006
Authored by azurit | Site azurit.elbiahosting.sk

FFsniFF is a simple Firefox extension, which transforms your browser into a html form sniffer. Every time the user clicks on a 'Submit' button, FFsniFF will try to find a non-blank password field in the form. If it's found, the entire form (including the URL) is sent to the specified e-mail address. It also has the ability to hide itself in the 'Extensions manager'. This extension is meant to be as an example of the 'evil side of Firefox extensions'.

tags | tool, sniffer
SHA-256 | 24faaf389eddc1d65202e4423d05fb29d55aadacf2cb93c14251101a81a742f8
Secunia Security Advisory 23290
Posted Dec 12, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for gnupg. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, mandriva
SHA-256 | ab90be0d3dccb9b07d3e218ca088072a7aef24dd59d5c7899f1b0a79cb32f113
Secunia Security Advisory 23300
Posted Dec 12, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for kdegraphics. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, mandriva
SHA-256 | bade2254667b8ef6c09e9a4a669488d92a41fb7bcd524ee7048a3d7761b723b6
Secunia Security Advisory 23309
Posted Dec 12, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for emul-linux-x86-baselibs. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, x86, vulnerability
systems | linux, gentoo
SHA-256 | 4cc82eed87d5f071eb92b7e1a49ec7f34e9f723ce666d493f81c2210a595e416
Secunia Security Advisory 23316
Posted Dec 12, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Bluetrait, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 56d88eca514d2a4c30d73d74a45c15a26c991b9db84912f38ba0b6393c01ec00
Secunia Security Advisory 23318
Posted Dec 12, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mr_KaLiMaN has discovered several vulnerabilities in AnnonceScriptHP, which can be exploited by malicious people to disclose sensitive data, conduct SQL injection and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | b8df3a4f0ef3b2da8393fb3fabcf65c832565cc3d69ffb7c0096a2ab1d58571b
Page 1 of 1

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By