PRTG Network Monitor version 7.1.3.3378 suffers from multiple cross site scripting vulnerabilities.
929aabab18dd36ddc0d64df2ed1835203b3bfafb3b51f2c7989ed4531b579fda
Secunia Security Advisory - Two vulnerabilities have been reported in IBM Tivoli Monitoring, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks.
c9355899cf72d568f3bba4e7b528da2fe6a828da748609b2ea9443c37b144b30
hwk is used for wireless audits, fuzzing and stress testing under Linux. It provides various modes as wireless deauthentication and authentication flooding using a monitor mode interface as well as probe response and beacon fuzzing. Furthermore it comes with some basic injection testing and focusing modes.
fd8f96435bfbc2c8b9e273632f1b0d1579d7413d749d7fc059f09193858d585e
ICIMP 2012, The Seventh International Conference on Internet Monitoring and Protection, Call For Papers has been announced. It will take place May 27th through June 1st, 2012 in Stuttgart, Germany.
0234447e2945a126c837b75adea302129c710c8a748994730ebd93ab6477410e
Secunia Security Advisory - Benjamin Kunz Mejri has discovered multiple vulnerabilities in ServersCheck Monitoring, which can be exploited by malicious, local users and malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
2ca41295eaa6d5058cc299414b13d56c1fec82d3cb9743de7f2447cdb583a458
Secunia Security Advisory - Multiple vulnerabilities have been reported in ServersCheck Monitoring, which can be exploited by malicious users to disclose sensitive information and conduct script insertion attacks.
c12f2b4f0bd5f3e1bfe8e5f93068a17f60e421370cfdbe7e440fdf2437b61a5a
Malicious software also known as "Malcode" or "Malware" can compromise the security and functionality of a program. Once "installed" it monitors the user’s habits. This documents introduces this kind of threats by spying a widespread internet browser.
2a6bfafdf205655b130fbe757bf585521958b3e381ba17c01acc6d355d95c869
ServersCheck Monitoring version 8.8.6 suffers from cross site request forgery, cross site scripting, and session hijacking vulnerabilities.
a4580aa1b7b69c5fa20a1b2be64aa2e2234207839e8d100a27b6253627c6b167
Ubuntu Security Notice 1197-6 - USN-1197-1 and USN-1197-3 addressed an issue in Firefox and Xulrunner pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides an update for Qt that blacklists the known fraudulent certificates. USN-1197-1 It was discovered that Dutch Certificate Authority DigiNotar had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.
ffcdd5bd50bb293ea8bfd41f16c5b291b1012994e0b0446df4dcd98cdd52ba28
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
c71c06d052de6a783eedb485e434d82046b0bbd0739f450566ee8f309ec2bcb7
Secunia Security Advisory - Gustavo Roberto Rodrigues Goncalves has discovered a vulnerability in Orion Network Performance Monitor, which can be exploited by malicious people to conduct cross-site scripting attacks.
eb8fd66d8072845aad3e4af5f5cfbc16d18df77038a0aede856fb5e8867d33d4
Cisco Security Advisory - Two vulnerabilities exist in Cisco Unified Service Monitor and Cisco Unified Operations Manager software that could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.
60f64f878c6e3dae9e0b096b560a4e86328ac006294b203fc5ed04649eb4d281
Ubuntu Security Notice 1197-5 - USN-1197-1 addressed an issue in Firefox and Xulrunner pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides the corresponding update for ca-certificates. It was discovered that Dutch Certificate Authority DigiNotar, had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.
65cf1792f7a4dd38c9c5bf612f354a54cb4983de28f468427142e9874d7aa170
Ubuntu Security Notice 1197-4 - USN-1197-1 and USN-1197-3 addressed an issue in Firefox and Xulrunner pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides the corresponding update for the Network Security Service libraries (NSS). USN-1197-1 It was discovered that Dutch Certificate Authority DigiNotar, had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.
2fa3d9961038c477b07ac26e41cda71fa80220ec29136cc74f18296bca564134
Secunia Security Advisory - A vulnerability has been reported in Avaya Contact Recording and Quality Monitoring, which can be exploited by malicious people to compromise a vulnerable system.
4b2d8e8184fe8989aefe72beb0c3bd898593aa8edfdb48cd301f81d6f93aa482
Red Hat Security Advisory 2011-1250-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Grid provides high-throughput computing and enables enterprises to achieve higher peak computing capacity as well as improved infrastructure utilization by leveraging their existing technology to build high performance grids. MRG Grid provides a job-queueing mechanism, scheduling policy, and a priority scheme, as well as resource monitoring and resource management. Users submit their jobs to MRG Grid, where they are placed into a queue. MRG Grid then chooses when and where to run the jobs based upon a policy, carefully monitors their progress, and ultimately informs the user upon completion.
8c2616ac9e524393d3e0a399d8392a2fd9e44339325db6f540fe7888b9712a12
WebWatchBot Monitor version 5.1.16 suffers from a divide by zero vulnerability.
c9d43a63f553f608ae984cbf09518892cabbf8f7e41a84c85d577e92a07af479
Ubuntu Security Notice 1197-3 - USN-1197-1 partially addressed an issue with Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update actively distrusts the DigiNotar root certificate as well as several intermediary certificates. Also included in this list of distrusted certificates are the Staat der Nederlanden root certificates. It was discovered that Dutch Certificate Authority DigiNotar, had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.
47f3b7beea1ebda82bd84a63554db1cecbeaa71f2dd97be15a3817c726e46203
Zero Day Initiative Advisory 11-279 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Witness Systems eQuality Suite. This application is bundled with Nortel Contact Recording and Quality Monitoring Suite. Authentication is not required to exploit this vulnerability. The flaw exists within the Unify2.exe component which listens by default on TCP port 6821. When handling a packet type the process trusts a remaining packet length value provided by the user and blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.
c5b7f7de67ca75c73da4296bc399ab55cec0f59dd665fc9c0582effcba399aa6
ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.
ec63ef47d8f4cb8af21a3bc84ff1de6968805146682dd7f10982bde975d9bb5d
Ubuntu Security Notice 1197-1 - It was discovered that Dutch Certificate Authority DigiNotar, had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor. Various other issues were also addressed.
fd76e255f1d4a7bca86eae44ae57d1918bdd583af5e7a0b929620db8d1e6ef53
Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
ca0c50fbc6f33874be11bc7f129e882084b6149cfd3b0dec1cf4936313a1953a
Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
b23a4c2300216b322fc2b40a1624a3b7d197ae9f6f944b0f4fb13625af635734
Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
fa7153f409e721608f962300415cd744516afae4772594ad9b060ca5a0cf7718
Sagan is multi-threaded, real-time system- and event-log monitoring software, but with a twist. Sagan uses a "Snort" like rule set for detecting nefarious events happening on your network and/or computer systems. If Sagan detects a "bad thing" happening, it can do a number of things with that information. Sagan can also correlate the events with your Intrusion Detection/Intrusion Prevention (IDS/IPS) system and basically acts like an SIEM (Security Information and Log Management) system.
cda2d1e4c0e93403469d21af672957302eabebade346a1f67036ae7427f3e399
ndisc6 consists of three command line tools (ndisc6, rdisc6, and traceroute6) that perform ICMPv6 Neighbor Discovery, ICMPv6 Router Discovery, and IPv6 tcptraceroute/traceroute respectively. It is primarily meant for IPv6 networking diagnostics and monitoring.
6acec8a0cb9efa3ac98456f46c3016aeec0598b0c7557c95242b5228ad62ca7a