SpamAssassin is a mail filter to identify spam. Using its rule base, it uses a wide range of heuristic tests on mail headers and body text to identify "spam", also known as unsolicited commercial email.
a82a9dab95462d102e253edb99091fddlibpng version 1.2.5 is susceptible to stack-based buffer overflows and various other code concerns.
127f70ce6d41af038f6c102662444fe0fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
f09dbf358b319f9b6f4007e1440dd3c9GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.
bd902e2a88e03720557d72c44131dee0Technical Cyber Security Alert TA04-217A - All applications and systems that use the libpng library versions 1.2.5 and below are susceptible to several vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system.
281f0fd6e4bbc6bda55f4c0e54efea1eFree Web Chat suffers from both denial of service and resource allocation bugs.
324b4b3bdaaa4f1883beae438580b2b9thttpd version 2.07 beta 0.4 on Windows is susceptible to a directory traversal attack.
76ab3004bc6b69223623137274e055acTHC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
99e22711fa15fc6a1c891296ee76f3f5The Doorman is a port-knocking listener daemon which helps users secure private servers. It allows a Unix server to run invisibly, with all TCP ports closed.
44a495d06bf81ac9a824380612035672A critical security vulnerability has been found in the Linux kernel code handling 64bit file offset pointers. Successful exploitation allows local users to have access to kernel memory. Kernel series affected are 2.4.26 and below and 2.6.7 and below. Full exploit provided.
84d0043e4136ab7bb3a0512bab553ed4Datakey's tokens and smartcards suffer from a clear text password exposure vulnerability. The communication channel between the token and the driver is not encrypted. A user's PIN can be retrieved using a proxy driver or hardware sniffer. Systems affected: Rainbow iKey2032 USB token and Datakey's up-to-date CIP client package.
eeb3ebb3e6ccc0a53b808eb6a13c65d2GoScript version 2.0 allows for remote command execution due to a lack of input validation.
a87228fe46882d5172b9458808755f2eJetboxOne CMS version 2.0.8 keeps system passwords in an unencrypted state and also has a remote code execution flaw.
752a4e9ece4d9839fe95cfbf85265b8aeNdonesia CMS version 8.3 is susceptible to full path disclosure and cross site scripting flaws.
86a9952194b133099f969eb10c0eb88eWhen over 40 connections are made to Webbsyte 0.9.0, the service crashes.
9e0bb4f36d041ee36552eacb315d8b54pam_usb is a PAM module that enables authentication using a USB storage device through DSA private/public keys. It can also work with floppy disks, CD-ROMs, or any kind of mountable device.
4755ebf481d0732c5b5edbf3987a8dd4Putty client versions below 0.55 suffer from a flaw that allow for arbitrary code execution.
031610ab69b910612eebb07fdf17a6bfSecunia Security Advisory - A vulnerability has been reported in WackoWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
1419d7517865ed3c9e004b9f36734403Juniper Networks NetScreen Advisory 59147 - A malicious person who can connect to the SSHv1 service on a Juniper Networks Netscreen firewall can crash the device before having to authenticate. Upon execution of the attack, the firewall will reboot or hang, which will prevent traffic to flow through the device.
c5ea2a451b58630a35310e30ce362a07Impost is a multi-purpose scriptable network protocol security auditing tool designed for analyzing network attacks and exploitations while operating as a honey pot or packet sniffer.
2c07ba887fb19ee2ac2727fda42d665bSun Security Advisory - The XSLT processor included with the Java Runtime Environment (JRE) may allow an untrusted applet to read data from another applet that is processed using the XSLT processor and may allow the untrusted applet to escalate privileges. All variants of Sun Java JRE 1.4.x and Sun Java SDK 1.4.x are affected, except releases 1.4.2_05 and above.
d87c0af157537d5cd6452d44facff79aiDEFENSE Security Advisory 08.02.04: Netscape version 7.0, 7.1, and Mozilla 1.6 are susceptible to a SOAPParameter constructor integer overflow vulnerability that can allow for arbitrary code execution running in the context of the user running the browser.
3a271bc80b97cfa87b2e71e086f470a7A vulnerability in WHM Autopilot versions 2.4.5 and below allows malicious attackers the ability to access usernames and clear text passwords.
a1377c8babf5c6cad23638d2e86f45e8A security flaw in ripMIME version 1.x allows attackers to bypass filtering software.
096acc5cdc5f1361b2c6174229e47b36Proof of concept bindshell exploit code that makes use of a buffer overflow vulnerability found in BlackJumboDog FTP servers versions 3.6.1 and below.
7aa6c564a8f8a4179a1251bd81efbfc7
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed