IWar is a war dialer used for auditing your PSTN (phone) network. Its features include random/sequential dialing, Voice over IP using the IAX2 (Intra-Asterisk eXchange) protocol, ASCII flat file and MySQL logging, a curses-based front end, key stroke marking, multiple modem support, several methods of tone detection, save/load state, banner detections (to determine remote system types) and blacklist support.
d16330469c1c10c84b415b360b2898660cb3b8a4f167a5343430032dd49596d5
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
61d9bcf837b6f1d1377469a0a3e005aadb67c39ef8476883d92e35767c09da02
System Local Audit Daemon can run standalone or managed by systems like IBM-Tivoli, HP-OpenView, or Nessus to perform local security checks. It runs on the target hosts and enables them to call security tools like John the Ripper, Tiger, Tripwire, or a virus scanner via a unified XML interface. It is part of the BOSS Project.
49144aaa097f8d0f0c2697e4989e92d751c5a10db6c89eff5cf883382c58ab22
Email Security through Procmail attempts to address the trend towards "enhancing" email clients with support for active content, which exposes end-users to many and varied threats, by "sanitizing" email: removing obvious exploit attempts and disabling the channels through which exploits are delivered. Facilities for detecting and blocking Trojan Horse exploits and worms are also provided.
ed45904440d2a6be917137c868071b99074c1caededc8a55bd75f20656fb7031
Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
8d889a5c0f59a98ce5ef0b59f13d560decbd7c3142e438413fa5ccf158098f16
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
1d480badd146e67be914f84d3a014584ce046edce7e3ac77a93a49c4bc17565d
Nabi version 1.0 - Advanced /var log wiper for Linux.
b1c68442026f6c6d0e25698c226206e348634261e88d9b038bdc711de7296650
SimpleBlog version 2.1 is susceptible to SQL injection and cross site scripting attacks due to a lack of variable sanitization.
ff3506b3610ffd9f70066e0dfd16bf0eefd11f81fdae4679dc4fb59c83fa407c
This advisory documents an anomaly involving Microsoft's Wireless Network Connection. If a laptop connects to an ad-hoc network it can later start beaconing the ad-hoc network's SSID as its own ad-hoc network without the laptop owner's knowledge. This can allow an attacker to attach to the laptop as a prelude to further attack.
78cd0166cc3fdf94d948b2a5271ecace8556a14b625a9e730b15c0da1b9c63fa
Firefox is susceptible to cross domain scripting attacks via iframes.
6b89d1a712c42d0fa22e8d3c4e52b2435c889ef59a3099d697e6dc33a9ba2ee7
HomeFTP versions 1.1 and below remote denial of service exploit.
bfe507a22b3a191feed82a1e2d6e93ea181a1033f05c8b587ee2c18c91fc4df0
ezDatabase versions 2.0 and below are susceptible to remote php file inclusion flaws due to a lack of sanitizing variables.
ac57b93b8fc1d7e7df2e5d472a80f4f20f28d7027c75879ea8e99db34f8ddc2a
IP-Array is a linux firewall script written in bash designed for small to mid sized networks. Includes support for traffic shaping and VPN.
500c1516f91b94f1701b91e3b91120974f43a902cc657105f2744fcd270e2a3c
iDefense Security Advisory 01.13.06 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s Open Enterprise Server Remote Manager allows attackers to execute arbitrary code. iDefense has confirmed this vulnerability in Novell SUSE Linux Enterprise Server 9. All previous versions are suspected vulnerable. Novell SUSE Linux Enterprise Server components are included in Novell Open Enterprise Server; as such, Open Enterprise Server is also vulnerable.
197db68e48a10d85b265fb699041cf0c6e9abc7b8a68545fc33a0559c112dcc7
Farmers WIFE version 4.4 sp1 ftpd remote exploit that allows for system compromise.
890997b51723f28c17e0b21e78bc7cc7e3e5fb4620c3ebe70555565e6bffafc1
xmame version 0.102 -lang local buffer overflow exploit.
caeb134ee85336174f93db9c40254941cea8034983b2bef940871d7882de9aba
SUSE Security Announcement - iDEFENSE reported a security problem with the Novell Remote Manager. By passing a huge or negative size via a HTTP request header to httpstkd it was possible to corrupt heap memory and so potentially execute code.
87bf1965c10956fc2c5e9eaba8f5e3a7ec9b2235ed03cbed1250c56b594036e8
Debian Security Advisory DSA 939-1 - Daniel Drake discovered a problem in fetchmail, an SSL enabled POP3, APOP, IMAP mail gatherer/forwarder, that can cause a crash when the program is running in multidrop mode and receives messages without headers.
eb504508b154bb07b0bb263ba3c986f09ccb2fd68c81cba8ebfb80da0474e83d
Gentoo Linux Security Advisory GLSA 200601-09 - H D Moore discovered that Wine implements the insecure-by-design SETABORTPROC GDI Escape function for Windows Metafile (WMF) files. Versions less than 20050930 are affected.
cd8ca0e1a30edba91563e64b6d76c0d63d0c00d2aa1332d8aa876d3e21148e3d
Gentoo Linux Security Advisory GLSA 200601-08 - Damian Put has reported a flaw due to an integer overflow in the get_bhead() function, leading to a heap overflow when processing malformed .blend files. Versions less than 2.40 are affected.
e18b4c51a8fa22878df3aa1f69fe1dabdd1850bdb5421c8925ca390a8cb66f32
Gentoo Linux Security Advisory GLSA 200601-07 - Zero Day Initiative (ZDI) reported a heap buffer overflow vulnerability. The vulnerability is due to an incorrect boundary check of the user-supplied data prior to copying it to an insufficiently sized memory buffer. The flaw occurs when the application attempts to handle compressed UPX files. Versions less than 0.88 are affected.
c9984dd1c3662a2d8cdaf40fd2641d724abdd7923edc21626d62b254b8506859
MiniNuke CMS System versions 1.8.2 and below suffer from a flaw where an authenticated user can change any password via membership.asp.
c6423873b6c974af6954684aa5e8d239c47ef8a713d5e4956fc919cf56f47cc6
MiniNuke CMS System versions 1.8.2 and below suffer from a SQL injection attack in news.asp.
3061308ccb8ff80555c1621b1060cbc2a6137f5856046a796d3781f41899d5b3
A simple threaded portscanner that is lightweight.
471fde63c18412449830d4ba493ef8fd2b3e2ed9c4e9f04a51adaf2d3d1c0868
Using ussp-push from the Toshiba Bluetooth Stack versions 4.00.23(T) and below, an attacker can place a trojaned file anywhere on the filesystem.
032e619b38af3404776cca356075de5f940987e34114e0fcfc11faaae45c8d2f