SpyBye is a tool to help web masters determine if their web pages are hosting browser exploits that can infect visiting users with malware. It functions as an HTTP proxy server and intercepts all browser requests. A few simple rules are used to determine if embedded links on your web page are harmless, unknown, or maybe even dangerous.
fca518a24f738fe463e15af939cee866fb6b7ea3b75e7b18df8f13c365681cc0Mandriva Security Advisory - Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor. Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message.
7269e67e1a6ed8ca07776bcaf1cd0cecf907d085d4b1fb098633457f219b2fc8Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
8cc112d6e0a55b0a7e0802428abbd1b7815e0d01a1240c84a726ecc563629a79Sourcefire has learned of a remotely exploitable vulnerability in the Snort DCE/RPC preprocessor. This preprocessor is vulnerable to a stack-based buffer overflow that could potentially allow attackers to execute code with the same privileges as the Snort binary. Sourcefire has prepared updates for Snort open-source software to address this issue. Snort Versions affected include Snort 2.6.1, 2.6.1.1, and 2.6.1.2 and Snort 2.7.0 beta 1.
fef4c3ca73f6930bc8ba37134b82478ff1597215d11e0f89b9720b92fc811722Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.
7ac2dde4ed41c68122591d201d914fd15e68aaede4ce7bd6b4469e4b7a8a88e6PHP-Nuke Module Emporium versions 2.3.0 and below remote SQL injection exploit.
00f09aff0f439324690fefd55611957bf69bccc9fdea1046715f9242abd18b50The zombie scapper is an automated perl tool for detecting and stopping distributed denial of service programs. The tool automatically searches and scans the desired target for programs by looking for the ports that are used by the zombie masters. It stops the zombie masters by sending a kill/stop trigger.
3aac75a0f3674fc2c159d06c02b9fcbf0b3f267f5461c229e51495b8838c264cA denial of service flaw exists in the parsing of DNS responses in libevent, specifically in the handling of label pointers. Versions 1.2 and 1.2a are affected.
40a8b76e6d7840ac57ab547f3c89cb6fd0c7f4d3aff4b6329e75d7ecbdad80a0ProFTPD versions 1.3.0 and 1.3.0a controls local root exploit that binds a shell to tcp/31337. This one works for the 2.6 kernel series.
e0a4c6200d855daaf07102fcb5e84b2ce34bf9775307a3c4ea16a0e2bec9460dProFTPD versions 1.3.0 and 1.3.0a controls local root exploit that binds a shell to tcp/31337.
62ebb6b9d642bc1e0e8688dea06dbc7bbe61c1d6177fa589d23cb7b06aaaac39Gentoo Linux Security Advisory GLSA 200702-08 - Chris Evans has discovered multiple buffer overflows in Sun JDK and Sun JRE possibly related to various AWT or font layout functions. Tom Hawtin has discovered an unspecified vulnerability in Sun JDK and Sun JRE relating to unintended applet data access. He has also discovered multiple other unspecified vulnerabilities in Sun JDK and Sun JRE allowing unintended Java applet or application resource acquisition. Additionally, a memory corruption error has been found in the handling of GIF images with zero width field blocks. Versions less than 1.5.0.10 are affected.
c8b35881455ebb15bf2706f632d0a2e1707695a62d10bde10e9ee7c131402758Gentoo Linux Security Advisory GLSA 200702-07 - A anonymous researcher discovered that an error in the handling of a GIF image with a zero width field block leads to a memory corruption flaw. Versions less than 1.5.0.10 are affected.
255934e66b796944c701666453d0f3b810b9f1a83ac256d90bb890a1cc7bdc81Gentoo Linux Security Advisory GLSA 200702-06 - An unspecified improper usage of an already freed context has been reported. Additionally, an assertion error could be triggered in the DNSSEC validation of some responses to type ANY queries with multiple RRsets. Versions less than 9.3.4 are affected.
791bff594c1ce471290ec2178d47f2f7298fc4c9f324c2479b19b5f076bd824e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed