Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions. This version is for the 2.6 kernel. Added VUM (Virtual User Management) support. OTP support for UM. Converted the common code to 2.6 only.
1c57c6b30b0329e7b42d12773eb2672c5c61de5c8d0cdf62145dc1bc870e5360Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions. This version is for the 2.4 kernel.
e78a45feeab611322bce766966f9547722a70a1fb818137595dd89392aec83b1Simple multithreaded SSH brute forcing utility written in Python using paramiko.
56de15394dbc924a7e7a619264774fae2530f9298094d12926b66dad5c96c890Syslserver version 1.058 suffers from a denial of service vulnerability due to a mishandling of malformed UDP packets.
a6efafa996d39f89733fa58ff0381e0d9c1c6f8bc51e86bdf497ccdd62e2ae30The Window NTP Time Server Syslog Monitor version 1.0.000 suffers from a denial of service vulnerability.
1e3b8bf70a6b7f6bd5f48f6038daa7400c37cab35b9374762a8c5d8b432b238eWinFail2Ban is an open source intrusion protection system that scans log files, looks for SQL failed logins, and analyzes the event viewer banning IPs as needed. This is a port of Fail2Ban from Linux to Windows.
d0b458c5ff29225fbe78c0ac5241eca5313621d7407109958ec034e78e4536a930 bytes small linux/x86 PUSH reboot() shellcode.
127695a41b3ba3cfc37f0483973906081e001585bd8dcd0d9c091a3a9b883ee2MPlayer version 1.0rc2 TwinVQ stack buffer overflow proof of concept exploit.
9e304166401ffce8916625dbec9a7a3490a381bb4181d6f97133a9b8f6a0d18fBibCiter version 1.4 suffers from multiple remote SQL injection vulnerabilities.
2001cbf75e25a58a93d55d535b6717e72b22ad0f8f066f4d87ab9391954b06aaSimple PHP Newsletter version 1.5 suffers from local file inclusion vulnerabilities.
16a9eac6967ae7c80867bc2211fc6c0193eb8bbbeb3dfd869ec25d0f0fc0eda0ASP Action Calendar version 1.3 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
dc7ea528bfcbfc48d72b9b6a2f7459976aede6ddb4b205321b9619e2b45609c3AJ Classifieds - For Sale version 3 suffers from a remote shell upload vulnerability.
2ecd00ff721f0e57e88303fd3938724754358b98dc064babed8d15b74fc30c02AJ Classifieds - Personals version 3 suffers from a remote shell upload vulnerability.
389e28d84de00d32316138690db904afd2abd4b7f4a8ca97c5b9ecaccef0179fAJ Classifieds - Real Estate version 3 suffers from a remote shell upload vulnerability.
cbffb4cdd89538e23790baa0511a76fa7f580fea2de9ff728b2c9a8d9b14a0dcSagem Router F@st version 2404 remote unauthenticated reset proof of concept exploit.
58bb0619c6d3951ccfd8aa214c710d60ae975280846c86d8fea45ac18d5153f0Excel Viewer OCX versions 3.1 and 3.2 denial of service proof of concept exploit.
23a5708234caf38adac5969acc1d79f827f35fda903d5a0adfcefb4a5f5cdd92BlogIt! suffers from remote SQL injection, database disclosure, and cross site scripting vulnerabilities.
66d0d3cfa5686ac0a4ffef1bf59d4a4a759d1d302f67c1e8ea87a9da41d363e7RankEm suffers from database disclosure and cross site scripting vulnerabilities.
3b79950d11158e7ef52fea10741fcdb9db9715203d5d0df7a11eab4e4426b72eSilentum Boards suffers from a cross site scripting vulnerability.
6f0098f8cbf6b7cf3c45025d95ca75bdacc3b4937533d6fcfea69278979ad27beReservations suffers from a remote SQL injection vulnerability that allows for authentication bypass.
367f329e1fecfe9dd1955270701aa27ae08a99957bf85e63ec900ed125944c9cPing IP suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4f0c2f9ff4168b87f55e4c9e13326449056f9654c0c39c3738a75161a5d369a4MetaProducts MetaTreeX version 1.5.100 Active-X file overwrite exploit.
76b94b74105888b4488558ce4128ee9977a1a4c8a3f31cc27b63e6b8f0fe4bc3Virginmedia.com suffers from a remote SQL injection vulnerability.
291f205f5342c194347333962f7d5e45d1e6b8449edb438053842ffc58a0a38cMandriva Linux Security Advisory 2009-017 - A vulnerability in KDM allowed a local user to cause a denial of service via unknown vectors. The updated packages have been patched to prevent this issue.
f9d4977c0b44fbc646423d68752cb186daf71baed2b4903565644669d4b3f16aMandriva Linux Security Advisory 2009-016 - Ian Jackson found a security issue in the QEMU block device drivers backend that could allow a guest operating system to issue a block device request and read or write arbitrary memory locations, which could then lead to privilege escalation. It was found that Xen allowed unprivileged DomU domains to overwrite xenstore values which should only be changeable by the privileged Dom0 domain. An attacker able to control a DomU domain could possibly use this flaw to kill arbitrary processes in Dom0 or trick a Dom0 user into accessing the text console of a different domain running on the same host. This update makes certain parts of xenstore tree read-only to unprivileged DomU domains. A vulnerability in the qemu-dm.debug script was found in how it created a temporary file in /tmp. A local attacker in Dom0 could potentially use this flaw to overwrite arbitrary files via a symlink attack. Since this script is not used in production, it has been removed from this update package. The updated packages have been patched to prevent these issues.
bf0f92b3794ad63079798172dc4b4074c87c0b0c4c4de75dc91b2b558aa648ce
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed