DOCSLIB.ORG

Mcafee Foundstone Fsl Update 2019-Jul-03

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Mcafee Foundstone Fsl Update 2019-Jul-03 2019-JUL-04 FSL version 7.6.118 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and updated checks included with this release. NEW CHECKS 25337 - Mozilla Thunderbird Multiple Vulnerabilities Prior To 60.7.1 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2019-11703, CVE-2019-11704, CVE-2019-11705, CVE-2019-11706 Description Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. Observation Mozilla Thunderbird is an open-source email, newsgroup, news feed, and chat client. Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition, or execute arbitrary code. 25341 - Mozilla Thunderbird Multiple Vulnerabilities Prior To 60.7.2 Category: Windows Host Assessment -> Miscellaneous (CATEGORY REQUIRES CREDENTIALS) Risk Level: High CVE: CVE-2019-11707, CVE-2019-11708 Description Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. Observation Mozilla Thunderbird is an open-source email, newsgroup, news feed, and chat client. Multiple vulnerabilities are present in some versions of Mozilla Thunderbird. The flaws lie in several components. Successful exploitation could allow an attacker to cause a denial of service condition, or execute arbitrary code. 148110 - SuSE Linux 15.0, 15.1, 42.3 openSUSE-SU-2019:1666-1 Update Is Not Installed Category: SSH Module -> NonIntrusive -> SuSE Patches and Hotfixes Risk Level: High CVE: CVE-2019-5787, CVE-2019-5788, CVE-2019-5789, CVE-2019-5790, CVE-2019-5791, CVE-2019-5792, CVE-2019-5793, CVE-2019-5794, CVE-2019-5795, CVE-2019-5796, CVE-2019-5797, CVE-2019-5798, CVE-2019-5799, CVE-2019-5800, CVE- 2019-5801, CVE-2019-5802, CVE-2019-5803, CVE-2019-5804, CVE-2019-5805, CVE-2019-5806, CVE-2019-5807, CVE-2019- 5808, CVE-2019-5809, CVE-2019-5810, CVE-2019-5811, CVE-2019-5812, CVE-2019-5813, CVE-2019-5814, CVE-2019-5815, CVE-2019-5816, CVE-2019-5817, CVE-2019-5818, CVE-2019-5819, CVE-2019-5820, CVE-2019-5821, CVE-2019-5822, CVE- 2019-5823, CVE-2019-5824, CVE-2019-5827, CVE-2019-5828, CVE-2019-5829, CVE-2019-5830, CVE-2019-5831, CVE-2019- 5832, CVE-2019-5833, CVE-2019-5834, CVE-2019-5835, CVE-2019-5836, CVE-2019-5837, CVE-2019-5838, CVE-2019-5839, CVE-2019-5840, CVE-2019-5842 Description The scan detected that the host is missing the following update: openSUSE-SU-2019:1666-1 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: https://lists.opensuse.org/opensuse-updates/2019-06/msg00186.html https://lists.opensuse.org/opensuse-updates/2019-06/msg00187.html SuSE Linux 15.0 x86_64 chromium-debugsource-75.0.3770.90-lp150.218.4 chromedriver-75.0.3770.90-lp150.218.4 chromium-debuginfo-75.0.3770.90-lp150.218.4 chromedriver-debuginfo-75.0.3770.90-lp150.218.4 chromium-75.0.3770.90-lp150.218.4 SuSE Linux 42.3 x86_64 chromium-75.0.3770.90-217.1 chromedriver-75.0.3770.90-217.1 chromium-debuginfo-75.0.3770.90-217.1 chromium-debugsource-75.0.3770.90-217.1 chromedriver-debuginfo-75.0.3770.90-217.1 SuSE Linux 15.1 x86_64 chromium-debuginfo-75.0.3770.90-lp151.2.9.3 chromium-75.0.3770.90-lp151.2.9.3 chromium-debugsource-75.0.3770.90-lp151.2.9.3 chromedriver-debuginfo-75.0.3770.90-lp151.2.9.3 chromedriver-75.0.3770.90-lp151.2.9.3 160581 - CentOS 7 CESA-2019-1619 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2019-12735 Description The scan detected that the host is missing the following update: CESA-2019-1619 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2019-July/023345.html CentOS 7 x86_64 vim-X11-7.4.160-6.el7_6 vim-enhanced-7.4.160-6.el7_6 vim-common-7.4.160-6.el7_6 vim-minimal-7.4.160-6.el7_6 vim-filesystem-7.4.160-6.el7_6 160584 - CentOS 6 CESA-2019-1604 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2019-11707, CVE-2019-11708 Description The scan detected that the host is missing the following update: CESA-2019-1604 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2019-July/023346.html CentOS 6 x86_64 firefox-60.7.2-1.el6.centos i686 firefox-60.7.2-1.el6.centos 160585 - CentOS 7 CESA-2019-1603 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Cent OS Patches and Hotfixes Risk Level: High CVE: CVE-2019-11707, CVE-2019-11708 Description The scan detected that the host is missing the following update: CESA-2019-1603 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://lists.centos.org/pipermail/centos-announce/2019-July/023342.html CentOS 7 x86_64 firefox-60.7.2-1.el7.centos i686 firefox-60.7.2-1.el7.centos 163904 - Oracle Enterprise Linux ELSA-2019-1652 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Oracle Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2016-0787, CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3862, CVE-2019-3863 Description The scan detected that the host is missing the following update: ELSA-2019-1652 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://oss.oracle.com/pipermail/el-errata/2019-July/008872.html OEL6 x86_64 libssh2-devel-1.4.2-3.0.1.el6_10.1 libssh2-1.4.2-3.0.1.el6_10.1 libssh2-docs-1.4.2-3.0.1.el6_10.1 i386 libssh2-devel-1.4.2-3.0.1.el6_10.1 libssh2-1.4.2-3.0.1.el6_10.1 libssh2-docs-1.4.2-3.0.1.el6_10.1 183011 - FreeBSD PostgreSQL Stack-based Buffer Overflow Via Setting A Password (245629d4-991e-11e9-82aa- 6cc21735f730) Category: SSH Module -> NonIntrusive -> FreeBSD Patches and Hotfixes Risk Level: High CVE: CVE-2019-10164 Description The scan detected that the host is missing the following update: PostgreSQL -- Stack-based buffer overflow via setting a password (245629d4-991e-11e9-82aa-6cc21735f730) Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.vuxml.org/freebsd/245629d4-991e-11e9-82aa-6cc21735f730.html Affected packages: postgresql11-server < 11.4 postgresql10-server < 10.9 196360 - Red Hat Enterprise Linux RHSA-2019-1652 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3863 Description The scan detected that the host is missing the following update: RHSA-2019-1652 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2019-July/msg00001.html RHEL6D x86_64 libssh2-1.4.2-3.el6_10.1 libssh2-devel-1.4.2-3.el6_10.1 libssh2-debuginfo-1.4.2-3.el6_10.1 libssh2-docs-1.4.2-3.el6_10.1 i386 libssh2-1.4.2-3.el6_10.1 libssh2-devel-1.4.2-3.el6_10.1 libssh2-debuginfo-1.4.2-3.el6_10.1 libssh2-docs-1.4.2-3.el6_10.1 RHEL6S i386 libssh2-1.4.2-3.el6_10.1 libssh2-devel-1.4.2-3.el6_10.1 libssh2-debuginfo-1.4.2-3.el6_10.1 libssh2-docs-1.4.2-3.el6_10.1 x86_64 libssh2-1.4.2-3.el6_10.1 libssh2-devel-1.4.2-3.el6_10.1 libssh2-debuginfo-1.4.2-3.el6_10.1 libssh2-docs-1.4.2-3.el6_10.1 RHEL6WS x86_64 libssh2-debuginfo-1.4.2-3.el6_10.1 libssh2-1.4.2-3.el6_10.1 i386 libssh2-debuginfo-1.4.2-3.el6_10.1 libssh2-1.4.2-3.el6_10.1 196364 - Red Hat Enterprise Linux RHSA-2019-1619 Update Is Not Installed Category: SSH Module -> NonIntrusive -> Red Hat Enterprise Linux Patches and Hotfixes Risk Level: High CVE: CVE-2019-12735 Description The scan detected that the host is missing the following update: RHSA-2019-1619 Observation Updates often remediate critical security problems that should be quickly addressed. For more information see: http://www.redhat.com/archives/rhsa-announce/2019-June/msg00058.html RHEL7D x86_64 vim-X11-7.4.160-6.el7_6 vim-filesystem-7.4.160-6.el7_6 vim-enhanced-7.4.160-6.el7_6 vim-common-7.4.160-6.el7_6 vim-debuginfo-7.4.160-6.el7_6 vim-minimal-7.4.160-6.el7_6 RHEL7S x86_64 vim-X11-7.4.160-6.el7_6 vim-filesystem-7.4.160-6.el7_6 vim-enhanced-7.4.160-6.el7_6 vim-common-7.4.160-6.el7_6 vim-debuginfo-7.4.160-6.el7_6 vim-minimal-7.4.160-6.el7_6 RHEL7WS x86_64 vim-X11-7.4.160-6.el7_6 vim-filesystem-7.4.160-6.el7_6 vim-enhanced-7.4.160-6.el7_6 vim-common-7.4.160-6.el7_6 vim-debuginfo-7.4.160-6.el7_6 vim-minimal-7.4.160-6.el7_6 25336 - Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities (cisco-sa-20190515-nxos- sisv2) Category: SSH Module -> NonIntrusive -> SSH Miscellaneous Risk Level: High CVE: CVE-2019-1811, CVE-2019-1812, CVE-2019-1813 Description Multiple vulnerabilities are present in some versions of Cisco NX-OS Software.
Load more

Recommended publications
  • Berkeley DB from Wikipedia, the Free Encyclopedia
    Berkeley DB From Wikipedia, the free encyclopedia Berkeley DB Original author(s) Margo Seltzer and Keith Bostic of Sleepycat Software Developer(s) Sleepycat Software, later Oracle Corporation Initial release 1994 Stable release 6.1 / July 10, 2014 Development status production Written in C Operating system Unix, Linux, Windows, AIX, Sun Solaris, SCO Unix, Mac OS Size ~1244 kB compiled on Windows x86 Type Embedded database License AGPLv3 Website www.oracle.com/us/products/database/berkeley-db /index.html (http://www.oracle.com/us/products/database/berkeley- db/index.html) Berkeley DB (BDB) is a software library that provides a high-performance embedded database for key/value data. Berkeley DB is written in C with API bindings for C++, C#, PHP, Java, Perl, Python, Ruby, Tcl, Smalltalk, and many other programming languages. BDB stores arbitrary key/data pairs as byte arrays, and supports multiple data items for a single key. Berkeley DB is not a relational database.[1] BDB can support thousands of simultaneous threads of control or concurrent processes manipulating databases as large as 256 terabytes,[2] on a wide variety of operating systems including most Unix- like and Windows systems, and real-time operating systems. "Berkeley DB" is also used as the common brand name for three distinct products: Oracle Berkeley DB, Berkeley DB Java Edition, and Berkeley DB XML. These three products all share a common ancestry and are currently under active development at Oracle Corporation. Contents 1 Origin 2 Architecture 3 Editions 4 Programs that use Berkeley DB 5 Licensing 5.1 Sleepycat License 6 References 7 External links Origin Berkeley DB originated at the University of California, Berkeley as part of BSD, Berkeley's version of the Unix operating system.
    [Show full text]
  • Fast Statistical Spam Filter by Approximate Classifications
    Fast Statistical Spam Filter by Approximate Classifications Kang Li Zhenyu Zhong Department of Computer Science Department of Computer Science University of Georgia University of Georgia Athens, Georgia, USA Athens, Georgia, USA [email protected] [email protected] ABSTRACT based on its contents, have found wide acceptance in tools Statistical-based Bayesian filters have become a popular and used to block spam. These filters can be continually trained important defense against spam. However, despite their ef- on updated corpora of spam and ham (good email), resulting fectiveness, their greater processing overhead can prevent in robust, adaptive, and highly accurate systems. them from scaling well for enterprise-level mail servers. For Bayesian filters usually perform a dictionary lookup on example, the dictionary lookups that are characteristic of each individual token and summarize the result in order to this approach are limited by the memory access rate, there- arrive at a decision. It is not unusual to accumulate over fore relatively insensitive to increases in CPU speed. We 100,000 tokens in a dictionary, depending on how training is address this scaling issue by proposing an acceleration tech- handled [23]. Unfortunately, the performance of these dic- nique that speeds up Bayesian filters based on approximate tionary lookups is limited by the memory access rate, there- classification. The approximation uses two methods: hash- fore relatively insensitive to increases in CPU speed. As a based lookup and lossy encoding. Lookup approximation is result of this lookup overhead, classification can be relatively based on the popular Bloom filter data structure with an ex- slow.
    [Show full text]
  • Expertise Summary Experiences
    Last update: February 25th 2005 Jacques Foucry 81 rue Marcadet 75018 Paris France space Phone (home) : +331 4606 0221 Status : Single Phone (mobile) : +336 6240 7246 Nationality : French Téléphone travail : Age : 37 years Email : [email protected] Birth date 09/17/1966 Melun (77 - France) Web site : www.foucry.net Driving license A & B. No car space Expertise Summary space System Engineer Unix/ MacOS (Solaris and MacOS X specialist - 12 years of experience -Sunskill AS3) space Author of "Cahier de l'admin MacOS X Server" (Éditions Eyrolles) Co-author "Cahier du Programmeur MacOS X" (Éditions Eyrolles) space OS Unix (MacOS X - MacOS X Server - Solaris/BSD/Linux/Aix...) Programming Shell (csh/ksh/sh...) - html - xml - javascript - C/C++ - Perl - php3/4 - SQL - Langages Objective-C - APIs Cocoa - APIs Carbon DBMS Oracle - MySQL Software & Tools Volume Manager - Solstice Disk Suite (SDS) - CVS - NetBackup - Patrol - Apache - Logiciels de bureautique Hardware Sun (E240 - E6500) / Apple (all range) / IBM (RS/6000) / Bull (Escalla/Estralla) / HP (HP-9000) / Compatible PC Languages French - English (read/spoken/written) space Experiences space Since September Freelance 2003 • EDS February 2005 • Creation of a DRP -Scripting Volumes Manager disks set up. -Scripting Netbackup for restoration. • Audit of backup batch. -Writing of a report and proposal to improve these batch. no • PSA for StorageTek November 2004 to December 2004 • Audit about backup issues -Writing of a report about those backup issues (how often, why, solutions) and proposal to have less issues. no • Business Objects for StorageTek June 2004 to October 2004 • Backup solution deployment. -Installation of NetBackup client and server on Solaris and Windows Server 2003 platforms.
    [Show full text]
  • What Is Pkgng? Bsdcan 2012
    New package manager for FreeBSD Baptiste Daroussin [email protected] BSDCan Ottawa May, 12 2012 BSDCan 2012: introduction to pkgng Why pkgng? usr.sbin/pkg_install/add/perform.c: /* * This is seriously ugly code following. Written very fast! * [And subsequently made even worse.. Sigh! This code was just born * to be hacked, I guess.. :) -jkh] */ No safe upgrade support Missing metadata No repository support No fine dependency tracking No modern binary package management Many others BSDCan 2012: introduction to pkgng What is pkgng? * New package format * New local package database * Simple and easy to use library libpkg(3) * Simple and easy to use pkg(1) * Binary repository(ies) support * Binary upgrade support * Current ports tree support * Ready to help improving the ports tree * Help modernising the package management on FreeBSD BSDCan 2012: introduction to pkgng New package format * Can be tar, tgz, tbz or txz (default to txz) * One single metadata file: +MANIFEST * New format for metadata: YAML * Able to package empty directories * New splitted pre/post (install/deinstall) scripts * New upgrade scripts * Abi aware (freebsd:10:arm:32:el:oabi:softfp) BSDCan 2012: introduction to pkgng local package database * SQLite * Easy and fast reverse dependencies calculation * Easy to backup * Safe (heavy usage of sql transaction) * Contain all metadata * Extensible * Upgrade possible BSDCan 2012: introduction to pkgng libpkg(3) * Full featured * High level * C * Safe * Simple * The API is not yet consider as stable BSDCan 2012: introduction to pkgng
    [Show full text]
  • Workload Characterization of Spam Email Filtering Systems
    International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, January 2010 WORKLOAD CHARACTERIZATION OF SPAM EMAIL FILTERING SYSTEMS Yan Luo 1Department of Electrical and Computer Engineering, University of Massachusetts Lowell, Massachusetts, USA [email protected] ABSTRACT Email systems have suffered from degraded quality of service due to rampant spam, phishing and fraudulent emails. This is partly because the classification speed of email filtering systems falls far behind the requirements of email service providers. We are motivated to address this issue from the perspective of computer architecture support. In this paper, as the first step towards novel architecture designs, we present extensive performance data collected from measurement and profiling experiments using representative email filtering systems including CRM114, DSPAM, SpamAssassin and TREC Bogofilter. We provide detailed analysis of the time consuming functions in the systems under study. We also show how the processor architecture parameters affect the performance of these email filters through simulation experiments. KEYWORDS Workload Characterization, Email Filtering, Anti-Spam 1. INTRODUCTION Email and instant messaging systems have suffered from degraded quality of service due to spam, phishing and fraudulent emails and messages. A surprising fact is that 9 out of 10 emails are spam [25]. Gartner estimated that 3.5 million Americans would give up sensitive information to phishers and the total financial losses amounted to $2.8 billion in 2006 [22]. Widely spreading spam and phishing emails have drawn attention from both the academia and industry. There is a plethora of research on spam detection, filtering and elimination [1], [2], [13], [12], [18], [33], [21], [10].
    [Show full text]
  • Secure Content Distribution Using Untrusted Servers Kevin Fu
    Secure content distribution using untrusted servers Kevin Fu MIT Computer Science and Artificial Intelligence Lab in collaboration with M. Frans Kaashoek (MIT), Mahesh Kallahalla (DoCoMo Labs), Seny Kamara (JHU), Yoshi Kohno (UCSD), David Mazières (NYU), Raj Rajagopalan (HP Labs), Ron Rivest (MIT), Ram Swaminathan (HP Labs) For Peter Szolovits slide #1 January-April 2005 How do we distribute content? For Peter Szolovits slide #2 January-April 2005 We pay services For Peter Szolovits slide #3 January-April 2005 We coerce friends For Peter Szolovits slide #4 January-April 2005 We coerce friends For Peter Szolovits slide #4 January-April 2005 We enlist volunteers For Peter Szolovits slide #5 January-April 2005 Fast content distribution, so what’s left? • Clients want ◦ Authenticated content ◦ Example: software updates, virus scanners • Publishers want ◦ Access control ◦ Example: online newspapers But what if • Servers are untrusted • Malicious parties control the network For Peter Szolovits slide #6 January-April 2005 Taxonomy of content Content Many-writer Single-writer General purpose file systems Many-reader Single-reader Content distribution Personal storage Public Private For Peter Szolovits slide #7 January-April 2005 Framework • Publishers write➜ content, manage keys • Clients read/verify➜ content, trust publisher • Untrusted servers replicate➜ content • File system protects➜ data and metadata For Peter Szolovits slide #8 January-April 2005 Contributions • Authenticated content distribution SFSRO➜ ◦ Self-certifying File System Read-Only
    [Show full text]
  • June 2003 ;Login: 3 Microsoft: What’S Next?
    motd istrators, or some other sort of administrator who looks upon by Rob Kolstad “system administrators” as “someone else.”Sometimes, they view Rob Kolstad is cur- sysadmins as a sort of inferior species, which is also surprising to rently Executive Director of SAGE, the me. Apparently, specialization has some sort of value that I don’t System Administra- understand very well (and, since I don’t work in a large com- tors Guild. Rob has edited ;login: for pany, I’m going to have to work extra hard to learn more about over ten years. this particular phenomenon). At any rate, none of SAGE’s messages gets through to these other [email protected] administrators since they’re not tuned to “system administra- tion” information. One email conversation I had was very illu- minating in that my correspondent simply could not hear SAGE: Approaching the “generic administrator” when filling out a form. If a question did not specifically address “network administrator,”then he/she Crossroads simply could not answer it. This puzzled me greatly. I’ve now been in the SAGE directorship position for a year. Here I subsequently urged many in our community to create an are a few words on some of the interesting challenges I’ve umbrella term that could be used to refer to the collective of all encountered. sorts of system administrators. Many great suggestions have A summary of the job is in order, of course. SAGE’s goal is “To emerged, but none of them seems perfect, yet. Often, the prob- advance the profession of system administration.”To that end, lem I’m talking about is misunderstood or denied.
    [Show full text]
  • The Art of Unix Programming by Eric Steven Raymond the Art of Unix Programming by Eric Steven Raymond Copyright © 2003 Eric S
    The Art of Unix Programming by Eric Steven Raymond The Art of Unix Programming by Eric Steven Raymond Copyright © 2003 Eric S. Raymond This book and its on-line version are distributed under the terms of the Creative Commons Attribution-NoDerivs 1.0 license, with the additional proviso that the right to publish it on paper for sale or other for-profit use is reserved to Pearson Education, Inc. A reference copy of this license may be found at http://creativecommons.org/licenses/by-nd/1.0/legalcode. AIX, AS/400, DB/2, OS/2, System/360, MVS, VM/CMS, and IBM PC are trademarks of IBM. Alpha, DEC, VAX, HP-UX, PDP, TOPS-10, TOPS-20, VMS, and VT-100 are trademarks of Compaq. Amiga and AmigaOS are trademarks of Amiga, Inc. Apple, Macintosh, MacOS, Newton, OpenDoc, and OpenStep are trademarks of Apple Computers, Inc. ClearCase is a trademark of Rational Software, Inc. Ethernet is a trademark of 3COM, Inc. Excel, MS-DOS, Microsoft Windows and PowerPoint are trademarks of Microsoft, Inc. Java. J2EE, JavaScript, NeWS, and Solaris are trademarks of Sun Microsystems. SPARC is a trademark of SPARC international. Informix is a trademark of Informix software. Itanium is a trademark of Intel. Linux is a trademark of Linus Torvalds. Netscape is a trademark of AOL. PDF and PostScript are trademarks of Adobe, Inc. UNIX is a trademark of The Open Group. The photograph of Ken and Dennis in Chapter 2 appears courtesy of Bell Labs/Lucent Technologies. The epigraph on the Portability chapter is from the Bell System Technical Journal, v57 #6 part 2 (July-Aug.
    [Show full text]
  • Machine Learning for E-Mail Spam Filtering: Review, Techniques and Trends
    Noname manuscript No. (will be inserted by the editor) Machine Learning for E-mail Spam Filtering: Review, Techniques and Trends Alexy Bhowmick Shyamanta M. Hazarika · Received: date / Accepted: date Abstract We present a comprehensive review of the increasing dependence on e-mail has induced the emer- most effective content-based e-mail spam filtering tech- gence of many problems caused by ‘illegitimate’ e-mails, niques. We focus primarily on Machine Learning-based i.e. spam. According to the Text Retrieval Conference spam filters and their variants, and report on a broad (TREC) the term ‘spam’ is - an unsolicited, unwanted review ranging from surveying the relevant ideas, ef- e-mail that was sent indiscriminately [Cormack, 2008]. forts, effectiveness, and the current progress. The ini- Spam e-mails are unsolicited, un-ratified and usually tial exposition of the background examines the basics mass mailed. Spam being a carrier of malware causes of e-mail spam filtering, the evolving nature of spam, the proliferation of unsolicited advertisements, fraud spammers playing cat-and-mouse with e-mail service schemes, phishing messages, explicit content, promo- providers (ESPs), and the Machine Learning front in tions of cause, etc. On an organizational front, spam fighting spam. We conclude by measuring the impact of effects include: i) annoyance to individual users, ii) Machine Learning-based filters and explore the promis- less reliable e-mails, iii) loss of work productivity, iv) ing offshoots of latest developments. misuse of network bandwidth, v) wastage of file server storage space and computational power, vi) spread of Keywords E-mail False positive Image spam · · · viruses, worms, and Trojan horses, and vii) financial Machine learning Spam Spam filtering.
    [Show full text]
  • C:\Userdata\Open-Source-Reference
    C:\UserData\open-source-reference-for-sepcos.txt jeudi 13 octobre 2016 15:19 +++-============================================-=================================-==================================================== ============================================ ||/ Linux ||/ Name Version Description +++-============================================-=================================-==================================================== ============================================ ii adduser 3.112+nmu2 add and remove users and groups ii alacarte 0.13.2-1 easy GNOME menu editing tool ii alsa-base 1.0.23+dfsg-2 ALSA driver configuration files ii alsa-utils 1.0.23-3 Utilities for configuring and using ALSA ii anacron 2.3-14 cron-like program that doesn't go by time ii apache2-mpm-prefork 2.2.16-6+squeeze7 Apache HTTP Server - traditional non-threaded model ii apache2-utils 2.2.16-6+squeeze7 utility programs for webservers ii apache2.2-bin 2.2.16-6+squeeze7 Apache HTTP Server common binary files ii apache2.2-common 2.2.16-6+squeeze7 Apache HTTP Server common files ii app-install-data 2010.11.17 Application Installer Data Files ii apt 0.8.10.3+squeeze1 Advanced front-end for dpkg ii apt-listchanges 2.85.7+squeeze1 package change history notification tool ii apt-utils 0.8.10.3+squeeze1 APT utility programs ii apt-xapian-index 0.41 maintenance and search tools for a Xapian index of Debian packages ii aptdaemon 0.31+bzr413-1.1 transaction based package management service ii aptitude 0.6.3-3.2+squeeze1 terminal-based package manager (terminal interface
    [Show full text]
  • February 2005 VOLUME 30 NUMBER 1
    February 2005 VOLUME 30 NUMBER 1 THE USENIX MAGAZINE OPINION MOTD ROB KOLSTAD Who Needs an Enemy When You Can Divide and Conquer Yourself? MARCUS J. RANUM SAGE-News Article on SCO Defacement ROB KOLSTAD TECHNOLOGY Voice over IP with Asterisk HEISON CHAK SECURITY Why Teenagers Hack: A Personal Memoir STEVEN ALEXANDER Musings RIK FARROW Firewalls and Fairy Tales TI NA DARMOHRAY The Importance of Securing Workstations STEVEN ALEXANDER Tempting Fate ABE SINGER S Y S ADMIN ISPadmin ROBERT HASKINS Getting What You Want:The Fine Art of Proposal Writing THOMAS SLUYTER The Profession of System Administration MARK BURGESS PROGRAMMING Practical Perl: Error Handling Patterns in Perl ADAM TUROFF Creating Stand-Alone Executables with Tcl/Tk CLIF FLYNT Working with C# Serialization GLEN MCCLUSKEY CONFERENCES 18th Large Installation System Administration Conference BOOK REVIEWS The Bookworm (LISA ’04) PETER H. SALUS EuroBSDCon 2004 Book Reviews RIK FARROW AND CHUCK HARDIN USENIX NOTES 20 Years Ago . and More PETER H. SALUS Summary of USENIX Board of Directors Actions The Advanced Computing Systems Association Upcoming Events 2005 USENIX ANNUAL TECHNICAL STEPS TO REDUCING UNWANTED TRAFFIC ON CONFERENCE THE INTERNET WORKSHOP (SRUTI ’05) APRIL 10–15, 2005, ANAHEIM, CA, USA JULY 7–8, 2005, CAMBRIDGE, MA, USA http://www.usenix.org/usenix05 http://www.usenix.org/sruti05 Paper submissions due: March 30, 2005 2ND SYMPOSIUM ON NETWORKED SYSTEMS LINUX KERNEL SUMMIT '05 DESIGN AND IMPLEMENTATION (NSDI ’05) JULY 17–19, 2005, OTTAWA, ONTARIO, CANADA Sponsored by
    [Show full text]
  • The B in LAMP Fourth Annual Southern California Linux Expo
    The B in LAMP Fourth Annual Southern California Linux Expo David Schachter Performance Engineer Sleepycat Software Sleepycat Software – Makers of Berkeley DB Agenda 1. Introductions: Who, What, Why? 2. BDB and Linux 3. BDB and Apache 4. BDB and/or MySQL 5. BDB and {Perl, PHP, Python} 6. How to Get the Latest, Greatest Stuff 7. Berkeley DB in Action Sleepycat Software – Makers of Berkeley DB Page 2 Who, What, Why? The Company and Its Customers Sleepycat Software – Makers of Berkeley DB Did you know that Berkeley DB..? is everywhere: runs on 200 million machines across the world scales up, scales down: powers everything from mobile phones to stock exchanges is proven: runs inside every copy of Linux (and MacOS X and Solaris) powers the Internet: extensively used by Google, Yahoo, AOL, Ask Jeeves, Amazon, eBay and many others is highly available: handles 70% of the global daily email traffic Sleepycat Software – Makers of Berkeley DB Page 4 About Sleepycat Founded in 1996 by original architects of BSD Unix Executives include industry luminaries – Dr. Margo Seltzer (Harvard Professor, 4.4 BSD file system author) – Keith Bostic (2.10 BSD architect, 4.4 BSD developer) – Michael Ubell (Ingres, DEC, Britton-Lee [founder], Illustra, Informix) – Michael Olson (Britton-Lee, Illustra, Informix) “Open sourcePrivate isn't company,some magic pixieprofitable dust that with just nomakes long pr oductsterm debt great. It's not a business 40model employees by itself. It iswith a tool 5 thatin Europe, companies 3 can in Australia/New use to leverage
    [Show full text]