Relevant Technologies product review paper on InsideOut Firewall Reporter by Stonylake Solutions. This product is a Java-based server application that runs on both Windows and Linux and has a demo version available.
4931f309c78c79b5d634d31e379a0bfcb5ecd85736eb5c0787b5279f4e9b4f04Enceladus Server Suite v3.9.11 contains buffer overflows in its ftp server that allow a remote attacker to crash the server with the possibility of remote command execution.
56660bf541dcb85e78cbce689ad870ff26fee9f883be3a7b0de8e42b51f1c7feAmap is a scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
94fab83628b9447bc141df6b16c39f31750777f88ee84a8d1eb31ceb8b387221LedNews v0.7 lacks any filtering allowing a remote attacker to embed javascript or various HTML tags. It may also be possible to add server side include tags into news posts as well.
bb8bdc61aef9712a1297bda410fd6d68cf2a865fc673e5a6a79779178914d42ePmachine version 2.2.1 has a fault Include() routine that allows a remote attacker to supply a malicious URL that in turn can be a script that the webserver will then execute.
3a954f23f36da44d1a53b9c709a5c45c9eee6bf4b1b93f9c0048194f7b4eb754iDEFENSE Security Advisory 06.16.03: The pam_wheel module of Linux-PAM uses getlogin() in an insecure manner, thereby allowing attackers to bypass certain restrictions. The pam_wheel module is often used with the su command to allow users belonging to a trusted group to utilize the command without supplying a password. The module utilizes the getlogin() function to determine the name of the currently logged in user. This name is then compared against a list of members of a trusted group as specified in the configuration file. If the trust option is enabled in the pam_wheel configuration file and the use_uid option is disabled, any local user may spoof the username returned by getlogin() and gain access to a super-user account without supplying a password.
c65f3b99c2e44aca0273c3c270501fa89200aeeec261693c53ac01a45de16c3eIDScenter is a control and management front-end for the Windows platform. Main features: Snort 2.0/1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.
f9b7423c7841bf496874eb4b6958f826ddcecd9c8631065cef6dfd7aa797770eShellcode that print What is The M4Tr1X ?! and then exits.
24613700722f04736909af821d62b7e6bc1c78910a71e75776a1e46bce154fb9The product Mailtraq suffers from multiple vulnerabilities that range from access to files that reside outside the bounding HTML root directory through decryption of locally stored password, to a cross site scripting vulnerability in the web mail interface.
0fccaf9934ee9baa9e271e3755695428f4343300ad90ccad092c5010d7861a0e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed