Wasabi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.
83b46cd69f9179ecf6a4e47a75e804d5c3b2fd12912f8bda4c2b48d0ed94ca38Remote denial of service proof of concept exploit that makes use of a flaw in the Race Driver server versions 1.20 and below.
63abcd06683f2a78ef7af3df85c244b01a803c88e300012bb4e03143f5df3ed1Remote denial of service attacks are possible against the server and connected clients of Race Driver versions 1.20 and below when a server receives a message packet with a length identifier of 0.
d6c6c91f1ccc1e4dd638f154d4b57072248074696439af33a855eaa16a306ebeImperva's Application Defense Center has announced that several vulnerabilities exist in BusinessObject's Crystal Reports' Web Interface. These vulnerabilities allow a potential hacker to retrieve and delete any file from the file system of the server on which it runs, as well as causing a complete denial of service to the server. Affected versions: Crystal Reports version 9 and 10, Crystal Enterprise version 9 and 10. Exploitation details included.
08653c6229ab236fa5b5c28b167c87d32b7d71b68342d06f9afedf0d1dc76728USR Robotics Broadband Router 8003 has a flawed password checking functionality where the password is first verified by a javascript function that has the real administrator password embedded and easily viewable in the source code, allowing any malicious remote attacker to take full control of the device. Tested against firmware v1.04 08. USR Robotics has claimed the problem is not that serious and has not taken any steps to remedy the situation.
9355223364a226a9678e3b296d0cdc281938db1b9412641fba0392b38c8c4485Blosxom, a weblog tool, is susceptible to cross site scripting attacks.
22a63a1e76decc66eff4c6b6b730f941095ddffd7f05c2715d58c3200f4f7d20APPLE-SA-2004-06-07 Security Update 2004-06-07 - This update delivers a number of security enhancements and is recommended for all Macintosh users. Components affected are LaunchServices, DiskImageMounter, Safari, and Terminal.
59fd02c4f507b9775c09dffe05378c28284267ea48414acb84bfea214fff884ePHP-Nuke versions 6.x, 7.2, and 7.3 all suffer from path disclosure and cross site scripting vulnerabilities.
e5528eabe39a9466ee8453c39b40a4c3c84df99e60e44cf60448c31ed35d0e1cRemote exploit for Borland Interbase 7.1 SP2 and below that spawns a shell under the uid running the database. Targets included for Linux Interbase 7.1 SP 2 and Linux Interbase 6.01 InterBaseSS_LI-V6.0-1.i386.rpm.
5d817a11e46cbba76ba13cffc204517f20ed0ba8ab02ea224660d23758ad1bc5Microsoft Security Bulletin - A denial of service vulnerability exists in the implementation of the IDirectPlay4 application programming interface (API) of Microsoft DirectPlay because of a lack of robust packet validation.
a5602c8b9f8a63446e97ae6c7a938c9027fd0cfbb4b9eb53d8bc7dba6f147734FreeBSD Security Advisory FreeBSD-SA-04:12.jailroute - A programming error has allowed local users the ability to manipulate host routing tables if superuser privileges are achieved within jailed process.
0301e56f26cfa86a5da89c7242dbf8a821e5a883188131318fadee115fbac7b9Cyrillium Security Advisory CYSA-0329 - FoolProof Security 3.9.x for Windows 98/98SE/Me has a vulnerability in the password recovery functionality that allows an attacker to recover the Administrator password using the Control password and password recovery key. Exploit included.
4ade30b5e97e6f4843b28db0bf163827d80893b19b977412fad14285f512eeceDebian Security Advisory DSA 516-1 - A buffer overflow has been discovered in the ODBC driver of PostgreSQL, an object-relational SQL database, descended from POSTGRES. It possible to exploit this problem and crash the surrounding application. Hence, a PHP script using php4-odbc can be utilized to crash the surrounding Apache webserver. Other parts of PostgreSQL are not affected.
cc5abd6240ee4e3c8f66f1a586e37ac7625d1745b5c52a33557921ac19865174Debian Security Advisory DSA 513-1 - Jaguar discovered a format string vulnerability in log2mail, whereby a user able to log a specially crafted message to a logfile monitored by log2mail (for example, via syslog) could cause arbitrary code to be executed with the privileges of the log2mail process. Versions below 0.2.5.2 are affected.
c85dc5d8cb9ffa868064522f567e6bdf09245a30952b161c8ed87e9348f0d01a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed