NixFo NG is a script that scans Linux-based systems and does a complete inventory of anything installed, available, manipulated, or other wise.
db785dbd9a4085d4dcc6b07a2a3a10b5d79173c341fd2b8b4d2d7afe40497f75K-MAC is an ethernet MAC address changer for Microsoft Windows. Binary only is included.
0104f64eef2f6985be3e5b122680828a7fa5e39bceabe2877a175932d52b552eHafiye 1.0 has a terminal escape sequence injection vulnerability that can result in a denial of service and remote root compromise. Exploit included.
2993ef3947a5ac963374139c0072f900346d288754b6f9793b5cc5d393d67c15Bird Chat version 1.61 is susceptible to a denial of service attack.
3fd39ba61940268943a877e48620af76ea13d357c808d10f8725f4e5f0bf3a91MusicDaemon versions 0.0.3 and below suffer from a remote denial of service and flaw where /etc/shadow can be extracted. Exploit included.
86d30b650082a4e71e7432e3cf564661de0639f7bc511f7a95e81c5f202a2ff8AntiExploit is an exploit scanner to detect local intruders. It scans for over 3900 suspicious files, has daily database updates, and will act if a file is accessed. It uses the dazuko kernel module, which is also used by clamAV, Amavis, and other virus scanners.
ec4720d9c7d4ab4b9477b7189c0ab79357e41d8ca4cbabfad14b2487a48a9a86An unspecified vulnerability with an unknown impact has been reported in Novell Web Manager on Novell NetWare 6.5.
622530c4e4842b852d35adf6494b6a01eb2c009199653f013e352bc3558626ceKDE Security Advisory - Konqueror suffers from a Cross-Domain Cookie Injection vulnerability.
b677033eae041feccfc0d629be666a7a4a676bbb34a2b617d81f358a7e7b56b9Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available to help measure the effectiveness and minimum requirements necessary to succeed.
9a2a3ac2a7fab73e3531616d10a18f3463f39a502124e0e16d8a70bef8f02b21JShop has a flaw in page.php that allows for cross site scripting attacks.
09ce1578e5d1e6cf20228662db59cd5e311a262c1bd1c3a532a675641ae5b29fAxis versions 2100, 2110, 2120, 2420, and 2130 Network Camera along with the 2400 and 2401 Video Servers are susceptible to passwd file retrieval vulnerabilities, unauthenticated admin user additions, and hardcoded login/password flaws.
d1d78c221379418bea65762e89060fc19d494c26f885bd544cfcb10625efd868eGroupWare version 1.0.0.003 is susceptible to a cross site scripting flaw.
2857363dac9c43f2774402925a849c4b3610100a22158155e0488e996121c3ffA bit of a rant about how Microsoft and Virus scanners fail to properly pay attention to .txt file extensions and how they can be used by attackers to fall into the background.
229dfa0b0c78a9b80ce0ca073eee096c97a84c01ed37e967a28cc0d2f6cc95f2Heap overflow exploit for the qt BMP parsing bug foundd in versions 3.3.2.
5f0e53294c355773c2f38b6454412d756b958c6cb98ef187c12fb0b5bcfb115eimwheel version 1.0.0pre11 uses a predictably named PID file for management of multiple imwheel processes. A race condition exists when the -k command-line option is used to kill existing imwheel processes. This race condition may be used by a local user to Denial of Service another user using imwheel, lead to resource exhaustion of the host system, or append data to arbitrary files.
f6ab085f417793a02d07c3de39249974381b31d162ecd131d00e5b53e4085e33Sympa versions 4.1.x and below are susceptible to cross site scripting attacks.
dca5ea288d664feb25de06ceaa5845417be3a151f5960a1b08d989b0f6436781Mantis suffers from a remote PHP code execution vulnerability when the REGISTER_GLOBAL variable is set.
a70413a0d6384063116146614076f527699b5ef8da05f1e7d3c3af253afadf40MyDNS is susceptible to a SQL injection and directory traversal attack that allows for arbitrary file download. Version 1.4.2 fixes the SQL injection bug while the other bug is in all releases.
c36816d86fbea1b951d53fd79107db3a521ddd12c0f07d1c786aac6deabbedd6Mantis is susceptible to multiple cross site scripting vulnerabilities.
a6f58dd97966c39ee1d173207fb0d4d25219702ee1bad263cc675e5318ce6befNihuo Web Log Analyzer version 1.6 is susceptible to a cross site scripting attack.
c263e36a8fee317f2235aa8dd8ff0783574b8734019449d3d921a4e478f2dbaeThe sarad program used at the British National Corpus is susceptible to multiple buffer overflows. No authentication is required to perform the attack and they are network based.
3b5dbe5c14fa19bf31747e7ab1ad0dfe738810272c2dbce61216a3114a9177e7GulfTech Security Advisory - BadBlue Webserver version 2.5 is susceptible to a denial of service attack when multiple connections are made to it from a single host. Exploit provided.
9dbe4e55fe1e227f34cc5142b74962afa63e4be85ce1d38e91e344f0ef74106eSecunia Security Advisory - Lukasz Wojtow has reported a vulnerability in MySQL, potentially allowing malicious people to compromise a vulnerable system. The problem is that the mysql_real_connect() function does not properly verify the length of IP addresses returned by a reverse DNS lookup of a hostname. This could potentially be exploited to cause a buffer overflow and execute arbitrary code.
76cd75c8de4325b740e31c9fed621c75bd46469dea33b514242004d83f456ddaIt has been discovered that Zone Alarm stores its configuration files in a directory that is forcibly left accessible to EVERYONE under Windows.
5267c7003017156a72b6a7fc6baedb7920bb27746633c9b9bb21b8e935e526f2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed