Weevely is a stealth PHP web shell that simulates a telnet-like connection. It is an essential tool for web application testing post exploitation, and can be used as a stealth backdoor web shell to manage legit web accounts, even free hosted ones. Is currently included in Backtrack and Backbox and other Linux distributions for penetration testing.
9ca1b6b62a4fcc57851e48e31b456e9ea711e0ef46b10cf39d3277547b450333Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
9e3d29cc126a1609f93c89cc4b178fb01f091d989e2b8cec117b79eadf7b611cDrupal version 6.26 with Book Block version 6.x-1.0-beta1 suffers from a cross site scripting vulnerability.
f9634f63ca64e4955a6dcb078fc3edf1f92c7055f4d7d300f83c4c36269e47a6This module provides security enhancements against (HTTP) Flood and Brute Force Attacks for native PHP or .NET scripts at the web application level. Scanning, crawling, and floor tools can be detected and blocked by this module via htaccess or iptables, etc.
12678f9ec1be90549e9ec56df43ef737708150240ad1ffb39db4ea94844cf7d1This bulletin summary lists 9 released Microsoft security bulletins for July, 2012.
90418879d0ab238c7a2eaf6a976ffbf6331efc6d9df5d266240df7df8636c141HP Security Bulletin HPSBMU02796 SSRT100594 - Potential security vulnerabilities have been identified with HP Operations Agent for AIX, HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in the execution of arbitrary code. Revision 1 of this advisory.
f09a5f81faf7af5e254b05b3be1fd73b6b15db2f21af5f02b640f67fecda1cd2Technical Cyber Security Alert 2012-192A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.
d79a26f7a01e84d85d8e6b2b329b1ee96d50bd0c7702c374af21e2c61c93f041The *toStaticHTML* component, which is found in Internet Explorer versions greater than 8, SharePoint and Lync is used to sanitize HTML fragments from dynamic and potentially malicious content. An attacker is able to create a specially formed CSS that will overcome * toStaticHTML*'s security logic; therefore, after passing the specially crafted CSS string through the *toStaticHTML* function, it will contain an expression that triggers a JavaScript call.
250fdc51b42fbad45e46c18cf75919ff7aaf7e27a4da2764383c71b6233a3cdbAn Instagram lack of control on authorization logic allows a user to add himself as a friend of any user on the Instagram social network.
a536d4f7b0bf113f33674e2217db3a96072490c932f09b8e3096070d991995ffSecunia Security Advisory - SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.
67806af2019ce9afef848ad43be6730e835db69f6ae16a72b9e20554668643c0Secunia Security Advisory - Charlie Eriksen has discovered a security issue, which can be exploited by malicious people to bypass certain security restrictions.
5ae570cac554cae6d2fcc3a8592b5234422d6854de9a7dde3f6aa9a906481c74Secunia Security Advisory - A vulnerability has been reported in Cyberoam UTM, which can be exploited by malicious people to conduct spoofing attacks.
1268e76d4d4fdfaad0974ab2b720eedfd1939abe52e88c734f60bd1ffdfb0d31Secunia Security Advisory - Gentoo has issued an update for pidgin-otr. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
452ca257dce37ca6415a8414945752cb71fbcd1796a03f76ae0910c5676dfa70Secunia Security Advisory - Gentoo has issued an update for keepalived. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
f82d1d8875d14dce6e5de1306f762bdf90d78d3176bacba8bc06a2d441a072faSecunia Security Advisory - Ubuntu has issued an update for pidgin. This fixes multiple weaknesses, security issues, and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service) and compromise a user's system.
8f20dd492884ea18b59ac442c8527c5e7506814b0f5617221ed7d53ec305b003Secunia Security Advisory - Gentoo has issued an update for jruby. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
0fdc466f978aaf1eea0ffdffecc1150f51a48f96ce12cb6897e14eff707f2060Secunia Security Advisory - Gentoo has issued an update for mod_fcgid. This fixes a security issue, which can be exploited by malicious, local users to potentially gain escalated privileges.
de503953df0e15b6f0759d29c2bef0d5359e37bd5de6172e98b32343969a6d2fSecunia Security Advisory - Gentoo has issued an update for gnash. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to disclose sensitive information and by malicious people to compromise a user's system.
355c8fea298b1db7f85dd5e2abc8fcf34ea00490065591d995c79033da96ce9aSecunia Security Advisory - Gentoo has issued an update for chasen. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
b94cb8c5b9da70bfaace6be81b4f7ea176f275d6a8d07bd6394cce2285ef31c0Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges and by malicious people to cause a DoS (Denial of Service).
c3bd672bab9218c466b2db8bc5c1450fd11b5613ee9c6fdf101f4d60a2c6c8e5Secunia Security Advisory - Gentoo has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.
9a1a4820153deb41c7e818a187ea3a7440f6a8f4f19f8aa6c8d766fcd75a92c4Secunia Security Advisory - Gentoo has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
3fce85b6d9bebc0b7368804df76b5865b47f809e607fa360e1686d5d94d4a152Secunia Security Advisory - Two vulnerabilities have been reported in Wangkongbao CNS-1000 and CNS-1100, which can be exploited by malicious people to disclose sensitive information.
75cc4ea03a026e10c3d1efcd9a60707ba04b367c1e921810aa4ef95056f88614Secunia Security Advisory - Two vulnerabilities have been reported in HP Operations Agent, which can be exploited by malicious people to compromise a vulnerable system.
9cbfa07d0c126c3a02e50f5b81b0d0352d693a33d036963ce7f9e4e5688d78f3Secunia Security Advisory - A vulnerability has been reported in The Guardian News Feed plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.
a3a0907404c377dc43d2a8565b1cd9056874c29c0db06ced3f9fff51bb8518c2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed