DotNetNuke versions 1.0.6 to 1.0.10d are susceptible to file disclosure and cross site scripting attacks.
53e05d2df3888af46549f045b457473e3f5a8930124b0e49bf694ced25fafb8eIf configured with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth, Apache-SSL 1.3.28+1.52 and all earlier versions would permit a client to use real basic authentication to forge a client certificate.
451c67a07615fb41c04236b83880095a572fd4760c9b81fc36692baed757e5a0S-Quadra Advisory #2004-02-06 - A backdoor exists in CactuSoft CactuShop 5.0 Lite shopping cart software that allows a remote attacker to delete any file on the target system.
264371449a786722a768f921a478dfb456e426a3e7b10e8ae5eea3fc8f03d804A cross site scripting flaw exists in formmail.php.
d49f56633d701471196ff37392bfceff436e67bd19935a0a27674c25c4999346Jail Chroot Project is an attempt of write a tool that builds a chrooted environment. The main goal of Jail is to be as simple as possible, and highly portable. The most difficult step when building a chrooted environment is to set up the right libraries and files. Here, Jail comes to the rescue with a tool to automatically configures & builds all the required files, directories and libraries.
af4880f077acc054eac6ca5fdd7c692df6a5e0ac40abc1500fa7d79b3725de77SystemSearcher is a Linux security scanner written in Perl. It scans single hosts or subnets for anonymous FTP servers, TFTP servers, SMTP servers which allow relaying, SSH servers, Telnet servers, NFS servers with exported directories, mail servers, Web servers (HTTP/HTTPS), well- known trojan ports, and exploitable CGIs. You can also scan a list of specific servers and specific ports. It uses non-blocking socket communication with a 3-second socket timeout. It can also scan for proxy servers which are open to the world (on port 80,8080,1080, or 3128), and SMB servers or Windows boxes sharing directories.
3efb5356e2a6ec640c386daf6e7148265d6f8f4c6ee0701fbfe80ec389372b93CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.
8cf44524aeec333268aa73ad3f6091da455b0506221fd4436901b5aaf1f5763fZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.
09d5fe2099d28a171a3e7de3e19068cca51c7a9d52206219758a46edff59d478Local exploit that breaks out of a vserver, even if it is secured with chmod 000 /vservers. Modified version of the chroot-again exploit. Tested with linux 2.4.24 and vserver 1.24. Fixed in release 1.25.
ecb32af70153e79f3accdcb8ad729fc7c190f6447576c9716239b96b27b6bad2CERT Advisory TA04-036A - Several versions of Check Point Firewall-1 contain a vulnerability that allows remote attackers to execute arbitrary code with administrative privileges. This allows the attacker to take control of the firewall, and in some cases, to also control the server it runs on.
185ba52ee2244db8227bfa7c35e8337b0f6af6a360d2b7dd4c77a80b22414736
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed