Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
dcb72316c65fe3b76149b7265445fa5bb0c018e3341bd6d2c817af48458b45f5RASPcalendar version 1.01 suffers from a remote SQL injection vulnerability that allows for login bypass.
502e9d8d8fcb58ac9cadfc80c36b6710cfc53def0589843d4984ac9d45848c39This Metasploit module exploits a SQL injection flaw in Symantec Altiris Deployment Solution 6.8 to 6.9.164. The vulnerability exists on axengine.exe which fails to adequately sanitize numeric input fields in "UpdateComputer" notification Requests. In order to spawn a shell, several SQL injections are required in close succession, first to enable xp_cmdshell, then retrieve the payload via TFTP and finally execute it. The module also has the capability to disable or enable local application authentication. In order to work the target system must have a tftp client available.
0e3a942ab280498a695c23461a8d0a229e06c84edd64ed4f0b821529fe187516
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed