Twenty Year Anniversary
Showing 1 - 4 of 4 RSS Feed


Posted Nov 15, 2001

Xato Security Advisory XATO-112001-01 - Windows 2000 and XP terminal services are vulnerable to IP address spoofing. Affects all Service Pack levels.

tags | spoof
systems | windows, 2k
MD5 | b0e2053ca0e3affa73acb7be5de046af
Posted Dec 15, 2000
Authored by Sozni | Site

Xato Security Advisory XATO-122000-01 - The majority of the command-line SMTP mailers available for Win32-based systems are vulnerable when used to send mail from a web server. The vulnerabilities found allow remote web users to read and/or write to the servers file system, retrieve files from the server's file system as mail attachments, bounce and/or spoof e-mail messages, spam, flood, mail bomb, or otherwise use a server's resources without authorization, bounce off a server to perform port scans, bounce off a server to perform brute-force attacks to POP and/or SMTP accounts, reroute all the mail through an untrusted mail server by changing mailer options, and launch dos attacks against the server or other systems. Vulnerable mailers include BatMail v1.8d, Blat v1.85h, CGIMail v2.5, CLEMAIL v1.3, Comments v1.7, FormVar v1.61, GBMail v2.02, MailForm v1.96, MailMe! v1.6, MailPost v5.1, MailSend v7.15, MailSend v3.18, NetFormDD v2.9, Postie v6, SendFile v1.0, Stalkerlab's Mailers V1.2, WindMail v3.05, WebMailer Pro v1.2, WebMailer Lite v1.2, and wSendmail v1.5.

tags | remote, web, spoof, vulnerability
systems | windows
MD5 | 9e28095885e712c9b19be4b7252bfabc
Posted Nov 14, 2000
Authored by Sozni | Site

Xato Security Advisory XATO-112000-01 - The Cart32 shopping cart v3.5 and below for Windows contains multiple remote vulnerabilities. Common user misconfigurations and bad password encryption make the application more vulnerable, often allowing a full compromise of the server.

tags | remote, vulnerability
systems | windows
MD5 | c53878c21da417cbef5973c502a3fec7
Posted Aug 23, 2000

Xato Network Security Advisory - FrontPage Server Extensions are vulnerable to a remote denial of service attack that will disable all FrontPage authoring operations on a web site. When requesting a URL that includes a DOS device name, the server extensions will hang and will not service any further requests. To re-enable the server extensions requires restarting IIS or rebooting the server. There is also a secondary problem with certain DOS device names that reveal the server's physical path.

tags | remote, web, denial of service
MD5 | 13abfd3dd0accbf77598a395fb8f5c41
Page 1 of 1

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
US Exposes North Korea Government's Typeframe Malware
Posted Jun 18, 2018

tags | headline, government, malware, usa, cyberwar, korea
PageUp Confirms Some Data Compromised In Breach
Posted Jun 18, 2018

tags | headline, hacker, data loss
Huawei Rejects Australia Security Concerns
Posted Jun 18, 2018

tags | headline, government, australia, china, flaw, cyberwar, backdoor
Ex-Fitbit Employees Indicted For Allegedly Stealing Secrets
Posted Jun 15, 2018

tags | headline, data loss, fraud
This New Android Malware Delivers Banking Trojan, Keylogger And Ransomware
Posted Jun 15, 2018

tags | headline, malware, phone, google
Xen Project Patches Intel's Lazy FPU Flaw
Posted Jun 15, 2018

tags | headline, flaw, patch, intel
Quantum Cryptography Demo Shows No Need For New Infrastructure
Posted Jun 15, 2018

tags | headline, science, cryptography
Ether Doesn't Fall Under SEC Rules
Posted Jun 15, 2018

tags | headline, government, bank, usa, cryptography
Decades-Old PGP Bug Allowed Hackers To Spoof Just About Anyone's Signature
Posted Jun 15, 2018

tags | headline, flaw, cryptography
LuckyMouse Threat Group Attacks Government Websites
Posted Jun 14, 2018

tags | headline, hacker, government, malware, china
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By