what you don't know can hurt you
Showing 1 - 4 of 4 RSS Feed


Posted Nov 15, 2001
Site xato.net

Xato Security Advisory XATO-112001-01 - Windows 2000 and XP terminal services are vulnerable to IP address spoofing. Affects all Service Pack levels.

tags | spoof
systems | windows, 2k
MD5 | b0e2053ca0e3affa73acb7be5de046af
Posted Dec 15, 2000
Authored by Sozni | Site xato.net

Xato Security Advisory XATO-122000-01 - The majority of the command-line SMTP mailers available for Win32-based systems are vulnerable when used to send mail from a web server. The vulnerabilities found allow remote web users to read and/or write to the servers file system, retrieve files from the server's file system as mail attachments, bounce and/or spoof e-mail messages, spam, flood, mail bomb, or otherwise use a server's resources without authorization, bounce off a server to perform port scans, bounce off a server to perform brute-force attacks to POP and/or SMTP accounts, reroute all the mail through an untrusted mail server by changing mailer options, and launch dos attacks against the server or other systems. Vulnerable mailers include BatMail v1.8d, Blat v1.85h, CGIMail v2.5, CLEMAIL v1.3, Comments v1.7, FormVar v1.61, GBMail v2.02, MailForm v1.96, MailMe! v1.6, MailPost v5.1, MailSend v7.15, MailSend v3.18, NetFormDD v2.9, Postie v6, SendFile v1.0, Stalkerlab's Mailers V1.2, WindMail v3.05, WebMailer Pro v1.2, WebMailer Lite v1.2, and wSendmail v1.5.

tags | remote, web, spoof, vulnerability
systems | windows
MD5 | 9e28095885e712c9b19be4b7252bfabc
Posted Nov 14, 2000
Authored by Sozni | Site xato.net

Xato Security Advisory XATO-112000-01 - The Cart32 shopping cart v3.5 and below for Windows contains multiple remote vulnerabilities. Common user misconfigurations and bad password encryption make the application more vulnerable, often allowing a full compromise of the server.

tags | remote, vulnerability
systems | windows
MD5 | c53878c21da417cbef5973c502a3fec7
Posted Aug 23, 2000
Site xato.net

Xato Network Security Advisory - FrontPage Server Extensions are vulnerable to a remote denial of service attack that will disable all FrontPage authoring operations on a web site. When requesting a URL that includes a DOS device name, the server extensions will hang and will not service any further requests. To re-enable the server extensions requires restarting IIS or rebooting the server. There is also a secondary problem with certain DOS device names that reveal the server's physical path.

tags | remote, web, denial of service
MD5 | 13abfd3dd0accbf77598a395fb8f5c41
Page 1 of 1

Top Authors In Last 30 Days

Recent News

News RSS Feed
Millions Of High Security Crypto Keys Crippled By Newly Discovered Flaw
Posted Oct 16, 2017

tags | headline, flaw, cryptography
Pizza Hut Latest To Be Hit In Card Data Breach
Posted Oct 16, 2017

tags | headline, hacker, privacy, bank, cybercrime, data loss, fraud
Artificial Intelligence - Hype, Hope, And Fear
Posted Oct 16, 2017

tags | headline, botnet, cyberwar
KRACK Attacks: Breaking WPA2 By Forcing Nonce Reuse
Posted Oct 16, 2017

tags | headline, privacy, phone, wireless, flaw, cryptography
Even Pokemon Go Was Used By Russia To Meddle In The Election
Posted Oct 13, 2017

tags | headline, government, usa, russia, cyberwar
US Voices Frustration With Warrant-Proof Encryption
Posted Oct 13, 2017

tags | headline, government, privacy, usa, cryptography
An Unknown Hacker Stole Sensitive Data On Australia's War Planes
Posted Oct 13, 2017

tags | headline, hacker, government, australia, data loss, cyberwar
Legacy Office Feature Used In Novel Document Attacks
Posted Oct 13, 2017

tags | headline, hacker, malware, microsoft, flaw
Equifax Rival TransUnion Also Sends Site Visitors To Malicious Pages
Posted Oct 12, 2017

tags | headline, malware
The Myth Of Responsible Encryption: Experts Say It Can't Work
Posted Oct 12, 2017

tags | headline, government, backdoor, cryptography
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Security Services
Hosting By