The Apple OSX 10.4 Dashboard widgets allow system commands to be executed, which is normally not considered a vulnerability in itself as they run with the user's permissions. If the user has recently authenticated to perform a super-user function, however, Dashboard widgets can hijack these credentials by calling the system's built-in sudo command and execute arbitrary functions with full administrative privileges.
a50c6951f75d23dfbeceb299ee744c63c29ccd29bc3eed02301998c3ff432d0dA sanity check failed to exist in ebillpay's unbilled-usage modules to to correlate phone numbers with accounts. This could have been used by a malicious user to mine data through Verizon Wireless' website about other Verizon Wireless customers.
f353ab176a9e04fc59c8897a00b39596a2da68f7d47cbb92dfe69650f1cefb42The Apache DoS Evasive Maneuvers Module is a module for both Apache 1.3 and 2.0 that provides functionality for detecting and fighting off DoS attacks and brute force attacks. It does this by adding addresses to a 10-second '403 List' and rejecting rapidly repeated requests for the same URL from the same addresses, using an internal hash table, on a per-child basis. This module can be configured to talk to ipchains, ipfilter, or any other tool designed to push the attack out to the network layer, and provides email notification in the event of an attack.
8706ff58be35378fce2b7a916cc2bce6249a00c79eaa09e3ebbdb163d4e87bb9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed