Secunia Security Advisory - Donnie Werner has reported a vulnerability in E-Data, which can be exploited by malicious people to conduct cross-site scripting attacks.
97e3bac1d56bac5d4427900a7fd74464dc471bef67d261ab7d47889acca2edb7Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in Sacred, which can be exploited by malicious people to compromise a vulnerable system.
fcc85ddccaa3037be324238d4ec5030f90993855d85dff57990d37cbad458b27Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in The Settlers: Heritage of Kings, which can be exploited by malicious people to compromise a vulnerable system.
59735ed172f228e6eef49b6eac899527784bc2f72b8d71668ba0d3385dd018d0MIT krb5's supplied telnet client is vulnerable to buffer overflows in the functions slc_add_reply() and env_opt_add(). These can be exploited by a malicious server to which the client is trying to connect.
e4c1476ad7afba11079985f9690f65b19a9f0750826a16ff4f4d3bf05f3d8da9Secunia Security Advisory - A vulnerability has been reported in Smarty, which can be exploited by malicious people to bypass certain security restrictions.
f5001cf5cd35592cacc83ae523ab9aa51805228767b10545dbb32eb310544cf7Secunia Security Advisory - Gael Delalleau has reported two vulnerabilities in Kerberos V5, which can be exploited by malicious people to compromise a vulnerable system.
8d77c0524576df8beefe2fa2340b441c05a2f186b4492e6fd771811835f33ac6Whitepaper discussing the use and setup of SFTP in the business place.
052c8fbeded90b605ab6795770b8ba0e89ec1e1dae6c1741e49090e771529bb1Iron Bars SHell is a restricted Unix shell. The user can not step out of, nor access, files outside the home directory. Two ASCII configuration files are used for more control. The system administrator can define which commands may be executed by the user. No other executables are allowed. The admin also has the opportunity to define what kind of files the user may create. If a file has a certain extension (such as .mp3, .c, etc.), ibsh automatically erases it.
9a2cef47abd5caa27076db8a28060b9ab94e7678e57aad299fdce735b7b099aeThe Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.
565021bb9e0539ec81c98acd63a4c0549afb0521bf1f38458fe8c4be5711574dWepdecrypt is a wireless LAN tool based on wepattack that guesses WEP keys using an active dictionary attack, a key generator, a distributed network attack, and some other methods.
3db0be559dbe7bcd566eec14bbe223bce313111a82237de8b8433c43779a53ecMultiple SQL injection and cross site scripting vulnerabilities have been discovered in AspApp. Sample exploitation provided.
03e90c2cb4195bc7bc382495197baedd3e0d909a18bcfb755d1062bb38afca07Multiple SQL injection and cross site scripting vulnerabilities have been discovered in PortalApp. Sample exploitation provided.
ef8774a270f7cf5c3c385dd44115e3f3ab80760745b1a26d5d9c111db428ebeeACS Blog version 1.1.1 is susceptible to multiple cross site scripting attacks.
0c6942c90bd3e4344142bcb9a42ec2ca5feae9635b10587ede08a046069e3c05Remote root exploit for the preparse_address_1() heap buffer overflow in Smail versions 3.20.120 and below.
03fa4cf4484ee5197112b1be3896401a73baeca9c53af9ffcfb129454017221ePhotopost PHP Pro Photo Gallery software is susceptible to multiple cross site scripting and SQL injection attacks. Detailed exploitation provided.
37b9312ab67645bf7aa36fdc72203dd12b60bfbd3bfb1f48fa1936e2f2486c61PTT Security Advisory - Sun Answerbook2 version 1.4.4 is susceptible to cross site scripting and administration attacks. Exploitation provided.
f84f8926bae5020beca593a0122297f5f39ac778c3820f5996098cd6a9e123beiDEFENSE Security Advisory 03.28.05 - Remote exploitation of a buffer overflow vulnerability in multiple telnet clients could allow the execution of arbitrary code. The vulnerability specifically exists in the env_opt_add() function of telnet.c. iDEFENSE has confirmed the existance of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability.
de99e8ea1329dbc1f15a968b8c0756e881aa440162190742655fdb287e67ea1ciDEFENSE Security Advisory 03.28.05 - Remote exploitation of an buffer overflow vulnerability error in multiple telnet clients may allow execution of arbitrary commands. The vulnerability specifically exists in the handling of the LINEMODE suboptions, in that there is no size check made on the output, which is stored in a fixed length buffer. iDEFENSE has confirmed the existence of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability.
9a3b7b73eb08fc8817b92e7dac30a75b72f3c015d5bbd074dbfb8f930414a6f2Practical guide to advanced network attack and reconnaissance techniques using Python. Includes topics such as firewalking, port scanning, ARP poisoning, and DNS poisoning.
916232dd57df1886350cf72bfea0c2c2b0deabc436b2c432950fbf0ce8bdd015Proof of concept exploit for a remotely exploitable buffer overflow in the Tincat network library used in various games.
59a3b89267c5dd0e34a3c1f1ddfd3867902e562a8c7054b2a8a2a37ea1878f70The Tincat network library used in various games is susceptible to a remote buffer overflow in the code that logs players entering the server. This flaw allows for remote code execution.
c211634e8ceb1aabbd24adf99b61d5686e280b0581dced699b041982f50b4780Gentoo Linux Security Advisory GLSA 200503-34 - A routine security audit of the mpg321 package revealed a known security issue remained unpatched. The vulnerability is a result of mpg321 printing embedded ID3 data to the console in an unsafe manner. Versions less than 0.2.10-r2 are affected.
e3b4a0926c6deb1e52dbd27635780082fa5bbda54ada9fec46a0718dc8882384THai's Shoutbox is susceptible to a cross site scripting bug.
ed49a7e339d0891d132dc79e327caf12fabaf981cbcaf07676c4f8b3aa3c5658The Bluetooth code in the Linux kernel has a flaw that allows for local privilege escalation. Versions affected are greater than or equal to 2.4.6, less than or equal to 2.4.30-rc1, and 2.6.x up to 2.6.11.5.
3af1e2b575930a55ef4b0186165f28931f8a985f60a7c3067e9481a97e6a86a3Vladersoft Shopping Cart version 3.0 is susceptible to multiple cross site scripting and SQL injection vulnerabilities. Sample exploitation provided.
ff883a1159901250b604c992c505e6b30d38334d06fe39e24596c33f727d5e37
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed