Mudpit is an intelligent, modular, and reliable spool processor for Snort's unified format.
eed705085bf7156687cfc64b6126bfb98b12b990632b24c5fa4a5c4c581115d5Compozit 1.0 is susceptible to SQL injection attacks.
977a291d2a21299a6376df4d987b0196b9c33d4f90db0aff90f9d36a999d815dphpBB suffers from SQL injection vulnerabilities.
ca458f33b9f3016fe72402ab33dfbbd57fcb02856066cf26233223b8394b26efA buffer overflow exists in KMiNT21 Software Golden FTP Server Pro version 2.52.
1a0a99671467a7f1942f1ac05379950a44c6102d6fa6190bdd51c998d91389cdMultiple Cross site scripting, 10 SQL injection, 7 directory traversal and 4 remote file inclusion vulnerabilities have been found in Claroline versions 1.6 and below.
052e9365cb9d1fd65a53162363bd9fa05dd0a5aa01b916faa3eafffc8e316c8aKismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
e19871cad09624d3a5af256d5516eeabf2ab79591b277be500b9b1dd61c2541eThe Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.
ef139543a9532e044a332e6fe24a517551fe4da5ef7447675ac35fac64a5755cphpBB versions 2.0.15 and below denial of service exploit that makes use of a flaw that relates to registering multiple users. Perl version of the exploit.
98acab7ade2fe687c7afcd148ba523fb1ae862b5525096cb9730bed7ea791db8phpBB versions 2.0.15 and below denial of service exploit that makes use of a flaw that relates to registering multiple users. C version of the exploit.
b835c816d7e4aa2da5af4fdb2e14e6ae2589bbc6850ce03ba5706f6128cb6818Saeven.net's WhoisCart is susceptible to an arbitrary javascript injection flaw and also suffers from a directory traversal vulnerability.
72a4419a90fac45a4e99d532b651a7458d542208ac192cdede294997035ebab7iDEFENSE Security Advisory 06.22.05-4 - Remote exploitation of a SQL injection vulnerability in IpSwitch Inc.'s WhatsUp Professional 2005 Service Pack 1 could allow a remote attacker to gain administrative access to the application.
6c6767bf836656fe30675b99b71054b7cb6756a771baffbeab51e764a85a2176Cacti versions 0.8.6d and below remote command execution exploit.
ee21056d8194d2649e19ffc967ac38ff11af62f0a4eeaf28a7b2d28307b2942dGentoo Linux Security Advisory GLSA 200506-21 - Stefan Esser of the Hardened-PHP project discovered that Trac fails to validate the id parameter when uploading attachments to the wiki or the bug tracking system. Versions less than 0.8.4 are affected.
0f97ceea0be29a1d8e8d37d870a649c8ee040223a44282a32264d12ce1ba154cA programming error exists in the function that parses commands in the Asterisk 1.0.7 system. This is used by the manager interface if the user is allowed to submit CLI commands. The coding error can result in the overflow of one of the parameters of the calling function.
1a50a0056a74c27fb6eb2b5b5d0116c261912d86824d5d8e0a21b4a8acf36b39iDEFENSE Security Advisory 06.22.05-3 - Cacti contains an input validation error in the top_graph_header.php script that allows an attacker to include arbitrary PHP code from remote sites. This in effect allows arbitrary code execution with the privileges of the web server.
76425a9c336f61cb7a418d47c71225952e7fee9c19374f80a5085a8d7d7c43c9iDEFENSE Security Advisory 06.22.05-2 - Cacti contains an input validation error in the config_settings.php script which allows an attacker to include arbitrary PHP code from remote sites.
3eb5ba6575344531dd662feeb0e430af134f04cc3d9810fe4a6560ee8e28b3a2iDEFENSE Security Advisory 06.22.05-1 - Remote exploitation of an input validation vulnerability in various vendors implementations of Cacti graph creation tool allows an attacker to make arbitrary SQL queries.
0d39413572d0da0122e5bac588b1fce964b3239c0857b5a18ec67ea93c2088d6A huge slew of SQL injection flaws exist in the DUWARE product inline, including but not limited to DUportal Pro, DUamazon Pro, and more.
b9a175c9a04f64a3b6e047dd00a5d5013be3da2b677958ed5ae9348960834bb3i-Gallery versions 3.3 and below suffer from a directory traversal vulnerability and cross site scripting flaws.
31d1e15301887894e15c7a8e6e7210321b31f0eddfd31c726c9acd647671cb60MercuryBoard versions 1.1.4 and below remote SQL injection exploit.
bf383cdba243a36d84724e10b84bad756aa8602e454b224c3f5bb60ba4532918WordPress versions 1.5.1.1 and below SQL injection exploit that makes use of a bug in users.php to add a new admin user.
679762c6495e2350165d311b311a4548d3929b25c9ba29d4abcc3a5ff2c6e830Gentoo Linux Security Advisory GLSA 200506-19 - SquirrelMail is vulnerable to several cross-site scripting issues, most reported by Martijn Brinkers. Versions less than 1.4.4 are affected.
cf94f3daef360bfa86ae1e8d24375d9c925f3f746b85e7e7efa2e0820a10ac0dGentoo Linux Security Advisory GLSA 200506-18 - A bug in Tor allows attackers to view arbitrary memory contents from an exit server's process space. Versions less than 0.0.9.10 are affected.
172c44a6de769f59d3cffb877e2cd5557f0f1038dfa45ac0dd687d721bc64e25Secunia Security Advisory - Some vulnerabilities have been reported in Cacti, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks or compromise a vulnerable system.
9876b2125bb2c1921659b847e8bef6f745310911559db7734fe1f1256984b9d2Secunia Security Advisory - A vulnerability has been reported in sudo, which can be exploited by malicious, local users to execute arbitrary commands.
aba0062405f18965cb45dcfed5de4d0bc7be9feb2e11a2c3282df49556e41a20
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed