PScanDetect version 0.8 is a utility that will detect TCP-based portscans. Tested under FreeBSD 5.1, OpenBSD 3.3, and Slackware Linux 9.0.
1b74539c9e0cfe25914068560f46eada7a570bd6136dcd7882274d57af719da3DCAM webcam versions 8.2.5 and below suffer from a directory traversal attack that allow a remote attacker to access any file available to the webserver uid.
3100d7453b6443b31ae5e4981c57020c628cd6fe3e5be2d1e7ef034ab11dcc3eosCommerce versions 2.2-MS1 and 2.2-MS2 allow a remote attacker to send a malformed URI that can effectively deny a user legitimate access to their account via a denial of service attack that will cause an unremovable item to be placed in the users shopping cart. These releases are also subject to SQL injection attacks and cross-site scripting problems as well.
4c4f31e91ddc721a290c33f3497928cb959707eed54691809a10b531978ae64eCesarFTP version 0.99g and below has a security hold in the command CWD that allows a remote attacker the ability to cause a denial of service by raising the CPU utilization up to 100%.
e77b6fdaa8347138e3f274c7636cf361b6cc6c8d56c457137aa6dfaf64408317Xerox Document Centre 470, 255ST, and possibly others allow for remote unauthorized access to files, access to plaintext passwords for the HTTP administration interface, access to DES passwords for the operating system, and read-write access to HTTP users and passwords.
026b93d3219efe238d3210af33b8dafe109314334e03c1bb222b23d44131e548The Nmap 3.28 Statistics Patch adds the -c switch which guesses how much longer the scan will take, shows how many ports have been tested, resent, and the ports per second rate. Useful for scanning firewalled hosts.
ea4f1b08c7795a3b387ea8ad7bc01d8df30e1ec9964d3b0da43604e5488c61daA fault lies in ProjectForum versions 8.4.2.1 and below that allow an attacker the ability to cause the server application 'projectforum.exe' to crash and stop responding to requests from clients. This can be triggered by sending an overly long 'find' request string to the server in question.
65f76484d200b45742b4b7e25e6f7fa7bc5718044f09aef7e4e55d17544ecfc7i-am-doh is a utility that filters approximately 75% of all false-positives given by an IDS. It uses existing reliable tools like Nmap, Nessus, and Amap to validate IDS alerts based on the following criteria and techniques: OS identification, service identification, port scanning, vulnerability scanning, online CVE and bug interpretation, and server importance weighting.
8240812efc3fddb3c130b13349ca734da19a96a92366c88e4e6aa21be0bd7fd3WARD v2.0 is a classic war dialer - it scans a list of phone numbers, finding the ones where a modem is answering the call. WARD can generate phone number lists based on a user-supplied mask, in incremental or random order. Remember to change some defines to make it fit your current system configuration. WARD is one of the fastest PBX scanners around (and possibly the best for UNIX environments). Tested on OpenBSD, Linux, and Windows under Cygwin.
9e8fef3e2e9568bdfa6a72fb1dbb6de5773363101d30bbac16e3271d4428b2f9vlogger is a new release from THC that logs keystrokes on a Linux box. It logs all console, serial, and remote sessions, and does not use syscall modification. It allows for both local and remote logging methods.
48c0deb9db950f6cc98d94e0a4ff079bfb6a7b92fa46a5145513b1c13eb2a414
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed