Brinkster, the web hosting company, is susceptible to multiple attacks allowing remote attacker to retrieve other user's ASP source code, access to database files, and bypass of code controls.
20321697a1b31690cb24599aed57a01f74205775e8fa4851f50d9b0cbf5200ecA LoadLibrary / LoadLibraryEx weakness makes SSL on Internet Explorer very vulnerable to a DLL proxy attack. If exploited, unencrypted data can be intercepted before Internet Explorer uses the SSL module to encrypt the data.
603b345a2df31ce2b2a3c2928ac1cc29651e2a412f6171ef68b66484970e4e16The Red-M RedAlert wireless 802.11b/Bluetooth probe version 2.75 has multiple security issues. Any unauthenticated user can reboot the appliance through the webserver. The administrator's access is bound by IP address, allowing anyone coming in via NAT from a shared network the same levels of control. The device also filters out specific characters in SSIDs representing them all as a single space character.
71f2e6720e463278dc0da49ea24319c0a4bc4ce61c86960afea7ce164e6958ceeTrust Virus Protection 6.0 InoculateIT for Linux is vulnerable to various symlink attacks and also creates multiple world writeable files and directories that can lead to system compromise.
8b163eb967dcd0f8561591434297e9b857a280d9af0cc48874c8eca5debb3f11Nokia 6310i cellular phones (and possibly others like it) could be subject of a denial of service attack when invalid OBEX messages are sent to the phones' protocol handler. This attack results in the phone resetting, terminating any current operations. No device pairing is required therefore anyone in range of the phone could initiate an attack.
9cfbea225d202aee5698f1855d4076fa4a3b72eedbf0d7613f683cf859f02257Eggdrop IRC robots versions 1.6.x to 1.6.15 have a programming flaw that allow remote attackers to turn on share status, allowing for complete compromise.
0b1577d795dcba10443573e756575770ca4c02d6416e16106f8850386aa500c3The TrackMania game server that listens on TCP port 2350 can be crashed when garbage data is sent resulting in a denial of service.
679bdbc58dd5a64c64906445a5ca1bcb61f1c3b41fd72b74a16e4ead64037f83Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
fd64352434e534c075de72e494d8b6445cfd5952bc831088c40ffe0762608f5fPHP-Nuke versions 6.x through 7.1.0 are susceptible to SQL injection attacks.
4962278b44fd6ae11b16d0e252e35a512ae43148f98b8d43daa77867c0f0b293A cross site scripting vulnerability exists in PHP-Nuke 7.1.0.
20ab7b5e841d9d4fb0e967215db2605948f0ef833bf39f0559bbbf06b316eec7A bug exists in the PalmOS httpd that causes a crash with a "Fatal Error". Full exploit included.
5b285308b063e2d59eb136e0072c9ab4a49538d664eb748f4491f7dabcadc37a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed