Cpanel version 9.1.0-STABLE 93 is susceptible to cross site scripting attacks.
20c3bdf8e4b2a726db63def0c72d5806799896bda6eb6b6f619e27b3a22a4d22GreyMagic Security Advisory GM#005-MC - Both Yahoo and Hotmail are susceptible to cross site scripting attacks.
e4ee9aa186ad94384d63d64398e181264a2f7be0a28d2b43868db54160ea73cfIpswitch WS_FTP server version 4.0.2.EVAL has a flaw that allows a remote attacker that ability to read any memory address. With the right address, the user can cause a buffer overflow and execute arbitrary code as SYSTEM.
3cb9ce74977358040d15ba38c7f849fd531dd829829d647e0922398a87feb947Ipswitch WS_FTP server version 4.0.2.EVAL allows for a local attacker with program execution privileges to run anything with SYSTEM privileges. Full step-by-step exploitation given.
09db33767583c0197cf2fc533a27f68d312a5b5a994ac463fa779980c06c0d47Ipswitch WS_FTP server version 4.0.2.EVAL allows a remote attacker to fill up the hard disk of the server via the REST command, resulting in a denial of service.
77b6d6329d32b02f40d9fcdb072ee8f5b668c3da6d3aec7a892a5c89f8a6b227Remote exploit for Ipswitch WS_FTP server version 4.0.2.EVAL that makes use of a buffer overflow in the STAT command.
e993fa25947b8629ad5a12de268189a00ea40196ac545b8061e970e085a73b11Ipswitch WS_FTP server version 4.0.2.EVAL allows for a remote user with write access to a directory the ability to execute arbitrary code due to a buffer overflow in WS_FTP Server's STAT command when downloading a file the user created.
b865a821c9ab141926df964d0139b73948e886598becc6fb68a6d21a43c17b94News Manager Lite 2.5 and News Manager Lite administration suffer from cross site scripting, SQL injection, and cookie hijacking vulnerabilities.
c6b957877bb54eb34a118dda9d6a1ea76f8fd56c3ed84f5494f8e2553fe802e9Input validation holes in Member Management System version 2.1 allow for SQL injection and cross site scripting attacks.
8843ba631656a0d022b943d1f9ed88a01141aac6cffc9a70563c08e061916c03PHP-Nuke versions 6.x through 7.1.0 allow for link inclusions that can force an administrator to unknowingly add a superuser.
31cc6559f4c7a91a97c76521c220fd991009d04a5c2dbeddbe787fadbdf0b497MS Analysis module version 2.0 for PHP-Nuke has full path disclosure, cross site scripting, and SQL injection vulnerabilities.
c0010912fa273ff4a30d55b15d18fc5fd19b2b54ca1007ad349039d5a371a812xweb version 1.0 is susceptible to a directory traversal attack that allows viewing of files outside of the web root.
60b21d81251bb77af83e0f1e4ca6d1adf6571fe672b763de3f470ec726a71428The mod_survey module versions 3.0.16-pre1 and below for Apache are susceptible to a script injection attack.
18880aeaa0e51e9fe61f172cb98d6871fcde873b32f602869732da1c35fa91e9Invision Power Top Site List versions 1.1 and below are susceptible to a SQL injection attack.
9c7ea4878e7254176e4bcaac6f32a59ebf68c04e43e0a4b49b0efe9f6594621cInvision Gallery version 1.0.1 fails to properly validate user supplied input allowing for various SQL injection attacks.
8406dd6fdc8e09171b80e6595a6cdc39e2810302ba082391f91b9ca2d80ba0a7KisMAC is a stumbler application for Mac OS X that puts your card into monitor mode. Unlike most other applications for OS X, it is completely invisible and sends no probe requests.
0af226cedcb727ff3b4082d3963b92f690f0a2797c3889560525a80b84ad95bbThis is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
4304eebd70fb7e8a565fc8bb32930abb0682b274db9fca4b50f47677bf9966b6Motiontrack is a set of tools that detects motion between two images. It is able to successfully distinguish random flicker from real object movement by applying a set of filters to the images, and can optionally ignore given colors and/or image regions. The roadmap provides for being able to identify objects by pattern detection and AI routines. Currently, this tool is able to turn line-art images into ASCII-art text as a demo feature.
796fb4c8c37c60240344f37468a047c57c32196f1c8416159e3977c0a404b5d3phpBB versions 2.0.7a and below are susceptible to cross site scripting, SQL injection, and remote command execution attacks.
815693b4ce058c8188efae85234c700b507656011ddae5cb4beb547eb9a22005phpBB 2.0.6d suffers from a cross site scripting vulnerability.
1253cde0d7b076a44a8d71949704b1821424924eea3d66f2ceef5e96497afdd7xine-bugreport suffers from insecure file creation in /tmp that can lead to a symlink attack.
4fcbc54a6a9efec0d6e0816d90e344ec790ee578689ee2db652db4331f3b7d11mod_disk_cache, for versions of Apache 2.0.49 and below, stores all client authentication credentials for cached objects on disk. This means proxy authentication credentials and possibly in certain RFC2616 defined cases, standard authentication credentials.
33e8126715a7862594819b683f4ef3dee79a08ceed7484268d1fde2303ba2210Endeavour Mark II AntiVirus Scanner is an anti-virus scanner for Endeavour Mark II that uses the ClamAV library (libclamav). It allows you to create a list of scan items for frequently scanned locations and features easy virus database updating, all in a simple GUI environment.
dc9f097b7b33ffc6123308c5caffc0e5b20f5916dca866f2c6c47878f6d3cd69fwanalog is a shell script that parses and summarizes firewall logfiles. It understands logs from ipf (xBSD, Solaris), OpenBSD 3.x pf, Linux 2.2 ipchains, Linux 2.4 iptables, and a few types of routers and firewalls (Cisco, Checkpoint FW-1, and Watchguard). The excellent log analysis program Analog is used to create the reports.
8ddc4c7ec16e59a27691e25fdd1f266838230ee08c3495fa289db0e7fc008e13Apache 2.0.49 has been released to address three security vulnerabilities. A race condition that allows for a denial of service attack, a condition that allow arbitrary strings to get written to the error log, and a memory leak in mod_ssl have all been addressed.
666378a2dac755746ebe339e702406b4148bfa0f7e45b8cfb45a932c59ff3931
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed