A denial of service vulnerability exists in the Conceptronic CADSLR1 Router when a large Host: field is entered during an HTTP transaction.
12ce83076532db48c47f399738af649c0bdf94d5f28b6ba69af460b995a2bdb6This document details the procedure for performing microcode updates on the AMD K8 processors. It also gives background information on the K8 microcode design and provides information on altering the microcode and loading the altered update for those who are interested in microcode hacking. Source code is included for a simple Linux microcode update driver for those who want to update their K8's microcode without waiting for the motherboard vendor to add it to the BIOS. The latest microcode update blocks are included in the driver.
4ecff8d0555e0bd10657e9dff39c32e92fc331ea26ca0cac5995390818707ac2The Doorman is a port-knocking listener daemon which helps users secure private servers. It allows a Unix server to run invisibly, with all TCP ports closed.
fe08f9f4735f367d27a07601ee33249065b847e1e7f2bc91e9fdb851705818abComcast Webmail AT+T Message Center version 1 had a flaw that allowed arbitrary code execution client-side due to the allowance of inbound HTML mail to be executed outside of the restricted zone.
07e88e9a638298baf1818d056ec714b8942bfdcd19ae5d8f7e063df84ee54129Samba versions greater or equal to 2.2.29 and 3.0.0 have a buffer overrun located in the code used to support the mangling method = hash smb.conf option. Versions 3.0.2 suffer from buffer overrun in an internal routine used to decode base64 data during HTTP basic authentication.
678349fe0f5740544c4c032a294d1fb0aaa173deede39851cd1f4a8580219ec0Flash FTP Server version 1.0 (and possibly 2.1) for Windows is susceptible to a directory traversal attack.
e7c4a69fa6e9f50ddd7601dff354fb1131acb92290e55902121fbc0a85973a70A buffer overflow in Whisper FTP Surfer 1.0.7 occurs when the client tries to delete a temporary file with an excessively long filename.
3b3913524789d35c5e21520048a207b0cfef8054b143741b863697319ae8af91Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.
98d195eff8e0a76a2a9a5c188dd3cd2054a2036fdd56667c46f82a523c574a49Cisco Security Advisory: Several vulnerabilities have been reported in Cisco ONS 15000 based products, allowing malicious people to cause a denial of service or bypass authentication.
ac141fb486a64681a233918cc01f9f75ce9685cf2a5b03ba3dd389392c586b9eLionMax Software WWW File Share Pro version 2.60 is susceptible to a denial of service attack.
c62a3a7b6729e3b80e5b839e7d2059f48258be6d200c5f3d7b84840bc6da9740Several Lexmark printers have HTTP servers embedded that are susceptible to a denial of service attacks via an overly long Host argument.
9200bd8aa5813490ac9c3e9a260256993f45be32771a1f1fb673c9cbf0fb1d18Secunia Security Advisory - Jordi Corrales has reported a vulnerability in CADSLR1, allowing malicious people to cause a Denial of Service.
eccc9211bdc15f5068d07448cb567d25b213c146062183c3352436b3ba9d6e3aDue to a vulnerability in the Sysinternals PsTools share mapping, an attacker with a user account can execute arbitrary code as an administrator.
afa2b3db99139b18f9779cb16ab7ebf5920c2aaf5e39becbcf6b41bd48024acfManipulate_Data version 1.3 - Search data on a harddisk/partition/file, extract the part you are interested in, and write it back after you (maybe) modified it.
12e88c8cdb102daca79c783fd147b8c94413b17e76d8675374dec07de2fc3c0fRootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
ddb7b048407b5fb6e587f9d11c817ea961cbbe0e1900e0c62a25b7999562554cProxy Scanner is a tool that tells you whether or not a proxy server can bounce your connection.
fabe21aa1f3980a895c2d11bb0db9e397210a048532f9c75d549c855484e7445Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
8ed52ce0450ea76df099cbfc6c6c6a7d5a52e320e28b88c797ef0de5059866d3Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
5a27f4838510b8ddc788712db24cf81d219bf431e3ac48a7eb629028020f4affExploit that makes use of the mod_userdir vulnerability in various Apache 1.3 and 2.x servers.
8675f32c6af2043f644707d59bb74ae4eaf2e430aa1fb582122c2f9c86d7012aApplication Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
85cc4c2281d795a7b27631f775a592828561823a3d15c1fe7e7cc969a0414e31Secunia Security Advisory - Lostmon has reported a weakness in I-Cafe client, allowing malicious users to by disable the software.
80b75d5f1b4a5f89d1ee0cdc8fe71be78001681f051ca500c5b7314b6e886d0dSecunia Security Advisory - PunBB 1.x, Nucleus 3.x, and BLOG:CMS 3.x all suffer from a flaw where system access can be gained due to a lack of input validation.
457f046835019de8732a58b41bcae39662b69a04597c072414a80d8faa282e1eSCO Security Advisory - Multiple vulnerabilities have been found in the MMDF binaries included with SCO Openserver versions 5.0.6 and 5.0.7. These include buffer overflows, null dereferences, and core dumps.
f78bc63931e13a59fb61612fe42904a3de9bc9c717ed7cd53c2d6e79a6eb8a55Unreal Decloak Toolkit version 0.1 illustrates the weak hashing system vulnerability in Unreal ircd 3.2 and previous versions.
b9f87a775c864e80c21ef6545cc72dbd0c4a0132cffc171c5d13262d8058894bIEXPLORE.EXE file version 6.0.2800.1106 and MSHTML.DLL file version 6.00.2800.1400 are both susceptible to cross site/zone scripting flaws.
adf292c1753dbb9a45642cd37fcc3a60abe2952a1004a4a51d48cb8e38659b95
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed