ChurchInfo is susceptible to multiple path disclosure and SQL injection attacks.
73a6668e42877f21013a42244916fca67cffcafb36e829d4c99e49634370bab7Debian Security Advisory DSA 771-1 - Several problems have been discovered in pdns, a versatile nameserver that can lead to a denial of service.
76b380918f984013380fc38aca2a520b0589b23e702396501ad88261b0d64c22Ubuntu Security Notice USN-157-1 - A multitude of Mozilla Thunderbird vulnerabilities have been addressed in this advisory.
56b8c828690b1296b9878ed27bea60c011fbc5dda8b747a157832a7ac900320bGentoo Linux Security Advisory GLSA 200508-01 - Compress::Zlib 1.34 contains a local vulnerable version of zlib, which may lead to a buffer overflow. Versions less than 1.35 are affected.
bc9a69053ab214f7d9b24fa169499b25dd37e79dc612b68d4e5870746dbaa76eKojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
b788fd70ea3dfe1cfec3631d3c75d30809641b7f1dee6fadd8579804f2bd52e9alph implements and analyzes historical and traditional ciphers and codes, such as polyalphabetic, substitutional, and mixed employing human-reconstructable algorithms. It provides a pipe filter interface in order to encrypt and decrypt block text to achieve transparency. The program is meant to be used in conjunction with external programs that transfer data, resulting in transparent encryption or decryption of information. The program can thus be used as a mail filter, IRC filter, IM filter, and so on.
b376f1816b722fc736f128af1ad97188c2535954509ebc1bb38dbce10ab03bc2Netquery 3.1 remote command execution proof of concept exploit.
3b2367e914621187e128ad68af7dadb8a12153971468d5ecdf4a3f427321eefbiptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
84ac04a28ae41e17df0f181d8bc0049ae7a83baae07296e890ea5977a2952318fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
4558b54d776b68b063d77a3447077ba60dce5615f78eb6d628c1ce184319f24ePacket Storm new exploits for July, 2005.
ab545a8283c253b65bc2b58960d3e3e79415097ff6ceb8e59e6732fda91c568aA buffer overflow in BusinessMail email server system 4.60.00 allows for a denial of service attack. Proof of concept exploit included.
e61c8d30334ddbd9c69cb79a6029b70f85e075638ce1f5ff51725124201c4044A SQL injection flaw exists in phpList. Proper exploitation requires that a user be authenticated.
458fc9000f820a935ba9ad27ff4eb00f11f2f4489a319a93892a0c24a662dcf8Gentoo Linux Security Advisory GLSA 200507-29 - Max Vozeler reported that pstotext calls the GhostScript interpreter on untrusted PostScript files without specifying the -dSAFER option. Versions less than 1.8g-r1 are affected.
87f159155381b36c21e0e0e3fefddc682bb5b863fd0a362a41d8482035a3a0f2MySQL AB Eventum versions 1.5.5 and below proof of concept SQL injection exploit.
98ae37828a224b42ec7704aa466387c415edefa346151814689409183ced0496MySQL AB Eventum versions 1.5.5 and below suffer from cross site scripting and SQL injection attacks.
486b62670eba7e416965890cfa7d6c70e4ce802a5432ee1a9a47b3799b7d5e9dPhpeasynews version 1.13 RC2 is susceptible to cross site scripting, path disclosure, and user check bypass vulnerabilities.
1bcd3c76f6565004ab00f136803cee930fa5730fb78ad311913b6ad2b14f5279OpenBook version 1.2.2 suffers from a SQL injection vulnerability.
99e3f6e9535131e4d3edf4332578daa55505501be55b27078e97c14c4266ecc7Gentoo Linux Security Advisory GLSA 200507-28 - Earlier versions of emul-linux-x86-baselibs contain a vulnerable version of zlib, which may lead to a buffer overflow. Versions less than 2.2 are affected.
089895ad37abaac24f0dad3f6afe89af8a82368d5cba6cecff5434588a1426fbPC-EXPERIENCE/TOPPE CMS suffers from cross site scripting and login bypass flaws.
8b93fec850be69043b24c38d724a3fee23aae77ca336c591a5aee6c961ce8456Kayako liveResponse versions 2.x suffer from cross site scripting, SQL injection, script insertion, and other vulnerabilities.
467ff6e05fcb9f7bcfe64a7911a6f281382e754685facee0e1c93532010dc5faEasyxp41 suffers from multiple cross site scripting and data disclosure flaws. An excessive amount of detailed exploitation is provided.
b11be99fc0ea0ceadd4afffe67998e76b1846a48d50741151bb21bbbc661d62dPlugged-Blog 0.4.8 suffers from multiple cross site scripting, SQL injection, and other flaws. Detailed exploitation provided.
ebbca1ecec9d8e1ddadf735c12f8d774717fd83bf4c04b5d8fc5c63731f562aaTrillian Pro 3.1 Build 121 saves a user password in clear text in a temporary file that is world readable when attempting to connect to Yahoo mail.
3bf36659581229e54569a2d59e27539a97b5f16685e7c71abe83814a914d88dfKshout versions 2.x and 3.x allow for direct file access to their configuration files.
8c0896bc4a509cbcf7c2ba24fcda2dd282d65861445774e2bdc42115d9afe375Technical Cyber Security Alert TA05-210A - Cisco IOS IPv6 processing functionality contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service.
612a6aab63407f47dd2f70f9f5daac057671dae53d6365bd25ada10a0b1fb803
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed