Netwox is a network toolbox. This kit comes with 217 tools that can be used to perform a multitude of tasks that are very useful to any administrator. It supports various protocols (DHCP, DNS, FTP, HTTP, IDENT, IRC, NNTP, NTP, SMB/CIFS, SMTP, SNMP, TELNET, TFTP, WHOIS) and performs low level functions like sniffing, spoofing traffic, and playing client/server roles. It includes a graphical front-end named Netwag, and is based on a library named Netwib. Both Windows and Unix versions are included.
758063d598d694080fcce1083eac4bb0fe96c4e920444d27afd1329012814eaeGentoo Linux Security Advisory GLSA 200511-23 - Sven Tantau reported about a buffer overflow vulnerability in chmlib. The function _chm_decompress_block() does not properly perform boundary checking, resulting in a stack-based buffer overflow. Versions less than 0.37.4 are affected.
10a6863941e87eadffa30c1303d11e9570df290bbbbeb18eec9fbea63602217cGentoo Linux Security Advisory GLSA 200511-22 - Joxean Koret has discovered that Inkscape incorrectly allocates memory when opening an SVG file, creating the possibility of a buffer overflow if the SVG file being opened is specially crafted. Versions less than 0.43 are affected.
a7669a0dd35190be7d3d5b83cb38276e22d7b4013be27e72517c71d8ee9ae345vBulletin 3.5.1 suffers from a cross site scripting flaw due to the control panel not properly sanitizing variables.
15fa84271d93c8c72194b016c8d96de0fdf4e2671cf81aee98f9b6ab56b913caktools versions 0.3 and below suffer from a buffer overflow vulnerability.
918ef9d4641780120c240699cc4f252ce1d302824630f5a0f13b19568aefca5dQ-News version 2.0 is susceptible to a remote file inclusion flaw.
65bdbd60ddbf1ed96db87260f3048da1788201fc1122a655cb0702a2fcd307dfphpgreetz version 0.1a is susceptible to a remote file inclusion flaw.
0c471f2fd4499db27d625c0956e3ee5b023b9f309aa57dbc0abb691c025580fbAthena version 0.1a is susceptible to a remote file inclusion flaw.
a5d94ad292f08cc31e2078317b7440fcf0f7e53e9574ef663d0b2d7c250e4352Webistanbul is susceptible to SQL injection attacks.
4fc8ee5339f5950cfbe6e0e838a61f598a45568d8b7a9a76d2f75fa238c0f1c8PBLang version 4.65 suffers from a cross site scripting flaw in profile.php and ucp.php.
cf4782e0e03201f7fc46871933ede13324110a804079ccd1d47d4708502a29afSmuggler demonstrates HTTP Request Smuggling techniques. Currently it only demonstrates the Microsoft IIS greater than 48K Request Truncation flaw in order to poison caching web proxies.
83742fae85d9cc74372cdf12ab8cccd9dee6bc94c8b8e72c09f5c52216d0cdc2Gentoo Linux Security Advisory GLSA 200511-21 - When handling a SWF file, the Macromedia Flash Player incorrectly validates the frame type identifier stored in the SWF file which is used as an index to reference an array of function pointers. A specially crafted SWF file can cause this index to reference memory outside of the scope of the Macromedia Flash Player, which in turn can cause the Macromedia Flash Player to use unintended memory address(es) as function pointers. Versions less than 7.0.61 are affected.
7794dc431b1b1bc5fb9a5c00d3bcdf6e49016beb9a07d8735fa3b99fd90c66d4efiction versions 2.0 and below suffer from remote code execution, SQL injection, login bypass, cross site scripting, and path disclosure flaws. Full exploit and details provided.
b6ee828afdcfdc0db17b52645c9dd264df2736df6e3028fc460d3c7405837afeSEC-CONSULT Security Advisory 20051125-0 - vTiger versions 4.2 and below have been found susceptible to SQL injection, cross site scripting, code execution, directory traversal, and arbitrary file upload flaws.
c40cfc60da4956c1504de1864fab0f8bc8c5873f798f96b78f0c2755e01d5af9Multiple cross site scripting, authentication bypass, SQL injection, file inclusion, and password hash disclosure flaws exist in vTiger versions 4.2 and below. Various details disclosed.
5cebea0b280288ffbeb4e2854a40c056858c7c6bd6909cddb3b0988a9a8c0f45Secunia Research has discovered two boundary error vulnerabilities in various SpeedProject products, which can be exploited by malicious people to compromise a user's system.
40fcd4925c69b8512716ccb146a61281115a9d0d9c4924ad8db2a33fbfbe07b6MailEnable Pro version 1.7 and MailEnable Enterprise version 1.1 are susceptible to a remote IMAP related denial of service flaw when a rename request with non existent mailbox names is presented.
3198f10d176771fde3a587491b924d65f7750f614ebf2bc7c1e2d7cabc92d4f9freeFTPd version 1.0.10 is susceptible to a remote denial of service attack. Exploit included.
2138a8818ceed92c5f02b77429a32caf9fc3719509b0fff67d444fb585e34eb4Debian Security Advisory DSA 910-1 - A vulnerability has been discovered in zope 2.7, as Open Source web application server, that allows remote attackers to insert arbitrary files via include directives in reStructuredText functionality.
a625631b09773f257c81b3e4f2c444e8b57051762929bbda759db6e1af9c5268SmartPPC Pro is susceptible to multiple cross site scripting flaws. Details provided.
2a1dfc606427de60d8c28ce32641f67fe30c15ce158badee9e505ba57887f164Mandriva Linux Security Advisory - Integer overflows in various applications in the binutils package may allow attackers to execute arbitrary code via a carefully crafted object file.
540de918934afc0fe9611a3320d8ad6d2edb153fd397148b8e79442f1afb750cLocal root exploit for BitchX. Note that BitchX is not normally setuid by default.
15287501f0909a92ceef2b952590a8030acdd609f74bc714559cd9bb0c867974Debian Security Advisory DSA 909-1 - Daniel Schreckling discovered that the MIME viewer in horde3, a web application suite, does not always sanitize its input leaving a possibility to force the return of malicious code that could be executed on the victim's machine.
2d43888a7680004331964aaed90cc0be49571ea724e23dcf3f8b74b8f0647243Debian Security Advisory DSA 908-1 - Colin Leroy discovered several buffer overflows in a number of importer routines in sylpheed-claws, an extended version of the Sylpheed mail client, that could lead to the execution of arbitrary code.
29d408151eb11090fb050627bb55902fc991f5c7420a64610b896162d6885fe8Debian Security Advisory DSA 907-1 - Akira Yoshiyama noticed that ipmenu, an cursel iptables/iproute2 GUI, creates a temporary file in an insecure fashion allowing a local attacker to overwrite arbitrary files utilising a symlink attack.
4cc891873340cf15ce5cf14c61cc397de1079521272b8a092b531faa709c0ab9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed