Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
56f18529124331067e2758128a8979cdd106b10adf34f560246cb2bf3900102eCA ARCserve Backup contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities. The first vulnerability occurs due to insufficient validation of certain RPC call parameters by the message engine service. An attacker can exploit a directory traversal vulnerability to execute arbitrary commands. The second vulnerability occurs due to insufficient validation by the tape engine service. An attacker can make a request that will crash the service. The third vulnerability occurs due to insufficient validation by the database engine service. An attacker can make a request that will crash the service. The fourth vulnerability occurs due to insufficient validation of authentication credentials. An attacker can make a request that will crash multiple services. Note that these issues only affect the base product.
4a1efc837ec3a9c0d729220a5e7ba7876a7442c1a76a70f4dfc0ac3bc64384caGentoo Linux Security Advisory GLSA 200810-02 - A search path vulnerability in Portage allows local attackers to execute commands with root privileges if emerge is called from untrusted directories. The Gentoo Security Team discovered that several ebuilds, such as sys-apps/portage, net-mail/fetchmail or app-editors/leo execute Python code using python -c, which includes the current working directory in Python's module search path. For several ebuild functions, Portage did not change the working directory from emerge's working directory. Versions less than 2.1.4.5 are affected.
ce3ad9b7b7e0f9a9677e6d92d0a272c9a7bff74690651769e70257e3910d286eSecunia Security Advisory - A vulnerability has been reported in ModSecurity, which potentially can be exploited by malicious people to bypass certain security restrictions.
861d3a819585d6caa48d0c86bcdbc1d0156a5a8e9d41130d80f1ab08ed83c65bScriptsEz Easy Image Downloader suffers from a local file download vulnerability.
bba221be1e6e21f410af5624131fcdab017f5c32fc9d737e38e4e40d870f9e2bScriptsEz Mini Hosting Panel suffers from a local file inclusion vulnerability in members.php.
6541689ae60cf8b78db7e750d9a4a6fa0e1565e8198209a0df10747ad1d8ce87Whitepaper discussing how to exploit vulnerable SMB instances on Microsoft Windows XP using Metasploit.
64397f2e5ecfb98d2b1a54a7d22c67d6478602956fcf5eb190cc9639338428d9Stash version 1.0.3 user credential disclosure exploit that leverages a SQL injection vulnerability in admin/login.php.
be55b82a3c8073cbf6d59f024d860dd61658e35b51fd4344d4fa2270fb8b6588Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service).
30c4042c5369d52ca8483ab075fe33e1d3a45cd03c08bbde0ab0ba166c5081e6Secunia Security Advisory - Some vulnerabilities with unknown impacts have been reported in YaCy.
27e60fc2178383b3345921a07da879c1a1265ad4e8915f430c6c6b8caee9eb8bSecunia Security Advisory - Roee Hay has discovered a vulnerability in Graphviz, which can be exploited by malicious people to compromise a user's system.
13a3a881ae268346d4a3c6eaa88446643fffb8612e69c297092a9171fb1ed6e6Secunia Security Advisory - A vulnerability has been reported in various modules for Drupal, which can be exploited by malicious people to bypass certain security restrictions or disclose sensitive information.
2f8199f838f9698b37413b5b2d0978fb00fde5ed41c610264a6ef1ed8632c255Secunia Security Advisory - Two vulnerabilities have been reported in Drupal, which can be exploited by malicious users to bypass certain security restrictions.
56da727cd2c4401d83fd1cd19ceb04353c6ee912e8cb351d0045a534f10c5285Microsoft Windows GDI+ proof of concept exploit that takes advantage of the vulnerability listed in MS08-052.
d4f546d3e177c2dbeb8aa282d8dbf0c3df7944a8b1e14ace999c0552506e4174Cameralife version 2.6.2b4 suffers from SQL injection and cross site scripting vulnerabilities.
6907b6645630c42a452a6fc8e363fd9a4004a6d1e6fe08f7ac90345114267180HP Security Bulletin - A potential security vulnerability has been identified with HP System Management
6c5d68ced0e057ec345acd5b163e1a746d277d6178b6175066c834a8d70182f6HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS).
ae1cc13d420d12dfd985668745ca8e7587e4beb31aaf6a86d2b5b809b249f6a4Arad Center suffers from a remote SQL injection vulnerability in news.php.
67b948ccfe99bb46226a618aa10d57a994136d40e79dccf882f3793401c284bcPersian Tools Gallery suffers from a remote SQL injection vulnerability.
46847f307fec9604cdfc2ffebc3197c5f7375dae47d4e81b0290f93081c75787Remote SQL injection, cross site scripting, and user enumeration vulnerabilities exist in DPSnet Case Progress.
0a2e10b125f92c734c445d338f2ce29f6235b3cd82345ce56eea2fbf2cda1c5dFC2 BLOG suffers from a cross site scripting vulnerability.
1b574b6abc899f297567f00b2830113ce101653adc11e126130ff650723ea25bThe Joomla Joomtracker component version 1.01 suffers from a remote SQL injection vulnerability.
27be85e82e6efd840b9a0cce5413370a21301c73c681dedf602834a276d92912Kusaba versions 1.0.4 and below remote code execution exploit. Second version.
4d455dab893fabe6a8a73f72c07c0f533b551c45235ede1e67b92bb7a4338c1bKusaba versions 1.0.4 and below remote code execution exploit.
eddac47aa3e7dbb78d0e51f34f1686af62d17afab3cc3b9fbc6f8f74d55502f0Gforge versions 4.6 rc1 and below suffer from a remote SQL injection vulnerability.
f52061d6b6149eae901da2b5705105f5fca76777ae5c82cce8362094e5f48580
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed