The CarolinaCon 2010 Call For Papers is now open. It's an annual technology conference to enhance local and global awareness of current technology issues and developments, provide affordable technology education sessions to the unwashed masses, deliver varied/informative/interesting presentations on a wide variety of InfoSec/hacking/technology/science topics, and mix in enough entertainment and side contests/challenges to make for a truly fun event. It will be taking place March 19th through the 21st in Raleigh, NC, USA.
d37ce9a9a0e681a2495bd9a44186a96747fb28e3b6df4b42e705648c7ee0974aMaketh is a packet generator that supports forging ARP, IP, TCP, UDP, ICMP and the ethernet header as well.
325da8538e0e34d2682f3a8fb2229a5d92ad2ad2e0e8e3a7c5f5441588e26dbfSSHatter is a remote brute force utility that attempts every password from a given list against a target.
9c288bea73f302b726bbb13e21594df22b82f73f874f130fb60e626f3abd3b2aEz Blog version 1.0 suffers from cross site scripting and cross site request forgery vulnerabilities.
3d9e37e3bdeb6770d78c3b68ed2d7f630982582b970bd980f31705e123d8eb6bVMware Security Advisory - VMware vCenter and ESX update releases address cross-site scripting issues in the Help functionality of WebAccess. A vCenter Lab Manager release addresses the same issues which are present in the online Help functionality of Lab Manager and Stage Manager.
ad97ee3f858b24c20ef37b479f25daa1664aa5fbbf27474c52ab0f780f5a519bEz Cart version 1.0 suffers from multiple cross site request forgery vulnerabilities.
486f84047b0def23ef93831af538d10e14718af218ad1c58de9cfd9e95bddc18SitioOnline suffers from a remote SQL injection vulnerability.
645dd628d6fa339d16d045b6aec3f3cf815b686c6ec79e9f7ed93383d259d0e1DesigNsbyjm CMS versions 1.0 and below suffer from a remote SQL injection vulnerability.
3b177d14ab9abda4ac27844655b68d31929cc8f51fbfa70d664b0080757618c4Mandriva Linux Security Advisory 2009-333 - NULL Bytes in SSL Certificates can be used to falsify client or server authentication. This only affects users who have SSL enabled, perform certificate name validation or client certificate authentication, and where the Certificate Authority (CA) has been tricked into issuing invalid certificates. The use of a CA that can be trusted to always issue valid certificates is recommended to ensure you are not vulnerable to this issue. Privilege escalation via changing session state in an index function. This closes a corner case related to vulnerabilities and CVE-2007-6600. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities.
b0183b27a8fc7627f3bd44ab708862e840411e39f26ee2fa2b5bfe9cb3094727Ez Faq Maker version 1.0 suffers from cross site scripting and cross site request forgery vulnerabilities.
e979b9e9de3a4c6d4bdfedf7f9823e62f169374179b0d89faefa81109155ebb8Orkut suffered from a cross site scripting vulnerability.
db1549deb503e0b9be8f7cda798c073812d06cd25c35097adc9392f8943a4b0fEz News Manager version 1.0 and Ez News Manager Pro version 1.0 suffer from a cross site request forgery vulnerability.
6f5257f1e963893c7c5c2b25a8b3b7c6e7f12d22d06386e129509ef4cfb369a9Daloradius suffers from a cross site scripting vulnerability.
7ed9b3d402b2f1b18f0d9188b3bdc0b2f0feaf14554e47819d2db1f82dd06f27Debian Linux Security Advisory 1952-2 - Security support for asterisk, an Open Source PBX and telephony toolkit, has been discontinued for the oldstable distribution (etch). The current version in oldstable is not supported by upstream anymore and is affected by several security issues. Backporting fixes for these and any future issues has become unfeasible and therefore we need to drop our security support for the version in oldstable. We recommend that all asterisk users upgrade to the stable distribution (lenny).
021275fdf9e51fcec29ac84ce415ca00deeda476db1897193b4a0a11f4097b57Debian Linux Security Advisory 1952-1 - Several vulnerabilities have been discovered in asterisk, an Open Source PBX and telephony toolkit.
faf28e0f95aa626b6c760797521d9fa403127fec95339438e518b3884089b3b6ClickTrackerASP suffers from a remote SQL injection vulnerability in sitedetails.asp.
d2d418a68891c16750e95f7ddb92bfb20159995c37d45fdb8415dc9587b09f1cLinkPal version 1.0 suffers from a remote SQL injection vulnerability.
0bf6e3d01af58b012f999de5ca498262b2c73a89758ecbc5ac0a30a1a176254dDubSite CMS version 1.0 suffers from a cross site request forgery vulnerability.
37dfa00e0df1ed684660b0f815d142220760ab688b11387a59c89a1cff04496eDebian Linux Security Advisory 1951-1 - It was discovered that firefox-sage, a lightweight RSS and Atom feed reader for Firefox, does not sanitize the RSS feed information correctly, which makes it prone to a cross-site scripting and a cross-domain scripting attack.
c80f82a7197eb6d7e81f60bc024f5721e4cab0e085e58e6e4fe6d74ada0b6bc1Trango Broadband Wireless suffers from an authentication vulnerability that allows for interception of ethernet packets.
23cbf9b6894731923d58fd80f00fae75f0581ee7446c33e24eea70f97e735b1cImageshack.us suffers from a cross site scripting vulnerability.
f8fd72b551947dc94d879b61782c579ae459c53e15878345ad260da2c77f2b00PasswordManager Pro version 6.1 suffers from a script injection vulnerability.
97a0692fe921ee6828b4f509b527f663ac5568530560b276cdbfd024d50bca26WSCreator version 1.1 suffers from a remote blind SQL injection vulnerability.
4fd851f098147fa6c93f94ef2c84f7f5ba5e8d31b889d3255c53d187662a8418pyForum version 1.0.3 suffers from cross site scripting and cross site request forgery vulnerabilities.
73b24a6183e043a15a27f30db6601bc79574df6fd6831a1c33404044a920c174This small perl script is a generic random remote fuzzer.
f4bddba1bc5967ea0646d047d5e4b798651d79d68b89137957542fd3a0fcb94b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed