what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

ME Firewall Analyzer 7.2 Cross Site Scripting
Posted Apr 1, 2012
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

ME Firewall Analyzer version 7.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 807a36ac94fbdfe7f86cd18c5af686679dbbcf0c989ee602fbb46548adfb50dc

Related Files

Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
Posted Aug 8, 2012
Authored by sinn3r, Mario Ceballos, Jonathan Claudius, Tanya Secker | Site metasploit.com

This exploits an insecure config found in Scrutinizer NetFlow & sFlow Analyzer. By default, the software installs a default password in MySQL, and binds the service to "0.0.0.0". This allows any remote user to login to MySQL, and then gain arbitrary remote code execution under the context of 'SYSTEM'. Examples of default credentials include: 'scrutinizer:admin', and 'scrutremote:admin'.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2012-3951, OSVDB-84317
SHA-256 | 61e06a2fa99c7125dcd2af5faeafdcb8556b0880070d66206fa0180b420ee612
Secunia Security Advisory 50074
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been discovered in Scrutinizer NetFlow and sFlow Analyzer, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
SHA-256 | eb4bc7c7983fbc936d2f8fc9acc61b3ad6789d493a3111747661dfc717954d3c
Scrutinizer NetFlow / sFlow Analyzer 9.0.1 XSS / Bypass / File Upload
Posted Jul 29, 2012
Authored by Mario Ceballos, Jonathan Claudius | Site trustwave.com

Scrutinizer NetFlow and sFlow Analyzer versions 9.0.1 and below suffer from bypass, cross site scripting, and remote file upload vulnerabilities. It also has undocumented MySQL admin users.

tags | exploit, remote, vulnerability, xss, file upload
advisories | CVE-2012-2626, CVE-2012-2627, CVE-2012-3848, CVE-2012-3951
SHA-256 | 5bbd69706e38d6f70c41925cdab4681651c0862b6cc58df5c29389f62daf07d3
Secunia Security Advisory 49829
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Hitachi has acknowledged a vulnerability in Hitachi IT Operations Analyzer, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | f41915f00a8270e10966603ead09bedd7362a4dd87ac0e6894e93da0fb3a36c9
Secunia Security Advisory 49574
Posted Jun 22, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adiscon LogAnalyzer, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 5716f0096bf422650b6e4a56a898977ef95ff28ae05be2944c1a552cbfe7e842
Red Hat Security Advisory 2012-0841-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0841-04 - ABRT is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-4088, CVE-2012-1106
SHA-256 | bd72154a1c7c9f34d01a0388a2d739ac8d018b2bd3b877ce4278e6dd64c6a0a6
LogAnalyzer 3.4.2 Cross Site Scripting / SQL Injection / File Read
Posted May 25, 2012
Authored by Filippo Cavallarin

LogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, xss, sql injection
SHA-256 | 20e0cd6da8ae12e950d981ee3947ff25853bdc8fedef7053293f570dfee099d1
Secunia Security Advisory 49223
Posted May 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Codseq has discovered multiple vulnerabilities in Adiscon LogAnalyzer, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | b53f4c7909bd71be210b970d4fd281b79f3a83074200830f5fdf510e1b6caa91
Secunia Security Advisory 48761
Posted Apr 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tanya Secker has discovered multiple vulnerabilities in Scrutinizer NetFlow and sFlow Analyzer, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks and bypass certain security restrictions.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | d2d4ed57a43dd9a9f773f04f9cecd8ae974304d7813230da246b204b04424cf3
Scrutinizer 8.6.2 Bypass / Cross Site Scripting / SQL Injection
Posted Apr 12, 2012
Authored by Tanya Secker | Site trustwave.com

Scrutinizer NetFlow and sFlow Analyzer version 8.6.2 suffers from authentication bypass, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2012-1258, CVE-2012-1259, CVE-2012-1260, CVE-2012-1261
SHA-256 | 86781806a8d76416882371c450d483f0f4d9a6334ea56d9463f55a227d424643
Secunia Security Advisory 48795
Posted Apr 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tanya Secker has discovered a vulnerability in Scrutinizer NetFlow and sFlow Analyzer, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | b2ff4d749daacd17a86c4b8616be739c564b76c8235bf5d349e1a31bd76f1ba2
Secunia Security Advisory 48657
Posted Apr 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Vulnerability Lab has discovered multiple vulnerabilities in ManageEngine Firewall Analyzer, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 85c7aceedbc32bcf9f5be43abc3bf5c24408c9c3bff579d6e029278f00c9a10d
Secunia Security Advisory 48556
Posted Mar 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Hitachi IT Operations Analyzer, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 055f9f461ce2e8132158b40bf968074da5b54b27e62b0b0c7038f723404570d3
Debian Security Advisory 2395-1
Posted Jan 27, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2395-1 - Laurent Butti discovered a buffer underflow in the LANalyzer dissector of the Wireshark network traffic analyzer, which could lead to the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2011-3483, CVE-2012-0041, CVE-2012-0042, CVE-2012-0066, CVE-2012-0067, CVE-2012-0068
SHA-256 | db5d52a2cbb18e449cd474aa792a53fcfd3c5a2b03ecd9e99dfbe43ca1a56237
Secunia Security Advisory 47467
Posted Jan 10, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Hitachi IT Operations Analyzer, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | ce4610f11086d9231fe07460b6ce095571fb543acb42fe387521d64fe281c034
Ostinato Traffic Generator 0.5 Source Code
Posted Dec 7, 2011
Authored by Srivats P | Site code.google.com

Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the source code release.

Changes: Improved maximum traffic generation rates. Added support for many things. Various bug fixes and other improvements.
tags | tool
systems | unix
SHA-256 | 6352a7f68b6f325e14965c399357591a7967cf3f94b01e84c3b50cc40feebb1d
Ostinato Traffic Generator 0.5 Windows Binary
Posted Dec 7, 2011
Authored by Srivats P | Site code.google.com

Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the Windows binary release.

Changes: Improved maximum traffic generation rates. Added support for many things. Various bug fixes and other improvements.
tags | tool
systems | windows
SHA-256 | f5253935e65bded169b9eb1520383ec1ef681017576cffd49e913ce86360e776
Ostinato Traffic Generator 0.5 Mac OS X
Posted Dec 7, 2011
Authored by Srivats P | Site code.google.com

Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the Mac OS X release.

Changes: Improved maximum traffic generation rates. Added support for many things. Various bug fixes and other improvements.
tags | tool
systems | apple, osx
SHA-256 | b7e6bb1ee16faf6bfd26776d9d1ff947783c70e5a3d0cad08b8fa740360e6131
Firewall Log Watch 1.3
Posted Nov 15, 2011
Authored by Boris Wesslowski | Site kyb.uni-stuttgart.de

fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.

Changes: This release adds IPv6 support for netfilter, dns cache initialization, and ASA parser extensions.
tags | tool, web, firewall
systems | cisco, linux, unix, solaris, irix, bsd, hpux
SHA-256 | da806dbaaa56fdfd36a208b15bfeccaa0531f0789ad1355e43c047523ea60a48
Secunia Security Advisory 46020
Posted Nov 6, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in FortiNet FortiAnalyzer, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | da251bb3e5bfaecf28ff85e02b39e99778fe6a9a3c68f62b95bbc8721d03f4c4
SAP DIAG Decompress Plugin For Wireshark 0.1b
Posted Oct 17, 2011
Authored by Alexander Anisimov | Site ptresearch.blogspot.com

SAP DIAG Plugin extends the basic functionality of the WireShark network packet analyzer and provides additional features of SAP DIAG protocol analysis. This extension allows one to collect and decompress SAP DIAG packets in the course of interaction between SAP Front-end client software and SAP application servers. To install you must copy plugin pt_sap_diag_wireshark_plugin.dll in folder %WiresharkInstallDir%/plugins/%version%.

tags | protocol, library
SHA-256 | 71b7091784b0e766fa93438f71e44dfd4531729520e52c51315fc46a5cd26b60
FortiAnalyzer Appliance Cross Site Scripting
Posted Sep 13, 2011
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

FortiAnalyzer Appliance suffers from cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | c0e3048326f3314f8001e5a5642d92e40a25d98ed6db5d39e9a82a38198bc72f
ME Firewall Analyzer 7.1 Cross Site Scripting
Posted Sep 8, 2011
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

ME Firewall Analyzer version 7.1 suffers from persistent cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 22f34bf28a703e508eadfc9804206d917783cf642f3c48338853e9308864817e
Secunia Security Advisory 44786
Posted Jun 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Hitachi has acknowledged a vulnerability in Hitachi IT Operations Analyzer and Director, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 5ce1921b0475fc79824c2bd52b5ea4fa9d458c6f72a1fe8a8fe08ee55e89c6cb
Glyptodon File System Analyzer 1.2
Posted May 9, 2011
Authored by Emeric Nasi

Glyptodon is a little file-system analyzer for Linux systems. It is written in bash and it comes with an installer to make it run everyday automatically. This script writes some general information about file permissions, socket, ownership, etc. It also verifies the file-system for potential risks, such as set-uid files, world writable files, symlinks nouser files, etc.

tags | tool, bash
systems | linux, unix
SHA-256 | 0c9a68bfb2e52bdc81f2316f067d7f264897eb737ada4467537a3e3f11c576b8
Page 1 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    0 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close