what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

PRTG Network Monitor 7.1.3.3378 Cross Site Scripting
Posted Mar 1, 2019
Authored by Rafael Pedrero

PRTG Network Monitor version 7.1.3.3378 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-9206, CVE-2019-9207
SHA-256 | 929aabab18dd36ddc0d64df2ed1835203b3bfafb3b51f2c7989ed4531b579fda

Related Files

Secunia Security Advisory 46228
Posted Oct 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in IBM Tivoli Monitoring, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks.

tags | advisory, spoof, vulnerability, xss
SHA-256 | c9355899cf72d568f3bba4e7b528da2fe6a828da748609b2ea9443c37b144b30
HWK Wireless Auditing Tool 0.3.1
Posted Oct 21, 2011
Authored by atzeton | Site sourceforge.net

hwk is used for wireless audits, fuzzing and stress testing under Linux. It provides various modes as wireless deauthentication and authentication flooding using a monitor mode interface as well as probe response and beacon fuzzing. Furthermore it comes with some basic injection testing and focusing modes.

tags | tool, wireless
systems | linux, unix
SHA-256 | fd8f96435bfbc2c8b9e273632f1b0d1579d7413d749d7fc059f09193858d585e
ICIMP 2012 Call For Papers
Posted Oct 7, 2011
Site iaria.org

ICIMP 2012, The Seventh International Conference on Internet Monitoring and Protection, Call For Papers has been announced. It will take place May 27th through June 1st, 2012 in Stuttgart, Germany.

tags | exploit
SHA-256 | 0234447e2945a126c837b75adea302129c710c8a748994730ebd93ab6477410e
Secunia Security Advisory 46150
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Benjamin Kunz Mejri has discovered multiple vulnerabilities in ServersCheck Monitoring, which can be exploited by malicious, local users and malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.

tags | advisory, local, vulnerability, xss, csrf
SHA-256 | 2ca41295eaa6d5058cc299414b13d56c1fec82d3cb9743de7f2447cdb583a458
Secunia Security Advisory 46281
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in ServersCheck Monitoring, which can be exploited by malicious users to disclose sensitive information and conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | c12f2b4f0bd5f3e1bfe8e5f93068a17f60e421370cfdbe7e440fdf2437b61a5a
Spying On Internet Explorer
Posted Oct 2, 2011
Authored by High-Tech Bridge SA | Site htbridge.ch

Malicious software also known as "Malcode" or "Malware" can compromise the security and functionality of a program. Once "installed" it monitors the user’s habits. This documents introduces this kind of threats by spying a widespread internet browser.

tags | paper
SHA-256 | 2a6bfafdf205655b130fbe757bf585521958b3e381ba17c01acc6d355d95c869
ServersCheck Monitoring 8.8.6 Session Hijacking / XSRF
Posted Sep 27, 2011
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

ServersCheck Monitoring version 8.8.6 suffers from cross site request forgery, cross site scripting, and session hijacking vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | a4580aa1b7b69c5fa20a1b2be64aa2e2234207839e8d100a27b6253627c6b167
Ubuntu Security Notice USN-1197-6
Posted Sep 23, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1197-6 - USN-1197-1 and USN-1197-3 addressed an issue in Firefox and Xulrunner pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides an update for Qt that blacklists the known fraudulent certificates. USN-1197-1 It was discovered that Dutch Certificate Authority DigiNotar had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.

tags | advisory
systems | linux, ubuntu
SHA-256 | ffcdd5bd50bb293ea8bfd41f16c5b291b1012994e0b0446df4dcd98cdd52ba28
Samhain File Integrity Checker 2.8.6
Posted Sep 20, 2011
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: A bug with the correlation of entries in monitored log files has been fixed, and a deadtime option has been added to avoid repetitive reports. In verbose mode, the policy under which a directory or file is monitored will be reported now. The update function has been enhanced with an option to update only files listed in a text file, and issues with some compile options have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | c71c06d052de6a783eedb485e434d82046b0bbd0739f450566ee8f309ec2bcb7
Secunia Security Advisory 45995
Posted Sep 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gustavo Roberto Rodrigues Goncalves has discovered a vulnerability in Orion Network Performance Monitor, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | eb8fd66d8072845aad3e4af5f5cfbc16d18df77038a0aede856fb5e8867d33d4
Cisco Security Advisory 20110914-cusm
Posted Sep 14, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Two vulnerabilities exist in Cisco Unified Service Monitor and Cisco Unified Operations Manager software that could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

tags | advisory, remote, arbitrary, vulnerability
systems | cisco
advisories | CVE-2011-2738
SHA-256 | 60f64f878c6e3dae9e0b096b560a4e86328ac006294b203fc5ed04649eb4d281
Ubuntu Security Notice USN-1197-5
Posted Sep 9, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1197-5 - USN-1197-1 addressed an issue in Firefox and Xulrunner pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides the corresponding update for ca-certificates. It was discovered that Dutch Certificate Authority DigiNotar, had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.

tags | advisory
systems | linux, ubuntu
SHA-256 | 65cf1792f7a4dd38c9c5bf612f354a54cb4983de28f468427142e9874d7aa170
Ubuntu Security Notice USN-1197-4
Posted Sep 9, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1197-4 - USN-1197-1 and USN-1197-3 addressed an issue in Firefox and Xulrunner pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides the corresponding update for the Network Security Service libraries (NSS). USN-1197-1 It was discovered that Dutch Certificate Authority DigiNotar, had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.

tags | advisory
systems | linux, ubuntu
SHA-256 | 2fa3d9961038c477b07ac26e41cda71fa80220ec29136cc74f18296bca564134
Secunia Security Advisory 45895
Posted Sep 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Avaya Contact Recording and Quality Monitoring, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 4b2d8e8184fe8989aefe72beb0c3bd898593aa8edfdb48cd301f81d6f93aa482
Red Hat Security Advisory 2011-1250-01
Posted Sep 8, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1250-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Grid provides high-throughput computing and enables enterprises to achieve higher peak computing capacity as well as improved infrastructure utilization by leveraging their existing technology to build high performance grids. MRG Grid provides a job-queueing mechanism, scheduling policy, and a priority scheme, as well as resource monitoring and resource management. Users submit their jobs to MRG Grid, where they are placed into a queue. MRG Grid then chooses when and where to run the jobs based upon a policy, carefully monitors their progress, and ultimately informs the user upon completion.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-2925
SHA-256 | 8c2616ac9e524393d3e0a399d8392a2fd9e44339325db6f540fe7888b9712a12
WebWatchBot Monitor 5.1.16 Divide By Zero
Posted Sep 8, 2011
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

WebWatchBot Monitor version 5.1.16 suffers from a divide by zero vulnerability.

tags | advisory
SHA-256 | c9d43a63f553f608ae984cbf09518892cabbf8f7e41a84c85d577e92a07af479
Ubuntu Security Notice USN-1197-3
Posted Sep 7, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1197-3 - USN-1197-1 partially addressed an issue with Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update actively distrusts the DigiNotar root certificate as well as several intermediary certificates. Also included in this list of distrusted certificates are the Staat der Nederlanden root certificates. It was discovered that Dutch Certificate Authority DigiNotar, had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.

tags | advisory, root
systems | linux, ubuntu
SHA-256 | 47f3b7beea1ebda82bd84a63554db1cecbeaa71f2dd97be15a3817c726e46203
Zero Day Initiative Advisory 11-279
Posted Sep 2, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-279 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Witness Systems eQuality Suite. This application is bundled with Nortel Contact Recording and Quality Monitoring Suite. Authentication is not required to exploit this vulnerability. The flaw exists within the Unify2.exe component which listens by default on TCP port 6821. When handling a packet type the process trusts a remaining packet length value provided by the user and blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | c5b7f7de67ca75c73da4296bc399ab55cec0f59dd665fc9c0582effcba399aa6
ZoneMinder Video Camera Security Tool 1.25.0
Posted Sep 2, 2011
Authored by Philip Coombes | Site zoneminder.com

ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.

Changes: This release is mainly focused around a complete rewrite of the logging and debug functionality, which now includes a Web log viewer and fully consolidated logging. Support has also been added for SFTP in event uploads. There are also a small number of other useful new features and fixes.
tags | web
systems | linux, unix
SHA-256 | ec63ef47d8f4cb8af21a3bc84ff1de6968805146682dd7f10982bde975d9bb5d
Ubuntu Security Notice USN-1197-1
Posted Sep 1, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1197-1 - It was discovered that Dutch Certificate Authority DigiNotar, had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
SHA-256 | fd76e255f1d4a7bca86eae44ae57d1918bdd583af5e7a0b929620db8d1e6ef53
Malheur Malware Analyzer 0.5.2
Posted Aug 30, 2011
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: Another major bug due to libconfig changes has been fixed.
tags | tool, forensics
systems | unix
SHA-256 | ca0c50fbc6f33874be11bc7f129e882084b6149cfd3b0dec1cf4936313a1953a
Malheur Malware Analyzer 0.5.1
Posted Aug 25, 2011
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: A major bug in the parsing of configuration files has been fixed.
tags | tool, forensics
systems | unix
SHA-256 | b23a4c2300216b322fc2b40a1624a3b7d197ae9f6f944b0f4fb13625af635734
Zorp Proxy Firewall Suite 3.9.2
Posted Aug 24, 2011
Authored by Balazs Scheidler | Site balabit.com

Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.

Changes: Proxies have been added (POP3 and SMTP). The program stacking feature is extended (decisions can be made about the traffic based on the result returned by an external program).
tags | tool, firewall
systems | unix
SHA-256 | fa7153f409e721608f962300415cd744516afae4772594ad9b060ca5a0cf7718
Sagan Log Monitor 0.2.0
Posted Aug 23, 2011
Authored by Champ Clark III | Site sagan.softwink.com

Sagan is multi-threaded, real-time system- and event-log monitoring software, but with a twist. Sagan uses a "Snort" like rule set for detecting nefarious events happening on your network and/or computer systems. If Sagan detects a "bad thing" happening, it can do a number of things with that information. Sagan can also correlate the events with your Intrusion Detection/Intrusion Prevention (IDS/IPS) system and basically acts like an SIEM (Security Information and Log Management) system.

Changes: This is primarily a bug fix / stability release. This release addresses many issues.
tags | tool, sniffer
systems | unix
SHA-256 | cda2d1e4c0e93403469d21af672957302eabebade346a1f67036ae7427f3e399
NDisc6 Discovery Tools 1.0.2
Posted Jul 31, 2011
Authored by Remi Denis-Courmont | Site remlab.net

ndisc6 consists of three command line tools (ndisc6, rdisc6, and traceroute6) that perform ICMPv6 Neighbor Discovery, ICMPv6 Router Discovery, and IPv6 tcptraceroute/traceroute respectively. It is primarily meant for IPv6 networking diagnostics and monitoring.

Changes: rdisc6 prints RA ND proxy bit and RA prefix flags. rdnssd checks for errors while dropping privileges. Compilation on BSD has been fixed.
tags | tool, scanner
systems | unix
SHA-256 | 6acec8a0cb9efa3ac98456f46c3016aeec0598b0c7557c95242b5228ad62ca7a
Page 3 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close