exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

PRTG Network Monitor 7.1.3.3378 Cross Site Scripting
Posted Mar 1, 2019
Authored by Rafael Pedrero

PRTG Network Monitor version 7.1.3.3378 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-9206, CVE-2019-9207
SHA-256 | 929aabab18dd36ddc0d64df2ed1835203b3bfafb3b51f2c7989ed4531b579fda

Related Files

Zero Day Initiative Advisory 11-246
Posted Jul 30, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-246 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase Adaptive Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way Sybase Backup and Monitor servers handles certain data in the login packets. Malformed packets can cause the service in question to write a NULL byte on the stack which can be leveraged by a remote attacker to execute code under the context of the running service.

tags | advisory, remote, arbitrary
SHA-256 | 525d12ef9dcc8cc2e5dc96c1991ef7b8a03b2480d4d6e79b8ffdb56c08950dae
Zero Day Initiative Advisory 11-245
Posted Jul 30, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-245 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase Adaptive Server Enterprise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way Sybase Backup and Monitor servers handle certain data in the login packets. Malformed packets can cause the service in question to lookup a function pointer outside a predefined function pointer array. It is possible to set this function pointer to an address where user controlled data exists and this will result in code execution under the rights of the user running the Monitor Server.

tags | advisory, remote, arbitrary, code execution
SHA-256 | a33a5097372aa85175aa3ce715085578d3c1258260b45dacbedcb9fe9a6fb67a
Imperva's Web Application Attack Report July 2011
Posted Jul 27, 2011
Authored by Imperva | Site imperva.com

As a part of its ongoing Hacker Intelligence Initiative, Imperva's Application Defense Center (ADC) observed and categorized attacks across 30 applications as well as onion router (TOR) traffic, monitoring more than 10 million individual attacks targeted at web applications over a period of six months. This report discusses and analyzes their findings.

tags | paper, web
SHA-256 | d8446dc2813a8f3f673ae8f51f4af9ade74f8848efa267da16853c3e1e98f85f
Red Hat Security Advisory 2011-1005-01
Posted Jul 21, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1005-01 - The sysstat package contains a set of utilities which enable system monitoring of disks, network, and other I/O activity. It was found that the sysstat initscript created a temporary file in an insecure way. A local attacker could use this flaw to create arbitrary files via a symbolic link attack.

tags | advisory, arbitrary, local
systems | linux, redhat
advisories | CVE-2007-3852
SHA-256 | 67b1dcce5be13e37cd2984523d1ddf937e78182e6e8cb6deeab1273daf93197d
Tenshi Log Monitoring Program 0.13
Posted Jul 14, 2011
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Added threshold feature for discarding logs with count below specified value. Fixed broken queue flushing on exit. Various other improvements.
tags | system logging
systems | unix
SHA-256 | a0b9e0ca95eec52b9bbf0c29529435da64af9b3dfa943dbeca0cd77bf223edf2
Security Implications Of IPv6 Extensions Headers With Neighbor Discovery
Posted Jun 1, 2011
Authored by Fernando Gont | Site ietf.org

IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers.

tags | paper, local
SHA-256 | ae1239dbe215828238bde7e4d18f0fa35e3f33bfb61ed97549a17cb1ea60cd42
ZoneMinder Video Camera Security Tool 1.24.4
Posted May 31, 2011
Authored by Philip Coombes | Site zoneminder.com

ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.

Changes: This release primarily addresses a number of system and configuration issues that arose from 1.24.3, but also includes significant improvements to version management and upgrades.
tags | web
systems | linux, unix
SHA-256 | 63cd333011cdd550c0a27631a8353e140b57da531c51c13539a22cf06043130b
Mandriva Linux Security Advisory 2011-093
Posted May 19, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-093 - gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor. The updated packages have been patched to correct this issue.

tags | advisory
systems | linux, mandriva
advisories | CVE-2010-0285
SHA-256 | 133358eb9b1e3342049c27a40590ee8e54c1d3400f66cf8890d620267994722f
ZoneMinder Video Camera Security Tool 1.24.3
Posted May 18, 2011
Authored by Philip Coombes | Site zoneminder.com

ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.

Changes: This long awaited release brings improved compatibility with a number of updated third party packages. There were many reliability and performance updates plus a number of new features and fixes. A contributed iPhone interface was included.
tags | web
systems | linux, unix
SHA-256 | fa766fe30723a4ead11423eaaadb48810a1c500231d02e5f06181a0e9f4ab51a
Samhain File Integrity Checker 2.8.4a
Posted May 12, 2011
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: A regression has been fixed that under certain circumstances would cause samhain to hang when reloading the configuration file. A compile error in the samhain_hide.ko kernel module has been fixed. A contributed patch for samhainadmin.pl has been included that allows you to specify the location of the secret keyring. The (l)stat timeout has been increased to fix spurious timeouts under heavy load. The Apache log file parser has been enhanced to allow the insertion of arbitrary regexes into the format definition. New options allow you to define the port range for the open ports check.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | cc95d1e84d5b9148291c292070e03babbd1b1a9329a594602e0fa0c9a6633e1b
Network Protocols And Algorithms Call For Papers
Posted May 3, 2011
Site macrothink.org

A Call For Papers for Network Protocols and Algorithms has been announced. Network Protocols and Algorithms is a free-access online international journal, peer-reviewed and published by Macrothink Institute. It publishes papers focused on the design, development, manage, optimize or monitoring any type of network protocol, communication system, algorithm for communication and any protocol and algorithm to communicate network devices.

tags | paper, protocol, conference
SHA-256 | 69d3d8af620a0172ec05f8c775ee0f18bbc47179e2fe92e7407bc6e16d1ee5d1
Secunia Security Advisory 44346
Posted Apr 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - James Burton has discovered a vulnerability in Up.Time Monitoring Station, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 8c801b13a918da8f5e0d92e2786f5b5da6b097a796fd71617478df767d461b5a
Malheur Malware Analyzer 0.5.0
Posted Apr 20, 2011
Authored by Konrad Rieck | Site mlsec.org

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.

Changes: All configuration parameters can be specified on the command line. The manual page and documentation have been updated and extended. Minor bugs have been fixed.
tags | tool, forensics
systems | unix
SHA-256 | 3be1c2c3ddf9fa21e38ce94750996f036a69b033f1baf6d76c0a960a040fd74e
Secunia Security Advisory 44043
Posted Apr 11, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability with unknown impact in IBM Tivoli Monitoring.

tags | advisory
SHA-256 | b4d6069e426a25db12c199bb0bbf8aa422382313fa55762cd42c7ef2936d28c6
AgentSmith Log Monitor 0.2
Posted Apr 10, 2011
Authored by Rafael Ostertag | Site guengel.ch

agentsmith is a daemon that continuously monitors a log file for break-in attempts by remote hosts. Upon detection of a break-in attempt, it launches a user defined script or application, which can do virtually anything from sending mail messages to whatever else you might think of. The criteria for what is considered a break-in attempt can be configured by means of a regular expression.

Changes: New features are IP address exclusion and exchange of host information between remote agentsmith instances.
tags | remote
systems | unix
SHA-256 | 38f56dbf017f6cb260c4abf55f422fe540e95a4058f589a88f6314183e1d8435
Samhain File Integrity Checker 2.8.3a
Posted Mar 23, 2011
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Samhain now runs lstat/stat calls in a subprocess to avoid getting blocked by hanging NFS mounts. A compile error on Windows/Cygwin as well as minor networking issues have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | e39d3eff755a71deca8fd07ef36e2abcce5e3da5fca10682c30721ab94df7c01
Debian Security Advisory 2193-1
Posted Mar 17, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2193-1 - Several issues have been discovered in libcgroup, a library to control and monitor control groups.

tags | advisory
systems | linux, debian
advisories | CVE-2011-1006, CVE-2011-1022
SHA-256 | 40fcf028da92f70eff44c87096e51147d2b810162614fe7325a0ebea1a4cfe2c
Sagan Log Monitor 0.1.8
Posted Mar 17, 2011
Authored by Champ Clark III | Site sagan.softwink.com

Sagan is multi-threaded, real-time system- and event-log monitoring software, but with a twist. Sagan uses a "Snort" like rule set for detecting nefarious events happening on your network and/or computer systems. If Sagan detects a "bad thing" happening, it can do a number of things with that information. Sagan can also correlate the events with your Intrusion Detection/Intrusion Prevention (IDS/IPS) system and basically acts like an SIEM (Security Information and Log Management) system.

tags | tool, sniffer
systems | unix
SHA-256 | e5db2b48632f159cc60a9a8e844140ef425c17ccade7bc2eecbe444fd5897ae1
Secunia Security Advisory 43509
Posted Mar 14, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Tivoli Monitoring, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 92e9b768bddc2cac3e86dfd6b5f2c4d0739332663f0b715e3192a66dc3dbd85e
Secunia Security Advisory 43355
Posted Mar 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities and a weakness have been reported in Tembria Server Monitor, which can be exploited by malicious, local users to disclose sensitive information and by malicious people to conduct cross-site scripting attacks.

tags | advisory, local, vulnerability, xss
SHA-256 | 7b463ca791d3a64388e8073aeba3f08c5a3997a46f858547b606328e280b26e9
Samhain File Integrity Checker 2.8.2
Posted Feb 16, 2011
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: It is possible now to skip checksumming for files matching user-defined criteria (based on file size, permission, name, and/or file type). Several minor bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | e540629c6ff9fde640ac60a02cfab398a398992ca4c964d45644c176ae77aba1
Tembria Server Monitor Weak Cryptographic Password Storage
Posted Feb 15, 2011
Authored by Rob Kraus | Site solutionary.com

A vulnerability exists in the Tembria Server Monitor application allowing an attacker to easily decrypt usernames and passwords used to authenticate to the application. This is a second level attack that requires access to the password files stored within the application directory.

tags | advisory
SHA-256 | 163a065cfecd676df474c29e1bd95914935a34327f5d1ac24420581f6c99a5ae
Tembria Server Monitor Cross Site Scripting
Posted Feb 15, 2011
Authored by Rob Kraus, Jose R. Hernandez | Site solutionary.com

Tembria Server Monitor suffers from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | bd43f55446ef0b1ec184ba04169d7ae96d5669d34c462d144c86fcb05e1fc3d3
Secunia Security Advisory 43076
Posted Jan 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in PRTG Network Monitor, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 1c0a791fad46576a02e0ffd89acd6201cf9e0d0c022646a6ea1283014ad22eb5
ARP Alert 2.0.11
Posted Jan 13, 2011
Authored by Thierry Fournier | Site perso.numericable.fr

arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.

Changes: Updated error in man. Minor orthographic correction in doc. Fixed erase of configure when make mrproper is called.
tags | local
systems | unix
SHA-256 | d3166f0de57729902d84a61626794494c4eac80ee58241d07c813809328e62cd
Page 4 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    47 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close