Many Moxa devices suffer from command injection, cross site scripting, and outdated software vulnerabilities.
91e5218cfa2c2452c1da0918b3b85328aad5bcf76352c949affc7a9a10a95a39
Explanation of how to exploit the rpc.sadmind bug on Solaris.
39930a280c144ab14cfd240d0a929369a2f7e68dfed059b8f4c01fda84a4ba71
The Sambar web server version 4.3 Beta 2 is vulnerable to remote buffer overflow. Dos example included.
e480e4ea52df200307b608978e22215ea04221336cc1ca0297728e71575dd718
S.A.F.E.R. Security Bulletin 000317.EXP.1.5 - Remote user can obtain list of directories on Netscape. Netscape Enterprise Server with 'Web Publishing' enabled can be tricked into displaying the list of directories and subdirectories, if user supplies certain 'tags'.
28a1f7d9a52e29f7b6c7169a7703161db67a48f4e7b0b0a67e10192242dcf897
SAINT is the Security Administrator's Integrated Network Tool. It gathers as much information about remote hosts and networks as possible by examining all network services and potential security flaws. The collected data can then be analyzed using a simple rules-based system (or via other included interfaces). In Exploratory Mode, SAINT will examine the avenues of trust and dependency and iterate further data collection runs over secondary hosts.
3ed56d6e659e9869b72c8bc2a139fecf85d29513d1ca30c1a20a879e99e47e08
SAINT is the Security Administrator's Integrated Network Tool. It gathers as much information about remote hosts and networks as possible by examining all network services and potential security flaws. The collected data can then be analyzed using a simple rules-based system (or via other included interfaces). In Exploratory Mode, SAINT will examine the avenues of trust and dependency and iterate further data collection runs over secondary hosts.
3c8cc7118dee3c4bbbe8623ee0d7d297235a4fc410844b8c04e9920b3c091a98
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
0da6410defc45031c92c0716861617f1cd069faa6027c42515377d421d828a1c
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
d538800c967a63a4ed1ebc5d086124ac73eea401187ce93d55555b2a31379a2d
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
fc986312f5e6c0bd77ad5e86bf4720d9be62f158e125bd2e7f5409a06ece49bf
S.A.F.E.R. Security Bulletin 000309.EXP.1.4 - StarOffice comes with a nice groupware server, called StarScheduler, which includes a web server that is vulnerable to several security problems, leading to remote code exection and root access.
20d5c4fc9990de97aeb124f4e5c58bf4dce2d6d9da6be61b3c34503af0ffcd43
SAINT is the Security Administrator's Integrated Network Tool. It gathers as much information about remote hosts and networks as possible by examining all network services and potential security flaws. The collected data can then be analyzed using a simple rules-based system (or via other included interfaces). In Exploratory Mode, SAINT will examine the avenues of trust and dependency and iterate further data collection runs over secondary hosts.
5cbe1d1d292d519db4d8dc7a90e264fab5d367227a8af23f769b69c42d94e8d4
samhain is a distributed host integrity monitoring system. It consists of monitoring agents running on individual hosts, and a central log server collecting reports from these agents via authenticated TCP/IP connections. On single hosts, it is possible to run a standalone monitoring agent. Currently, agents may monitor the integrity of files and directories, and watch for login/logout events. In addition to forwarding reports to the log server, other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. samhain has been tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.
c4bec6eae7b835c7924032b004d61e27b74c80010826672f9a8458c4206485d7
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
a6111dcefd7856af7169043ad2ddb2bdba177bf2e7627961ff4c307d2f1c773e
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
0f23bcf5fe7eea7431d64bf0c70686c0cdf278cb9cdb81234a2cfead9233e81b
SAINT is the Security Administrator's Integrated Network Tool. It gathers as much information about remote hosts and networks as possible by examining all network services and potential security flaws. The collected data can then be analyzed using a simple rules-based system (or via other included interfaces). In Exploratory Mode, SAINT will examine the avenues of trust and dependency and iterate further data collection runs over secondary hosts.
22c30f6e4ee0e50307223dba75106cf14b4fffe045928e4f55e23ff9e7225e26
S.A.F.E.R. Security Bulletin 000229.EXP.1.3 - Buffer Overflow in Netscape Enterprise Server. Netscape Enterprise Server is a web server with long history of security problems. We have tested version 3.6 SP2 on Windows NT 4.0 Server edition, and found it to be vulnerable to a buffer overflow. Remote execution of code is possible.
d053aee89b0c0a4dcc75a3dbfdd74f0302c8844a94db145a8258559dc6a98329
All versions of Sambar server running under Windows NT and 2000 (95/98 not vulnerable) have vulnerabilities which allow remote command execution.
7b13bc962d27ef93b883d59d73a68c652e8b342cd4167afd0fde35917066ca60
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
1588e920c9fc1c52a983d51eea4ec9c15c628f001e4efc6b8f77a739b63c8010
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
05f97a90c0c83fb80ac39509a36683aa273b03f3d8285225520a859fd1277733
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
8884a64fffc0cd9416c3fea53f209ccab6aa8dc59e4a1e3778b2ec3341b3b68a
SAINT is the Security Administrator's Integrated Network Tool. It gathers as much information about remote hosts and networks as possible by examining all network services and potential security flaws. The collected data can then be analyzed using a simple rules-based system (or via other included interfaces). In Exploratory Mode, SAINT will examine the avenues of trust and dependency and iterate further data collection runs over secondary hosts.
b4798695c9c6f81747e3b0d24bafeefce753911336fbb95c9896d1290b729a9a
Security Administrator's Integrated Network Tool Version 1.5 beta 2 - Includes new options, including the ability to read a list of target hosts from a file. This release also has many new checks for UNIX and Windows, including nine new checks for backdoors in Windows hosts. Several bug fixes are implemented in this release, in conjunction with more efficient OS typing.
8d01e18171c155737e17050e29d7e2731bc83c7bc84124795c62caf283e239c8
SAINT, based upon SATAN, is a network security scanner which runs on Unix platforms. This version includes fixes for the y2k and timeout problems in http checks, and features the ability to scan multiple hosts, subnets, or IP address ranges. There are also new configuration options and two new severity categories, and a new check for the stacheldraht distributed denial-of-service tool.
641a040138f951d893ed2c6db68a343f94d8be62e71a7fb9cc826eb8fe5cbe33
The Savant Web Server V2.0 Win9X / NT / 2K and possibly other versions has a buffer overflow caused by a NULL Character in the parsing Get Command routine.
f700ade2ff5160a78c751d4cad90724e7efd35a4b899b49a1e49ec9a813da624
SAINT (based upon SATAN) is a free network security scanner which runs on UNIX platforms. This release includes all of the new checks found in SAINT 1.4.1 beta 1, with additional checks for sadmind, Trinoo, DRAT backdoor, SSH, and QPOP vulnerabilities. This release also fixes a number of bugs that were present in earlier versions.
bf88bdd422c8df45101172dc8a96d08b94cb7070955e97c8a943d1a46f8d749c
Samhain is a tool for monitoring the integrity of files on a single machine as well as on a network. It is easy to configure and maintains a single database (per host) for storing the signatures of files. Samhain is designed to be run as a background process, checking files periodically against the database. Reports can be written to a signed, tamper-resistant log file, and/or sent offsite by e-mail. To monitor several machines and collect data by a central log server, samhain may be used as a client/server application. For the paranoid, a 'stealth' option is available.
7e6a44873d79298b027d90259ecc248e8b444f798ef7d93fc219650ce7306cc7