Rapid 7 Advisory R7-0008 - IBM Web Traffic Express Caching Proxy server is vulnerable to cross site scripting. The Caching Proxy server allows script code to be injected into pages using standard cross-site scripting techniques. A second, variant attack allows the HTTP headers to be manipulated.
2b24d3cf784653c24b81047d80228ae940e783257cf9ce49567fa86d564bdaebRapid 7 Advisory R7-0007 - The Caching Proxy component of IBM's WebSphere Edge Server v2.0 is vulnerable to a denial-of-service attack against one of the default CGI programs. A malformed HTTP request for /cgi-bin/helpout.exe will cause ibmproxy.exe to crash and cease functioning.
d5444f4faa351e594a4559c2bf2fb5cf0491766c5ae89f6adfc2ce7c94802ffeiDEFENSE Security Advisory 10.15.02 - RadioBird Software's WebServer 4 Everyone v1.27 and below contains denial of service and directory traversal vulnerabilities allowing any file on the system to be downloaded. Fix available here.
ee7ce09231d4ce9d177866165f5d433f9b62ebfe59e76ea0613c5ecc5fd837e8Solarwinds TFTP server v5.0.55 and below remote denial of service exploit in perl.
165893e2a72b6c7b01bf0b5e59020ebd0ef42cf6184037b8c607536b68ae7f46Opticon Users 2002 is a simple tool to show administrators who is logged onto the network and from what workstation that user is accessing the network from. Information about the workstation used to logon from, the domain, the logon server, and the date/time of logon is also displayed. This tool makes it easy to spot unauthorized logons from a certain workstation or logons using an administrative account.
7363cf87bc3f361f4ba537b96a7a2040148781aaca2bceecd4a21b540aab2c6bThe BadBlue web server v1.7 for Windows allows remote attackers to access files in password protected directories by sending a special web request. Tested on Windows 2000 Sp3 and 98SE.
99d05374da83f582e4c1a538df787b729ffaa4edb6e65cda12d5bea1cb47a8a5The Liteserve Web Server v2.0 for Windows allows remote attackers to access files in password protected directories by sending a special web request. Tested on Windows 2000 Sp3 and 98SE.
1ad0b43d131843b5736e0561fcc1a675759e988ac4a519a13fc34d067e8ed50fThe BRS WebWeaver Web Server v1.01 for Windows allows remote attackers to access files in password protected directories by sending a special web request. Tested on Windows 2000 Sp3 and 98SE.
952d6a2e38bf73ed6659426d07625a19fe392c8b246d7ec67b52f1f0b7264132Tunnel finder is a particular proxy checker that can display information from a list of proxies by searching for proxy servers that permit the CONNECT command allowing an end user to achieve a higher level of anonymity.
04f9dee370118f4214730926d3a378e63fa4c58b145ca7bcb65f65b3693a1376Virgil CGI Scanner by Mark Ruef has a vulnerability where user input is trusted without being sanitized and is actually populating bash variables which end up getting executed. Simple exploit examples are included.
d904fe4eeff1617f799ad5d492b310acc2605145158faff2c8c8a7b7a546cdacMicrosoft Windows RPC Denial of Service utility.
14210ab9185d541e6e0cd8c76e93e68f6cf19be6fc42f04ea56bb85b67e5e8efLog wiping utility used to sanitize logs from utmp, wtmp, utmpx, wtmpx, lastlog files. Capabilities also allow modification and addition of entries.
7d68a83410f500bb5b1ecadd45370d96ed4e69ce4f1b607f6b1bc9a7ea7b61daiDEFENSE Security Advisory 10.24.02 - The Solarwinds TFTP server v5.0.55 and below contains a directory traversal bug which allows remote users to download any file on the system.
a7a4ff629f7e930a627e2df7c2e09b6d40a316d099e31b0a622bdad02850eb20Microsoft Internet Explorer versions 5.5 and 6.0 are susceptible to 9 attacks involving object caching. When communicating between windows, security checks ensure that both pages are in the same security zone and on the same domain. These crucial security checks wrongly assume that certain methods and objects are only going to be called through their respective window. This assumption enables some cached methods and objects to provide interoperability between otherwise separated documents.
0d493f1ee4c0342068a311e12ade60a725672891b23957e14ce2b5cbe1e6e675Two modified versions of the slapper worm exploit made more user-friendly with simple interaction to define what host and port will be hit with the exploit.
33f0ab9cc7a39a816dbc6dddc8b1952feeb6871f5ad68e60decab4626431eb7cIptables shell script. Some Brazilian comments.
4a4d7de414db7c905e2217bf7d07d40927e0c013b2effde9a9f8880838c68278
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed