ppscan is yet another portscanner. However, it can scan an entire Class C subnet for a range of ports not only using tcp-syn/tcp-connect but also by tunneling through HTTP proxies (either HTTP GET or HTTP CONNECT), or using FTP servers which allow arbitrary connections via PORT bounce method. It is multi-threaded, so it can blaze through connection attempts.
662c1cf506bf0d8bb74216f8ea2f0047e7c33238eb1860284b5d9c9fbb2ccc27Whitepaper discussing man-in-the-middle attacks against the chipTAN Comfort online banking system.
173c757d24d9c5b57918ebadcbe6919bbbf6f503ff59afc5031181d05111efddOpenX versions 2.8.1 and below are vulnerable to remote code execution.
6a808fe4a1876118ed275a0f17968d069581aa4e6cb05cf27628827b81ecc0ffTYPSoft FTP server remote denial of service exploit that makes use of APPE and DELE.
150ed27b3194fd15afb4196da0b3242fafea00c033ef3d9bc7a6952922cdb67dThe harbour.pl script builds 1941 and below suffer from a remote denial of service vulnerability.
6025ad2f20319b92507cebe17960e3c31744c65c9fc8f412d122a8c4b6378d43Ubuntu Security Notice 861-1 - It was discovered that libvorbis did not correctly handle ogg files with underpopulated Huffman trees. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could cause a denial of service. It was discovered that libvorbis did not correctly handle certain malformed ogg files. If a user were tricked into opening a specially crafted ogg file with an application that uses libvorbis, an attacker could cause a denial of service or possibly execute arbitrary code with the user's privileges.
eae0d2f3f32cf33000f3d2bc776104ba25f98a9675818118f9d38a10b34071aeQuick.Cart version 3.4 and Quick.CMS version 2.4 both suffer from cross site request forgery vulnerabilities.
a291709208fa14adc1a5eab49ffc15c878c487a510f9d3913c92d128302ffe83PEAR Security Advisory - Multiple remote arbitrary command injections have been found in the Net_Pingand Net_Traceroute.Net_Ping versions below 2.4.5 and Net_Traceroute versions below 0.21.2 are affected.
1f8e26e5d2a3b7524f9d89fd9fd45aede051f3408d7534eb1f57bbb1ea3b1a36WP-Cumulus version 1.20 for WordPress suffers from path disclosure and cross site scripting vulnerabilities.
35a4d37e5ffba03af02fb610a6aab2f8fa7fc1f4a0756d7ec716da27b29ecaf2Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP.
0ef70f47c3adce44a408f33695e621cada2197cc52493bbf25e2fd2bf6891dd4XM Easy Personal FTP Server version 5.8.0 remote denial of service exploit.
7e36fe5d6389fdf072223910ed5c194801e09d85b293396f06d2f170cf7c5ddeWhitepaper called English Shellcode. In this paper, they challenge the assumption that shellcode must conform to superficial and discernible representations. Specifically, they demonstrate a technique for automatically producing English Shellcode, transforming arbitrary shell-code into a representation that is superficially similar to English prose.
520adbcbc20b5b74ff45288dfb818039f329155c76d5816f3314408df708f644Secunia Security Advisory - Some vulnerabilities have been reported in Cacti, which can be exploited by malicious users to conduct script insertion attacks.
333331899898787e5e5522b4afe7fde7168e219ebf1f38a21893c0fc044c54afSecunia Security Advisory - Fedora has issued an update for asterisk. This fixes a weakness, which can be exploited by malicious people to determine valid user names.
d973e210dab9d6f6ce9a5b8513db87c271f2993b9e0179df6771db17bd6322b1Secunia Security Advisory - Fedora has issued an update for snort. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
af3da90fe0e352b6521bda8cfada7a29c3da06f3a6c227834f76d83c462e0db1Secunia Security Advisory - A vulnerability has been reported in the Net_Ping package, which can be exploited by malicious people to compromise a vulnerable system.
9302426d9890da8283b7322863ae0678a1feb2f8edbdf0a275efd1a4c58cba2cSecunia Security Advisory - Debian has issued an update for php-mail. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
f2611540200e590892c4ad0805cc671edd41d827f28e4f5da9f8a799a294fd99Secunia Security Advisory - A vulnerability has been discovered in the Sage extension for Firefox, which can be exploited by malicious people to compromise a user's system.
b299d21d7630f92201c9650e2a3b470d2d5d804146fd6b8f9f691bd303f27541Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and spoofing attacks, and potentially compromise a user's system.
dc2051888225c1f75fddf90b3733d45b9910a09203a25e8dee2fb8b83a958a81Secunia Security Advisory - MustLive has discovered a vulnerability in the WP-Cumulus plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
7f54d633d855f7288314e1e9d2dbeea33668ed79918aaf896b82da238544ffa7W3infotech suffers from a remote SQL injection vulnerability that allows for authentication bypass.
01ab51727bf20650b3e60a32cde842a6173b660c8f99728161c18a31b1439908
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed