206 matches found
Next Generation Snort IPS: Snort3
The Snort++ project has been hard at work for a while now and we have released the third alpha of the next generation Snort IPS Intrusion Prevention System. This file will show you what Snort++ has to offer and guide you through the steps from download to demo. If you are unfamiliar with Snort yo...
[SECURITY] Fedora 20 Update: mutt-1.5.23-1.fc20
Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...
ThinkSAAS SQL注入漏洞打包6-10
简要描述: 详细说明: 上个注入大礼包,终于走了一个大厂商! 看来还是打包来的划算,最后一个注入大礼包了。 这个漏洞完了,回给出修复方案,求给力! 第一处SQL注入 /app/group/action/add.php // 执行发布帖子 case "do" : if $POST 'token' != $SESSION 'token' tsNotice '非法操作!' ; $authcode = strtolower $POST 'authcode' ; if $TSSITE 'base' 'isauthcode' if $authcode != $SESSION 'verify'...
[ipset_list] ipset set listing wrapper script
Features: Calculate sum of set members and match on that count. List only members of a specified set. Choose a delimiter character for separating members. Show only sets containing a specific glob matching header. Arithmetic comparison on headers with an integer value. Match members using a...
nMap Vulnerability Scanner: Vulscan
Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version scip VulDB. Version 2.0 of Nmap NSE Vulscan is...
[Arachni v0.4.5.1-0.4.2] Open Source Web Application Security Scanner Framework
Arachni is a Free/Open Source project, the code is released under the Apache License Version 2.0 and you are free to use it as you see fit. Initially started as an educational exercise, it has since evolved into a powerful and modular framework allowing for fast, accurate and flexible...
[SECURITY] Fedora 19 Update: haproxy-1.4.23-2.fc19
HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread the load among several servers while assuring server persistence through the use of HTTP cookies - switch t...
[SECURITY] Fedora 17 Update: haproxy-1.4.22-1.fc17
HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread the load among several servers while assuring server persistence through the use of HTTP cookies - switch t...
Directory traversal
Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. dot dot in a repository name...
Fedora Update for mutt FEDORA-2011-7739
Check for the Version of mutt OpenVAS Vulnerability Test Fedora Update for mutt FEDORA-2011-7739 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
[SECURITY] Fedora 13 Update: mutt-1.5.21-5.fc13
Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...
[SECURITY] Fedora 14 Update: mutt-1.5.21-5.fc14
Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...
[SECURITY] Fedora 15 Update: mutt-1.5.21-5.fc15
Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...
Nmap NSE net: http-enum
Enumerates directories used by popular web applications and servers. This parses a fingerprint file that's formatted in a way that's compatible with the Nikto Web application scanner. This script, however, takes it one step further by building in advanced pattern matching as well as having the...
[SECURITY] Fedora 12 Update: stardict-3.0.1-20.fc12
StarDict is a Cross-Platform and international dictionary written in Gtk2. It has powerful features such as "Glob-style pattern matching," "Scan selection word," "Fuzzy query," etc...
http-enum NSE Script
Enumerates directories used by popular web applications and servers. This parses a fingerprint file that's similar in format to the Nikto Web application scanner. This script, however, takes it one step further by building in advanced pattern matching as well as having the ability to identify...
[SECURITY] Fedora 11 Update: mutt-1.5.19-5.fc11
Mutt is a small but very powerful text-based MIME mail client. Mutt is highly configurable, and is well suited to the mail power user with advanced features like key bindings, keyboard macros, mail threading, regular expression searches and a powerful pattern matching language for selecting group...
Snort <= 2.4.0 SACK TCP Option Error Handling
Snort = 2.4.0 SACK TCP Option Error Handling Package: Snort 2.4.0 And previous versions Vendor url: http://www.snort.org Class: Error Handling Exceptional Conditions Risk: High Credits: A. Alejandro Hernndez Hernndez Contact: nitrousatvulnfactdotcom BACKGROUND Snort is an open source network...
CVE-2004-0711
The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "" as wildcards as if they were the legal "/" pattern, which could cause WebLogic 7.x to allow remote attackers to bypass intended access restrictions because the illegal patterns are properly rejected...
CVE-2004-0711
The CVE describes a flaw in BEA WebLogic Server 6.x URL pattern matching where illegal patterns ending in “” are treated as the legal “/ ” wildcard. This could allow WebLogic 7.x to bypass access restrictions because these illegal patterns are (purportedly) rejected but effectively treated as all...