SEAT (Search Engine Assessment Tool) is the next generation information digging application geared toward the needs of security professionals. SEAT uses information stored in search engine databases, cache repositories, and other public resources to scan a site for potential vulnerabilities. It's multi-threaded, multi-database, and multi-search-engine capabilities permit easy navigation through vast amounts of information with a goal of system security assessment. Furthermore, SEAT's ability to easily process additional search engine signatures as well as custom made vulnerability databases allows security professionals to adapt SEAT to their specific needs.
1dca56a6f60d703faf1e555a7c458656e20afac2c3cc327143a474f79f5a3b53IBM Domino Web Access upload module inotes6.dll SEH overwrite exploit that has the same offset as the dwa7w exploit but the same class id as the original inotes6 exploit.
58ead93457bb90bfbff8414e450da8513143cd665b5b3e055e2f3cc03d82e513IBM Domino Web Access upload module dwa7w.dll SEH overwrite exploit.
4be19d2899aa0ce523d06bed33750f7f8e3e3c4e6e8c679af4d50895c9aa08c7Macrovision Installshield isusweb.dll version 5.1.100.47363 SEH overwrite exploit.
c4513a5f573d3d412d6822d22f4f48be3db757a88ca544659ec39a426a8f59d9IBM Domino Web Access upload module inotes6.dll SEH overwrite exploit.
825727e3aded175ca3e3c3e8ad11b552c824070c5e2b4ab525e18606d3e6a02fLiveCart version 1.0.1 suffers from multiple cross site scripting vulnerabilities.
51548c242d362c34b5329b13cefb47ac86516b360e27cba8ac226e0ca470ef07Gentoo Linux Security Advisory GLSA 200712-25 - The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to SQL statements. Versions less than 2.3.1 are affected.
1e53e32e33582247af57b2f25aa112d8a309e06fb922229c61f1d6eb821cf84fGentoo Linux Security Advisory GLSA 200712-24 - The Cairo versions used by the AMD64 x86 emulation GTK+ libraries were vulnerable to integer overflow vulnerabilities (GLSA 200712-04). Versions less than 20071214 are affected.
5fa89f604687472d61e96c6bdaf4f50c7dd46ebd2b06a0042eceb8af108a3683Gentoo Linux Security Advisory GLSA 200712-23 - Multiple buffer overflows and infinite loops were discovered in multiple dissector and parser components, including those for MP3 and NCP (CVE-2007-6111), PPP (CVE-2007-6112), DNP (CVE-2007-6113), SSL and iSeries (OS/400) Communication traces (CVE-2007-6114), ANSI MAP (CVE-2007-6115), Firebird/Interbase (CVE-2007-6116), HTTP (CVE-2007-6117), MEGACO (CVE-2007-6118), DCP ETSI (CVE-2007-6119), Bluetooth SDP (CVE-2007-6120), RPC Portmap (CVE-2007-6121), SMB (CVE-2007-6438), IPv6 amd USB (CVE-2007-6439), WiMAX (CVE-2007-6441), RPL (CVE-2007-6450), CIP (CVE-2007-6451). The vulnerabilities were discovered by Stefan Esser, Beyond Security, Fabiodds, Peter Leeming, Steve and ainsley. Versions less than 0.99.7 are affected.
bf36ff899c761e97a5f00149bcd4e716d1df66512c8fe7cd63197ace44cec7f7Gentoo Linux Security Advisory GLSA 200712-22 - David Bloom reported two vulnerabilities where plug-ins (CVE-2007-6520) and Rich text editing (CVE-2007-6522) could be used to allow cross domain scripting. Alexander Klink (Cynops GmbH) discovered an issue with TLS certificates (CVE-2007-6521). Gynvael Coldwind reported that bitmaps might reveal random data from memory (CVE-2007-6524). Versions less than 9.25 are affected.
530363e74b05a9c0cab7ab3ccbe4e38646d82e728737b3b36e700bc1f9db60fcVantage Linguistics AnswerWorks version 4 API ActiveX control buffer overflow exploit.
654af9fb383cad5bcfe2ab6f2429c65a3ffd4a0ece41a2c25b8012a68707f6d8milliscripts suffers from a cross site scripting vulnerability in dir.php.
4af36b372999d026d0c14cea9a54205f1803ebed3db2d83499ce372a5bd2abf9oneSCHOOL remote SQL injection exploit that makes use of admin/login.asp.
2519427f24eb4dce14bef2648ed79e0ad1612c8f4c07885a98ae008729aa6365Bitweaver R2 CMS version 2 suffers from source code disclosure and arbitrary file upload vulnerabilities.
4bf66d8aabac6e5e914121cc49004372f11d97cd29e23898cd01c72e301f98fdInstant Softwares DatingSite suffers from a remote SQL injection vulnerability.
3d887a0e2e8952f9b1161bc28f4cc0750c2a048d12a9e91aac5745609f58d78aZenphoto version 1.1.3 remote SQL injection exploit that makes use of rss.php.
ebea914d89753aa5cf99f22da03cc2a7cef941eb3aefb589e889de51b5c379eaCuteNews version 2.6 arbitrary file download exploit.
fd63f30fa6afac5d7724bff44aadb2674c704e32efc26e02417a549082674fa4CCMS version 3.1 Demo remote SQL injection exploit.
ef04ff7d1ca6c0a4deb3f783b974701610941a828b153bfedbdd47a959bc6bf4TK53 Advisory 2 - Multiple vulnerabilities exist in ClamAV version 0.92 including a race condition and bypass flaws.
60f282650db36b99a8714bd90bc91b916c65759e7573026b8b48aaf66bad3ad2This perl script will enumerate the SSL ciphers in use on any SSL encrypted service, including STARTTLS on SMTP. The script will warn the operator if a self signed certificate is detected on a https encrypted service.
b072fc02eb3c308b65335f16281547f292d409ddca19c12a820a6fe6a2d9eb2cFingerprints in Astaro Security Gateway version 7.1 could allow a remote attacker to create malicious payloads.
2f9ea311b09010ad3e8ad33024368042b35a137bbdea00e122e1fe24cf6ed200MyPHP Forum versions 3.0 and below suffer from multiple SQL injection vulnerabilities.
1fa8e47bceeab90f65d0b10d450f56383f090bce02fde02ee8a0a341f3ad1d4aIPTBB versions 0.5.4 and below suffer from a remote SQL injection vulnerability.
c038d616f12bec1b85aa9758e82a38e84607fc4ddac3d92c1a455e7ce87c362dsshutout is a daemon that periodically monitors log files, looking for multiple failed login attempts via the Secure Shell daemon. The daemon is meant to mitigate what are commonly known as "dictionary attacks," i.e. scripted brute force attacks that use lists of user IDs and passwords to effect unauthorized intrusions. The sshutout daemon blunts such attacks by creating firewall rules to block individual offenders from accessing the system. These rules are created when an attack signature is detected, and after a configurable expiry interval has elapsed, the rules are deleted.
567e214628c24ac9db457b67151c215930f9790be908b3898d905e68a6e579c9ndisc consists or two small command line tools (ndisc and rdisc) that perform ICMPv6 Neighbor Discovery and ICMPv6 Router Discovery respectively. It is primarily meant for IPv6 networking diagnostics or to detect rogue IPv6 nodes or routers on an Ethernet segment.
3aadf5d1f3b4620833527511ee700a2f0365a10d62219ece882ca6424e8ffe0c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed