Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.
.::anti-abuse.com::.
Security Revealed
Archive for November, 2006
PWDumpX.zip
Posted in November 30th, 2006
The PWDumpX tool allows a user with administrative privileges to retrieve the encrypted password hashes and LSA secrets from a Windows system. This tool can be used on the local system or on one or more remote systems.
Comments Off
rde-FUZZ.tar.gz
Posted in November 30th, 2006
Tiny utility for supplying user defined environmental variables at a defined sized. Used in the Aid of auditing binaries that rely on environmental variables.
Comments Off
wisi-sql.txt
Posted in November 30th, 2006
Wisi Portal suffers from SQL injection vulnerabilities in multiple asp files.
Comments Off
siapcms-sql.txt
Posted in November 30th, 2006
Siap CMS suffers from a SQL injection vulnerability in login.asp.
Comments Off
cra.pl.txt
Posted in November 30th, 2006
PHP-Nuke Mermaid module version 1.2 remote file inclusion exploit that makes use of formdisp.php.
Comments Off
jambook.txt
Posted in November 30th, 2006
The Mambo jambook component suffers from a HTML injection vulnerability via the Entry field.
Comments Off
at-tftp19.txt
Posted in November 30th, 2006
A vulnerability has been identified in TFTP server AT-TFTP server version 1.9, which could be exploited by remote or local attackers to execute arbitrary commands or cause a denial of service.
Comments Off
11.26.06-2.txt
Posted in November 30th, 2006
iDefense Security Advisory 11.26.06 – Remote exploitation of a denial of service vulnerability in Qbik IP Management Limited’s WinGate allows attackers to cause the application to consume 100% of available CPU cycles. iDefense has confirmed that Qbik Wingate 6.1 is vulnerable. Earlier versions are suspected vulnerable.
Comments Off
11.26.06-1.txt
Posted in November 30th, 2006
iDefense Security Advisory 11.26.06 – Remote exploitation of a format string vulnerability in GNU Radius could allow an attacker to execute code in the context of the running daemon. iDefense has confirmed that this vulnerability is present in version 1.3 and 1.2 of GNU Radius. It is likely that all prior versions are vulnerable.
Comments Off
MHL-2006-004.txt
Posted in November 30th, 2006
Mayhemic Labs Public Advisory MHL-2006-004 – MBoard does not check the Post ID for malicious data when replying, allowing an attacker to create blank files on the system wherever the web server has write access. Versions 1.22 and below are affected.
Comments Off
dsa-1219-1.txt
Posted in November 30th, 2006
Debian Security Advisory 1219-1 – The GNU texinfo package has been found susceptible to insecure file handling and buffer overflow flaws.
Comments Off
SYMSA-2006-011.txt
Posted in November 30th, 2006
Symantec Vulnerability Research SYMSA-2006-011 – JBoss web server version 1.0.0.GA suffers from a directory traversal flaw.
Comments Off
Simple Event Correlation installation and configuration
Posted in November 30th, 2006
(Posted 30 Nov 2006 by janewalker6847)
Comments Off
Tutorial: IPP based Linux Print Server using CUPS
Posted in November 30th, 2006
(Posted 30 Nov 2006 by falko)
Comments Off
nice and renice: Linux Process Priority
Posted in November 30th, 2006
(Posted 30 Nov 2006 by Ray)
Comments Off
Body Armor for Dogs: Media Hype Creates Yet Another Need
Posted in November 30th, 2006
Patriotic and misguided fervor saddles police dogs with unnecessary and pricey protection.
Comments Off
Think We’re Leaving Iraq? Not So Fast
Posted in November 30th, 2006
As Iraq spirals into chaos and support for withdrawl balloons, the Pentagon considers committing 20,000 more U.S. troops to a mission with an unclear end.
Comments Off
Bush’s Failed Global AIDS Plan
Posted in November 30th, 2006
The President’s relief plan ignores the gender dimensions of the AIDS epidemic, and women are paying for it with their lives.
Comments Off
Be All That You Can Be: Leave the Army
Posted in November 30th, 2006
With a military badly in need of reform and a war based on lies, desertion is an act of bravery.
Comments Off
States Upping The Minimum Wage
Posted in November 30th, 2006
Fed up with Congress after watching the minimum wage stagnate at poverty level for nearly a decade, a growing number of states are introducing their own pay raises and bolstering buying power.
Comments Off
War on Iraq: Think We’re Leaving Iraq? Not So Fast
Posted in November 30th, 2006
As Iraq spirals into chaos and support for withdrawl balloons, the Pentagon considers committing 20,000 more U.S. troops to a mission with an unclear end.
Comments Off
Meth: The Overstated Addiction
Posted in November 30th, 2006
Methamphetamine abuse is not as prevalent as the government would have you believe.
Comments Off
Improve Apache (LAMP) security with mod_proxy
Posted in November 30th, 2006
Virtual hosting with multiple user IDs is possible to increase Apache security with mod_proxy.
In this article, Nick Maynard outlines a method for you to improve the security of a LAMP setup by using Apache’s mod_proxy module. This article is specific to Linux; however, you can also apply some of the principles to other operating systems.
One [...]
Comments Off
Humor: The Book of Mozilla – Mozilla firefox Easter egg
Posted in November 30th, 2006
Just open firefox and type about:mozilla followed by [enter] key…
You will see message:
And so at last the beast fell and the unbelievers rejoiced.But all was not lost, for from the ash rose a great bird. The bird gazed down upon the unbelievers and cast fire and thunder upon them. For the beast had been reborn [...]
Comments Off
snif <= 1.5.2 (index.php) Remote File Inclusion Vulnerability
Posted in November 30th, 2006
Comments Off
Advertisments
Popular Tags
Recent Entries
- Ubuntu more “commercial”, but always free …
- Silicon Valley Can Do Better Than Facebook
- The pi pad
- Labor Struggles, Then and Now: Workers in One Iowa Town Epitomize the Past and Present of the Labor Movement
- The Perfect Desktop – Ubuntu Studio 12.04
- Introducing Our 2012 Disrupt NYC Hackathon Winners: Thingscription, PoachBase, And Practikhan!
- iPhone charger teardown shows astounding miniaturization.
- Vuln: Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
- 12 More Enlightening Free Linux Books
- Building a 6502 in Minecraft
Recent Comments
- Keine Kommentare vorhanden.
Social Network
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Oct | Dec » | |||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | |||
Subscribes
Meta
Archives
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- August 2005
- July 2005
- June 2005
- May 2005
- January 2005
- November 2004
- October 2004
- September 2004
- October 2002
- December 2001
- January 1970
- December 1969
Also
rss
- SANS Internet Storm Center, InfoCON: green
- SANS Internet Storm Center, InfoCON: green
- (IN)SECURE Magazine Notifications RSS
- 0DayCar
- A Day in the Life of an Information Security Investigator
- Advisory Files ≈ Packet Storm
- Advisory Files ≈ Packet Storm
- All about Linux
- All about Linux
- AlterNet.org
- AlterNet.org
- Astalavista.net – Directory
- Astalavista.net – Exploits
- cmw.me blogs
- Confessions of a Penetration Tester
- Darknet – The Darkside
- Darknet – The Darkside
- Debian GNU/Linux System Administration Resources
- Debian GNU/Linux System Administration Resources
- DesktopLinux.com
- DesktopLinux.com
- Exploit Files ≈ Packet Storm
- Exploit Files ≈ Packet Storm
- F-Secure Antivirus Research Weblog
- F-Secure Antivirus Research Weblog
- Files ≈ Packet Storm
- Files ≈ Packet Storm
- Files ≈ Packet Storm
- Files ≈ Packet Storm
- Got Root Articles
- Got Root Articles
- Got Root Blogs
- Got Root Blogs
- Got Root Library and Wiki
- Got Root Library and Wiki
- Hack a Day
- Hack a Day
- HowtoForge – Linux Howtos and Tutorials –
- HowtoForge – Linux Howtos and Tutorials –
- izik
- izik
- Joomla! powered Site
- kaos.theory: fractal blog
- kaos.theory: fractal blog
- Latest Secunia Advisories
- Librenix.com | Linux Sysadmin Central
- Librenix.com | Linux Sysadmin Central
- Linux Gazette
- Linux Gazette
- Linux Journal – The Original Magazine of the Linux Community
- Linux Journal – The Original Magazine of the Linux Community
- Linux.com :: Feature
- Linux.com :: Feature
- LXer Linux News
- LXer Linux News
- milw0rm.com
- milw0rm.com
- News ≈ Packet Storm
- News ≈ Packet Storm
- nixCraft Linux Sys Admin Blog
- nixCraft Linux Sys Admin Blog
- Open Source Networking
- Open Source Networking
- Own-the.net – Web application security and SEO
- RootPrompt — Nothing but Unix
- RootPrompt — Nothing but Unix
- Rootsecure.net
- Rootsecure.net
- SecuriTeam
- SecuriTeam
- Security Tool Files ≈ Packet Storm
- Security Tool Files ≈ Packet Storm
- SecurityDocs
- SecurityDOT Articles
- SecurityDOT Articles
- SecurityDOT Exploits
- SecurityDOT Exploits
- SecurityDot News
- SecurityDot News
- SecurityDot Vulnerabilities
- SecurityDot Vulnerabilities
- SecurityFocus News
- SecurityFocus News
- SecurityFocus Vulnerabilities
- SecurityFocus Vulnerabilities
- SpiderLabs Anterior
- SpiderLabs Anterior
- Spyware Warrior
- Spyware Warrior
- TaoSecurity
- TaoSecurity
- TechCrunch
- The Ethical Hacker Network RSS News Feed
- The Ethical Hacker Network RSS News Feed
- The most recent articles from vnunet.com
- The most recent articles from vnunet.com
- US-CERT Bulletins
- US-CERT Bulletins
- US-CERT Technical Cyber Security Alerts
- US-CERT Technical Cyber Security Alerts
- US-CERT Technical Cyber Security Alerts
- US-CERT Technical Cyber Security Alerts
- US-CERT Tips
- US-CERT Tips
- VulnWatch
- VulnWatch
- XSSed syndication
- XSSed syndication
- XSSed syndication
- XSSed syndication