Title: ntop = 3.3.10 Basic Authentication Null Pointer Denial of Service
-
Vendor: ntop
Vendor URL: www.ntop.org
Vendor Response: None
Description:
A denial of service condition can be reached by specifying an
the issue in the latest version.
For more information visit firmchannel.com
CVE: CVE-2008-4931
Credit:
Brad Antoniewicz
[EMAIL PROTECTED]
has addressed the issue in the latest version of MetaGauge:
http://dl.hammer-software.com/metagauge.zip
CVE: CVE-2008-4421
Credit:
Brad Antoniewicz
[EMAIL PROTECTED]
%20Manager%205.3treeMdfId=281527126treeName=Network%20Monitoring%20and%20Management
Download BBSMPatch5332.zip
CVE: CVE-2008-2165
Credit:
Brad Antoniewicz
[EMAIL PROTECTED]
/scriptalert(XSS);/script
Stored (example):
On posts to 1.append when adding new entries into the wiki, the application
does not properly escape javascript code resulting in a stored cross-site
scripting attack.
Credit:
Brad Antoniewicz
[EMAIL PROTECTED]
, mProxyIP,
mProxyPort, mProxyUser, mProxyPass);
/snip
Credit:
Brad Antoniewicz
Email: Brad.Antoniewicz at foundstone.com