ntop = 3.3.10 Basic Authentication Null Pointer Denial of Service

Title: ntop = 3.3.10 Basic Authentication Null Pointer Denial of Service - Vendor: ntop Vendor URL: www.ntop.org Vendor Response: None Description: A denial of service condition can be reached by specifying an

FirmChannel Digital Signage 3.24 Cross-site scripting

the issue in the latest version. For more information visit firmchannel.com CVE: CVE-2008-4931 Credit: Brad Antoniewicz [EMAIL PROTECTED]

MetaGauge 1.0.0.17 Directory Traversal

has addressed the issue in the latest version of MetaGauge: http://dl.hammer-software.com/metagauge.zip CVE: CVE-2008-4421 Credit: Brad Antoniewicz [EMAIL PROTECTED]

Cisco BBSM Captive Portal Cross-site Scripting

%20Manager%205.3treeMdfId=281527126treeName=Network%20Monitoring%20and%20Management Download BBSMPatch5332.zip CVE: CVE-2008-2165 Credit: Brad Antoniewicz [EMAIL PROTECTED]

Swiki 1.5 Multiple Cross-Site Scripting Vulnerabilities

/scriptalert(XSS);/script Stored (example): On posts to 1.append when adding new entries into the wiki, the application does not properly escape javascript code resulting in a stored cross-site scripting attack. Credit: Brad Antoniewicz [EMAIL PROTECTED]

Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded Credentials

, mProxyIP, mProxyPort, mProxyUser, mProxyPass); /snip Credit: Brad Antoniewicz Email: Brad.Antoniewicz at foundstone.com