network monitoring
Intrusion Detection
Denial-of-Service
Privacy Protection
Security Policies
Peer-to-Peer and Grid Security
Network Monitoring
Web Security
Vulnerability Management and Tracking
Network Forensics
Wireless and Mobile Security
Cryptography
* Intrusion Detection
* Denial-of-Service
* Privacy Protection
* Security Policy
* Peer-to-Peer and Grid Security
* Network Monitoring
* Web Security
* Vulnerability Management and Tracking
* Network Forensics
* Wireless and Mobile Security
* Cryptography
* Intrusion Detection
* Denial-of-Service
* Privacy Protection
* Security Policy
* Peer-to-Peer and Grid Security
* Network Monitoring
* Web Security
* Vulnerability Management and Tracking
* Network Forensics
* Wireless and Mobile Security
* Cryptography
#!/usr/bin/perl
# //--------[PoC]---------//
#
# Title : Centreon IT & Network Monitoring v2.1.5 - Injection SQL
# Version : 2.1.5
# Author : Jonathan Salwan (j.salwan@sysdream.com)
#
#
# [Vuln sql injection]
# http://localhost/centreon/main.php?p=201&host_id=-1%20[SQL
stable (Sarge) lead to check_procs not being included for the i386
architecture. This update fixes this regression. For reference the
original advisory text below:
Several local/remote vulnerabilities have been discovered in two of
the plugins for the Nagios network monitoring and management system.
The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2007-5198
seventeenth annual meeting (LACNIC XVII). This is a public call for
presentations for that event.
The topics of interest include, but are not limited to, the following:
* Honeypots, network monitoring and situational awareness tools in general.
* Fighting spam, particularly spam from origin (SPF, DKIM and related
technologies. Email reputation)
* Fighting phishing and pharming
* Fighting malware
* Internet protocol security
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2007-5198 CVE-2007-5623
Several local/remote vulnerabilities have been discovered in two of
the plugins for the Nagios network monitoring and management system.
The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2007-5198
The tool can be operated in the foreground or as a daemon, and offers
a simple real-time API for third-party components that wish to obtain
additional information about the actors they are talking to.
Common uses for p0f include reconnaissance during penetration tests;
routine network monitoring; detection of unauthorized network
interconnects in corporate environments; providing signals for abuse
prevention tools; and miscellaneous forensics.
== What's new ==
fifteenth annual meeting (LACNIC XV). This is a public call for
presentations for that event.
The topics of interest include, but are not limited to, the following:
* Honeypots, network monitoring and situational awareness tools in general.
* Fighting spam, particularly spam from origin (SPF, DKIM and related
technologies. Email reputation)
* Fighting phishing and pharming
* Fighting malware
* Internet protocol security
On Sun, Apr 03, 2011 at 12:15:12PM +0200, Henrik Strner wrote:
> Several cross-site scripting vulnerabilities have been identified in
> the Xymon systems- and network-monitoring tool available at
> http://sourceforge.net/projects/xymon/
>
> All versions prior to 4.3.1 (released April 3, 2011) are vulnerable.
>
> I would like to thank David Ferrest for notifying me of this issue.
>
>
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2007-5198 CVE-2007-5623
Several local/remote vulnerabilities have been discovered in two of
the plugins for the Nagios network monitoring and management system.
The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2007-5198
XSS vulnerability in 'Monitor_Bandwidth' - PRTG Traffic Grapher
<http://blog.bkis.com/?p=704>
1. General information
PRTG Traffic Grapher is a network monitoring solution, which helps
manage and classify bandwidth usage of a network by providing accurate
results about network traffic and usage trends in graphs and tables. The
software also supports SNMP (Simple Network Management Protocol). PRTG
Traffic Grapher is available at http://www.paessler.com.
Background
==========
The Nagios Plugins are an official set of plugins for Nagios, an open
source host, service and network monitoring program.
Affected packages
=================
-------------------------------------------------------------------
Several cross-site scripting vulnerabilities have been identified in the
Xymon systems- and network-monitoring tool available at
http://sourceforge.net/projects/xymon/
All versions prior to 4.3.1 (released April 3, 2011) are vulnerable.
I would like to thank David Ferrest for notifying me of this issue.
Henrik Strner,
3. *Vulnerability Description*
HP Openview Network Node Manager is one of the most widely-deployed
network monitoring and management platforms used throughout enterprise
organizations today. The platform includes many server and client-side
core components with a long list of previously disclosed security bugs.
In this case, a remotely exploitable vulnerability was found in the
database server core component used by NNM. Exploitation of the bug does
not require authentication and will lead to a remotely triggered denial
arbitrary code.
Background
==========
Nagios is an open source host, service and network monitoring program.
Affected packages
=================
-------------------------------------------------------------------
Vendor: Zenoss
Vendor website: http://www.zenoss.com
Author: Adam Baldwin (adam_baldwin@ngenuity-is.com)
I. BACKGROUND
Zenoss is a commercial and open source systems and network monitoring tool. Much
of the applications functionality is accessible via a front end web application.
II. DETAILS
Multiple CSRF vulnerabilities exist that can allow for arbitrary
|
