- Kiwi CatTools < 3.2.9 Directory Traversal attack SecuObs - L'observatoire de la sécurite internet - Site d'informations professionnelles francophone sur la sécurité informatique

Les derniers commentaires publiés sur SecuObs (1-5):

- Researchers unite to distribute quantum keys - Apple patching serious SMS vulnerability on iPhone - CERT Resiliency Management Model v1.0 Released - ESRT @milw0rm Apple Safari 4x JavaScript Reload Remote Crash Exploit - ESRT @packet_storm Oracle 10g SYSLTCOMPRESSWORKSPACETREE SQL Injection Les derniers commentaires publiés sur SecuObs (6-25) Tous les commentaires publiés sur SecuObs avant les 5 derniers

Détail du test :

ID	24747
Nom	Kiwi CatTools < 3.2.9 Directory Traversal
Auteurs	This script is Copyright (C) 2007 Ferdy Riphagen
Catégorie	Remote file access
Action	attack
Résumé	Try to grab a file outside the tftp root
Description	Synopsis : The remote TFTP server is affected by a directory traversal vulnerability. Description : The remote host appears to be running Kiwi CatTools, a freeware application for device configuration management. The TFTP server included with the version of Kiwi CatTools installed on the remote host fails to sanitize filenames of directory traversal sequences. An attacker can exploit this issue to get or put arbitrary files on the affected host subject to the privileges of the user id under which the server operates, LOCAL SYSTEM by default. See also : http://www.securityfocus.com/archive/1/459500/30/0/threaded http://www.kiwisyslog.com/kb/idx/5/178/article/ Solution : Upgrade to Kiwi CatTools version 3.2.9 or later. Risk factor : Critical / CVSS Base Score : 10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Cliquer pour le detail - Liste des tests :

Subversion Detection
Kiwi CatTools < 3.2.9 Directory Traversal
Samba Remote Arbitrary File Access
Anaconda Foundation Directory apexec.pl template Parameter Traversal Arbitrary File Retrieval
Office files list
CommuniGate Pro Referer Field Session Token Disclosure
LDAP allows null bases
WebSite 1.0 buffer overflow
Avotus mm File Retrieval attempt
Mailman private.py Directory Traversal Vulnerability
Subversion Module File Restriction Bypass
SawMill password
NFS fsirand
LocalWeb2000 remote read
IMAP arbitrary file retrieval
IlohaMail index.php init_lang Variable Arbitrary File Access
TFTP file detection (Cisco IOS)
Misconfigured Gnutella
TheServer clear text password
Mountable NFS shares
Subversion Module unreadeable path information disclosure
IlohaMail Multiple Configuration Files Remote Information Disclosure
The remote portmapper forwards NFS requests
eXtropia Web Store remote file retrieval
rsync path traversal
Apache2 double slash dir index
NFS cd ..
Subversion remote Buffer Overflow
TFTP directory traversal
ipop2d fold Command Arbitrary File Access
Lotus Domino 6.0 Vulnerabilities
FileMakerPro Server Detection
Napster Clone Arbitrary File Access
MultiTech Proxy Server Default Password
FTPGate traversal
Netscape Enterprise INDEX request problem
Web Shopper remote file retrieval
MetaInfo servers
NetBeans Java IDE
MySQL datadir/my.cnf Modification Privilege Escalation
Subversion SVN Protocol Parser Remote Integer Overflow
3com RAS 1500 Configuration Disclosure
ACC Tigris Access Terminal Configuration Disclosure
FKey Remote Arbitrary File Disclosure
Eserv Directory Index
Apache Multiple / Forced Directory Listing
Atrium Mercur Mailserver
Boa file retrieval
NFS export
IlohaMail index.php session Variable Arbitrary File Access
Subversion Pre-Commit-Hook Vulnerability
User Mountable NFS shares
Microsoft IIS Source Fragment Disclosure

Cliquer pour le detail - liste des categories :

CISCO

Compte utilisateur unix par défaut

Acces root à distance

Acces shell à distance

General

Divers

Netware

Backdoors / chevaux de troie

NIS

Peer to Peer

Scanner de port

Fichiers en acces distant

RPC

Parametrage

Serveur de messagerie SMTP

SNMP

Services de moindre importance

Windows : Général

Windows : gestion des utilisateurs

Windows : Mises a jour

Debian : Mises a jour

Gentoo : Mises a jour

AIX : Mises a jour

Red Hat : Mises a jour

Mac OS X : Mises a jour

Slackware : Mises a jour

SuSE : Mises a jour

Mandrake : Mises a jour

Fedora : Mises a jour

Solaris : Mises a jour

FreeBSD : Mises a jour

HP-UX : Mises a jour

Ubuntu : Mises a jour

Les derniers commentaires publiés sur SecuObs (6-25):

- ESRT @devilok - Unsung tools - Raptor forensics livecd - Bluetooth 3.0 + HS : Compromising Your Security at 24 Mbps - SparkFun Electronics - Open source hardware kits - Stealthy Click Fraud Tool Exploits 9ball Attack - Getting the EXE out of the RTF - Calcul on encrypted data possible without decrypting, says IBM - ESRT @phenrycissp Live View 0.7b to run forensic dd images in VMware - ESRT @Infosanity kismet2gmapstatic PoC tool released - Vidéo : Encrypt your entire hard drive ! Hak5 - Linux exploit : Even when one byte matters - Apache mod_negotiation exploit - New Tool: ProcDump v1.0, Updates: Autoruns v9.51, VMMap v2.1, PsExec v1.96 - New Attack on AES - MD6 Withdrawn from SHA-3 Competition - RIAA Victory Over Usenet.com In Copyright Case - Torrentreactor Website compromised - 3 Web Application Firewall Advisories and Whitepaper Published - Event IDs for Windows Server 2008 and Vista Revealed - Mozilla Content Security Policy - ESRT @bearo80 IBM homomorphic encryption scheme for cloud security and spam filt Les cinq derniers commentaires publiés sur SecuObs Tous les commentaires publiés sur SecuObs avant les 25 derniers

SecuToolBox :

Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / WEP aircrack + Ubiquiti (MadWifi) 300 mW + Yagi / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner + d'outils / + de tutoriels

Mini-Tagwall des articles publiés sur SecuObs :

sécurité, windows, exploit, microsoft, réseau, attaque, vulnérabilité, système, audit, outil, virus, internet, données, linux, présentation, bluetooth, vista, metasploit, protocol, shell, scanner, réseaux, trames, téléphone, paquet, wishmaster, rootkit, engineering, sysun, https, black, mobile, noyau, téléphones, conférence, mémoire, source, scapy, google, reverse, détection, malveillant, snort, sécurise, patch + de mots clés avec l'annuaire des articles publiés sur SecuObs

Archives Failles Secunia :

- SA35655 SUSE update for acroread - SA35673 AudioPLUS Playlist Processing Buffer Overflow Vulnerability - SA35656 Ubuntu update for linux and linux-source-2.6.15 - SA35681 Drupal Multiple Vulnerabilities - SA35644 HP-UX NFS/ONCplus Denial of Service Vulnerability + d'archives failles avec Secunia et SecuMail

Archives Mailing Full Disclosure :

- Full-disclosure Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products - Full-disclosure Cisco Security Advisory: Cisco Physical Access Gateway Denial of Service Vulnerability - Full-disclosure Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability - Full-disclosure Cisco Security Advisory: Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability - Re: Full-disclosure Code-Crunchers a simple race condition and how you'd solve it + d'archives Full Disclosure avec SecuMail

Archives Mailing Bugtraq :

- Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products - Cisco Security Advisory: Cisco Physical Access Gateway Denial of Service Vulnerability - Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability - Cisco Security Advisory: Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability - Multiple Flaws in Axesstel MV 410R - GLSA 200907-02 ModSecurity: Denial of Service + d'archives Bugtraq avec SecuMail

Mini-Tagwall de l'annuaire video :

virus, spyware, vmware, firmware, security, malware, lockpicking, biometric, kernel, iphone, windows, adware, password, wimax, botnet, tutorial, phish, linux, symantec, rootkit, knoppix, metasploit, network, attack, server, virtual, internet, jailbreak, notacon, conference, exploit, google, wireshark, hacker, backtrack, defcon, openbsd, intel, ettercap, firewall, source, samsung, reprap, wireless, norton + de mots clés avec l'annuaire des videos

Mini-Tagwall des articles de la revue de presse :

security, microsoft, vulnérabilité, windows, vulnerability, network, attack, google, hacker, exploit, inject, internet, remote, server, mobile, malware, apple, iphone, black, patch, sécurité, virus, linux, ebook, conficker, crypt, source, intel, virtual, facebook, access, trojan, twitter, research, firefox, overflow, pirate, phish, vista, cisco, obama, office, local, opera, adobe + de mots clés avec l'annuaire de la revue de presse

Mini-Tagwall des Tweets de la revue Twitter :

security, cisco, linux, defcon, firewall, vmware, metasploit, attack, server, phish, network, twitter, windows, exploit, nessus, botnet, inject, backtrack, crypt, wireshark, vulnerabi, python, iphone, acking, black, source, engineering, social, google, conficker, clouds, pentest, patch, vulnerability, juniper, podcast, virus, hacker, apple, proxy, client, virtual, apache, complianc, javascript + de mots clés avec l'annuaire de la revue Twitter