DATE: July 18 - 19, 2006
LIVE EVENT: A Survey of Computer Forensics Tools ...
LOCATION: San Francisco, CA
Register Now		 DATE: 6/22/2006 2:00 p.m. New York / 7:00 ...
WEBINAR: How to Reduce the Cost & Complexity of ...
SPONSORS: PatchLink
Register Now
Home > Topics

Dark Reading Keywords : Perimeter Security : Network IDS  

 Documents in this Topic
News Analysis Other Content
Dark Reading News Analysis: AirMagnet: Life Beyond Security
  May 18, 2006 : Vendor broadens focus in anticipation of a shakeout in wireless intrusion detection market
Dark Reading News Analysis: Bank Looks for Anomalies
  May 03, 2006 : Investment bank Thomas Weisel Partners has decided to forego intrusion detection systems in favor of anomaly detection
Dark Reading News Analysis: Interop Brings Big NAC Attack
  April 30, 2006 : Network access control is on a roll. Here's a quick market overview and a roundup of newly-announced products
Archive 
 
Other Content News Analysis
Dark Reading News From Other CMP Sites: New Security Products On Tap From HP Procurve
  May 15, 2006 : Hewlett-Packard’s ProCurve Networking unit plans this week to expand its wireless lineup while touting the security road map of its networking portfolio
Dark Writing: Where's the NAC Business Case?
  May 12, 2006 : It doesn't generate revenue, so why take it seriously?
 
Dark Reading's repository of intel on IT security. More of a 'megabase' than a database, Dark Entries lets you dig for information, or share your expertise. The choice is yours, grasshopper.
ENTERPRISE VULNERABILITIES
Vulnerability: ISPConfig ISPConfig
Published: 2006-06-15
Severity: HIGH
Description: Multiple PHP
remote file inclusion
vulnerabilities in ISPConfig
2.2.3 allow remote attackers to
execute arbitrary PHP code via
a URL in the (1)
go_info[isp][classes_root]
parameter in (a)
server.inc.php, and the (2)
go_info[server][classes_root]
parameter in (b) app.inc.php,
(c) login.php, and (d)
trylogin.php.
Vulnerability: Codewalkers ltwCalendar
Published: 2006-06-15
Severity: HIGH
Description: ** DISPUTED **
PHP remote file inclusion
vulnerability in
Ltwcalendar/calendar.php in
Codewalkers Ltwcalendar 4.1.3
allows remote attackers to
execute arbitrary PHP code via
a URL in the
ltw_config[include_dir]
parameter. NOTE: CVE disputes
this claim, since the
$ltw_config[include_dir]
variable is defined as a static
value in an include file before
it is referenced in an
include() statement.
Vulnerability: Amr Talkbox Amr Talkbox
Published: 2006-06-15
Severity: HIGH
Description: ** DISPUTED **
PHP remote file inclusion
vulnerability in talkbox.php in
Amr Talkbox allows remote
attackers to execute arbitrary
PHP code via a URL in the
direct parameter. NOTE: this
issue has been disputed by CVE,
sine the $direct variable is
set to a static value just
before the include statement.
Vulnerability: Cescripts Realty Home Rent
Published: 2006-06-15
Severity: LOW
Description: Cross-site
scripting (XSS) vulnerability
in index.php in Cescripts
Realty Home Rent allows remote
attackers to inject arbitrary
web script or HTML via the
sel_menu parameter.
Vulnerability: Cescripts Realty Room Rent
Published: 2006-06-15
Severity: LOW
Description: Cross-site
scripting (XSS) vulnerability
in index.php in Cescripts
Realty Room Rent allows remote
attackers to inject arbitrary
web script or HTML via the
sel_menu parameter.
POWERFUL INFORMATION
AT YOUR FINGERTIPS
(SPONSORED LINKS)
Application Security  |  Attacks / Exploits / Threats  |  Authentication  |  Browser security  |  Buffer overflows  |  Computer crime  |  Encryption  |  Encryption  |  End-user monitoring   |  Financials  |  Firewalls  |  Host intrusion prevention  |  Host Protection  |  Industry Trends   |  IPS  |  Law enforcement  |  Legal & Regulatory Topics  |  Legislation  |  Malware  |  Managed services  |  Market Research  |  Messaging Security  |  Microsoft  |  NAC  |  Patch management  |  Perimeter Security  |  Phishing  |  Policy management  |  Rootkits  |  Security Administration / Management  |  Security Industry  |  Security Services  |  Social engineering  |  Spyware  |  SSL  |  Storage Security  |  Stored data losses  |  Symantec  |  Trojans  |  User privacy  |  Vendors  |  Viruses  |  VOIP security  |  VPNs  |  Vulnerabilities  |  Vulnerability Management  |  Vulnerability management  |  Web application firewall  |  WLANs  |  Worms
Dark Reader Weekly Newsletter
Dark Reading Daily Newsletter
 MORE INFO
Copyright © 2000-2006 Light Reading Inc. - All rights reserved.
RSS FEED  |   ARCHIVE  |   FREE NEWSLETTER  |   ORDER REPRINTS  |   ADVERTISE WITH US  |   TECHWEB  |   CONTACT US  |   USER PREFERENCES  |   HELP
Companies
Aventail (3), CA (3), Check Point (8), Cisco (10), Enterasys (2), F-Secure (2), HP (1), IBM (4), Intel (1), ISS (3), Juniper (6), Lucent (1), McAfee (8), Microsoft (92), Nortel (3), Oracle (4), RSA (3), Secure Computing (1), Sun (3), Symantec (24), Trend Micro (2), VeriSign (3)

Application and Perimeter Security (Sponsored by Microsoft)
802.11x (4), Anomaly detection (2), Anti-spam (8), Application quality assurance (2), Application scanning (6), Auditing (3), Buffer overflows (11), CERT (2), Consultants (1), Cross-site scripting (4), Database encryption (3), Digital vaults (2), DOS (9), EAP/LEAP (1), Email gateways (2), Encryption (7), Filtering (7), Firewalls (28), FIRST (1), HIPAA (10), Host-based IDS (3), Host/server configuration (3), Host/server encryption (1), IDS (4), IDS (16), IM (6), IPS (21), ISO 17799 (4), Key management (5), Least-privilege user (1), License management (3), Malware (54), NAC (24), Network IDS (5), NIST (4), OWASP (2), OWASP (4), Patch management (19), PCI (6), Penetration testing (3), Phishing (30), PKI (3), Rootkits (9), SAML (1), Software metering (1), Source-code auditing (3), SOX (11), SSL (19), VPNs (26), Vulnerability assessment (11), Web App Security Consortium (3), Web App Security Consortium (2), Web application firewall (10), Web services security (10), WLANs (16), Worms (17), WPA (4), XML (3)

Discovery and management
Anomaly detection (2), Application scanning (6), COBIT (5), Consultants (1), Content filtering (9), End-user monitoring (15), Filtering (7), FISMA (4), HIPAA (10), Host intrusion prevention (19), Host-based IDS (3), IDS (16), IDS (4), IPS (21), ISACA (1), ISO 17799 (4), Log aggregation (1), Network IDS (5), OWASP (4), OWASP (2), PCI (6), Penetration testing (3), Penetration testing (2), SAML (1), SIM/SEM (12), Source-code auditing (3), SOX (11), Vulnerability assessment (11), Vulnerability management (21), Web App Security Consortium (3)

Host security
802.11x (4), Anti-spam (8), Antivirus (16), Application quality assurance (2), Authentication (26), Backup security (5), Biometrics (11), Buffer overflows (11), Digital certificates (4), Disk encryption (4), DRM (7), Encryption (3), End-user monitoring (15), File/folder encryption (7), HIPAA (10), Host anti-spam (4), Host anti-spyware (1), Host antivirus (6), Host intrusion prevention (19), Host-based IDS (3), Host/server configuration (3), Host/server encryption (1), Host/server patching (3), IEEE (3), IM (6), ISO 17799 (4), Least-privilege user (1), License management (3), NAC (24), P2P management (2), Patch management (19), PGP (2), Port control (1), Rootkits (9), Single sign-on (9), Smart cards (6), Software metering (1), SOX (11), Spyware (17), TCG (3), Tokens (3), Trojans (21), User privacy (26), Viruses (21), Worms (17), WPA (4)

Security services
Agency application (2), Application quality assurance (2), Application scanning (6), COBIT (5), Consultants (1), FISMA (4), HIPAA (10), ISO 17799 (4), Managed services (23), PCI (6), Penetration testing (2), PKI (3), Policy management (26), SIM/SEM (12), Source-code auditing (3), SOX (11)

Storage Security
AES (4), Backup security (5), COBIT (5), Database encryption (3), DES (1), Digital vaults (2), Disk encryption (4), Encryption (7), File/folder encryption (7), FISMA (4), HIPAA (10), Host/server encryption (1), Identity management (10), ISO 17799 (4), Key management (5), Law enforcement (21), Legislation (28), Offsite backup (3), PCI (6), PKI (3), SOX (11), Stored data losses (16), Triple DES (1), User privacy (26)

Wireless Security
802.11x (4), AES (4), Auditing (3), COBIT (5), DES (1), Digital certificates (4), Digital signatures (2), DOS (9), EAP/LEAP (1), FISMA (4), HIPAA (10), Host/server encryption (1), IEEE (3), IETF (2), ISO 17799 (4), Key management (5), NAC (24), Network IDS (5), PCI (6), Penetration testing (2), PKI (3), Port control (1), Tokens (3), Triple DES (1), VPNs (26), Vulnerability assessment (11), WLANs (16), WPA (4)