djeaux logo
FasterSlasher RSS Newsfeed Display Script

FasterSlasher is a Perl script that displays a list of articles or headlines taken from a remote RSS or RDF file. Basically, you feed FasterSlasher the URL of an RSS file on the web & it will fetch the file, interpret the XML coding & display a nicely formatted list.

Output can be formatted for full-page display or SSI use. Other controls include the number of headlines/articles shown & whether descriptions are displayed in addition to titles.

XML parsing is handled by the Perl module XML::RSSLite. This is not a "standard" Perl module & your ISP may not support it. But it's easy to install locally in your own cgi-bin. (Details included in the download file.)

  • Example A: Headline listing embedded in this page using SSI. Display of item descriptions is enabled. The number of titles is set to allow this site's RSS list to "max out"...

    Bugtraq (bugtraq) Mailing List
    The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
     
    Re: Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome
    Posted by Michal Zalewski on Jul 3<p> <p> > refresh: 0; URL=javascript:alert(document.cookie) <br /> > The code will work in context of this site. <br /> <p>...which happens to be covered here for half a year or so: <br /> http://code.google.com/p/browsersec/wiki/Part2#Redirection_restrictions <br /> <p>I can't see how this could be a vulnerability per se,...
    Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome
    Posted by MustLive on Jul 3<p> <p> Hello SecurityFocus! <br /> <p>I want to warn you about Cross-Site Scripting vulnerabilities in Mozilla, <br /> Internet Explorer, Opera and Chrome. I wrote about it at my site this Monday <br /> (29.06.2009) and also informed corresponding browsers developers about this <br /> vulnerability. <br /> <p>At 21.04.2009 there was fixed...
    [oCERT-2009-007] FCKeditor input sanitization errors
    Posted by Andrea Barisani on Jul 3<p> <p> #2009-007 FCKeditor input sanitization errors <br /> <p>Description: <br /> <p>FCKeditor, a web based open source HTML text editor, suffers from a remote <br /> file upload vulnerability. <br /> <p>The input of several connector modules is not properly verified before being <br /> used, this leads to exposure of the contents of...
    [SECURITY] [DSA 1825-1] New nagios2nagios3 packages fix arbitrary code execution
    Posted by Nico Golde on Jul 3<p> <p> <p>-------------------------------------------------------------------------- <br /> Debian Security Advisory DSA-1825-1 security_at_debian.org <br /> http://www.debian.org/security/ Nico Golde <br /> July 3rd, 2009 ...
    One Click Ownage [White Paper and Scripts]
    Posted by Ferruh Mavituna on Jul 3<p> <p> This is a different and more practical approach to get a reverse shell <br /> or code execution in SQL Injections (particularly in MSSQL). The idea <br /> is simple. Getting a reverse shell from an SQL Injection with one HTTP <br /> request without using an extra channel such as TFTP, FTP to upload the <br /> initial...
    Multiple Flaws in Axesstel MV 410R
    Posted by filip.palian_at_pjwstk.edu.pl on Jul 2<p> ('binary' encoding is not supported, stored as-is) Multiple Flaws in Axesstel MV 410R <br /> <p>by Filip Palian <filip (dot) palian (at) pjwstk (dot) edu (dot) pl <br /> <p>Description: <br /> Axesstel MV 410R is a device offered by the two leading polish telecom <br /> operators Orange and Polish Telecom to provide...
    [ GLSA 200907-02 ] ModSecurity: Denial of Service
    Posted by Alex Legler on Jul 02<p> <p> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - <br /> Gentoo Linux Security Advisory GLSA 200907-02 <br /> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - <br />...
    [ GLSA 200907-01 ] libwmf: User-assisted execution of arbitrary code
    Posted by Alex Legler on Jul 02<p> <p> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - <br /> Gentoo Linux Security Advisory GLSA 200907-01 <br /> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - <br />...
    [USN-795-1] Nagios vulnerability
    Posted by Marc Deslauriers on Jul 02<p> <p> =========================================================== <br /> Ubuntu Security Notice USN-795-1 July 02, 2009 <br /> nagios2, nagios3 vulnerability <br /> CVE-2009-2288 <br /> =========================================================== <br /> <p>A security issue affects the following Ubuntu releases: <br /> <p>Ubuntu...
    [USN-794-1] Perl vulnerability
    Posted by Marc Deslauriers on Jul 02<p> <p> =========================================================== <br /> Ubuntu Security Notice USN-794-1 July 02, 2009 <br /> libcompress-raw-zlib-perl, perl vulnerability <br /> CVE-2009-1391 <br /> =========================================================== <br /> <p>A security issue affects the following Ubuntu...
    [ISecAuditors Security Advisories] Joomla! lt 1.5.12 Multiple XSS vulnerabilities in HTTP Headers
    Posted by ISecAuditors Security Advisories on Jul 02<p> <p> ============================================= <br /> INTERNET SECURITY AUDITORS ALERT 2009-007 <br /> - Original release date: June 30th, 2009 <br /> - Last revised: July 2nd, 2009 <br /> - Discovered by: Juan Galiana Lara <br /> - Severity: 6.8/10 (CVSS Base Score) <br /> ============================================= <br /> <p>I....
    [oCERT-2009-009] CamlImages integer overflows
    Posted by Andrea Barisani on Jul 2<p> <p> #2009-009 CamlImages integer overflows <br /> <p>Description: <br /> <p>CamlImages, an open source image processing library, suffers from several <br /> integer overflows which may lead to a potentially exploitable heap overflow and <br /> result in arbitrary code execution. <br /> <p>The vulnerability is triggered by PNG image...
    eAccelerator encoder files backup Vulnerability
    Posted by linuxrootkit2008_at_gmail.com on Jul 2<p> ('binary' encoding is not supported, stored as-is) eAccelerator encoder files backup Vulnerability <br /> <p>1.Description <br /> eAccelerator is a free open-source PHP accelerator, optimizer, and dynamic content cache. It increases the performance of PHP scripts by caching them in their compiled state, so that...
    Sourcefire 3D Sensor and DC, privilege escalation vulnerability
    Posted by c3rb3r_at_videotron.ca on Jul 1<p> ('binary' encoding is not supported, stored as-is) Affected product <br /> ---------------- <br /> <p>Sourcefire 3D Sensor and Defense Center 4.8.x <br />   <br /> Tested on 4.8.0.3 and 4.8.0.4, 3D Sensor 2500 & DC 1000 <br /> All 4.8.x releases, up to and including 4.8.1, confirmed vulnerable by sourcefire. <br /> <p><p>...
    [security bulletin] HPSBUX02431 SSRT090085 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Execution of Arbitrary Code
    Posted by security-alert_at_hp.com on Jul 01<p> <p> <p>SUPPORT COMMUNICATION - SECURITY BULLETIN <br /> <p>Document ID: c01756421 <br /> Version: 1 <br /> <p>HPSBUX02431 SSRT090085 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Execution of Arbitrary Code <br /> <p>NOTICE: The information in this Security Bulletin should be acted upon as soon as...

    View the last 25 posts.

  • Example B: The link below will open a full-page display for kuro5hin.org & descriptions are provided in addition to titles...

    Open a full page listing with descriptions (kuro5hin.org uses verbose descriptions!).

  • Example C: The same headlines but without the descriptions & constrained to 8 headlines.

    Open a full page listing without descriptions

In general, the SSI method is easier for most folks to use, since style sheets & other markups can be set conventionally. The full-page method requires some editing of the Perl source in order to incorporate style sheets or fancy formatting.

DOWNLOAD
 

back to djeaux home page

©2003, Joe Cliburn