djeaux :: FasterSlasher demo

FasterSlasher RSS Newsfeed Display Script

FasterSlasher is a Perl script that displays a list of articles or headlines taken from a remote RSS or RDF file. Basically, you feed FasterSlasher the URL of an RSS file on the web & it will fetch the file, interpret the XML coding & display a nicely formatted list.

Output can be formatted for full-page display or SSI use. Other controls include the number of headlines/articles shown & whether descriptions are displayed in addition to titles.

XML parsing is handled by the Perl module XML::RSSLite. This is not a "standard" Perl module & your ISP may not support it. But it's easy to install locally in your own cgi-bin. (Details included in the download file.)

Example A: Headline listing embedded in this page using SSI. Display of item descriptions is enabled. The number of titles is set to allow this site's RSS list to "max out"...
Bugtraq
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

CORE-2010-0311 - eFront-learning PHP file inclusion vulnerability
Posted by CORE Security Technologies Advisories on Mar 17 eFront-learning PHP file inclusion vulnerability 1. *Advisory Information* Title: eFront-learning PHP file inclusion vulnerability Advisory Id: CORE-2010-0311 Advisory URL: <a rel="nofollow" href="http://www.coresecurity.com/content/efront-php-file-inclusion">http://www.coresecurity.com/content/efront-php-file-inclusion</a> Date published: 2010-03-16 Date of last update: 2010-03-16 Vendors contacted: Vendor name Release mode: Coordinated release 2. *Vulnerability Information* Class: PHP file inclusion [CWE-98] Impact: Code... 
Sahana 0.6.2.2 Authentication Bypass
Posted by Christopher on Mar 17Ability to completely disable authentication via stream.php and commented out module authentication code within it. <a rel="nofollow" href="http://victim/">http://victim/</a><sahana_path>/index.php?mod=admin&act=acl_enable_acl Authenticates correctly. <a rel="nofollow" href="http://victim/">http://victim/</a><sahana_path>/stream.php?mod=admin&act=acl_enable_acl Does not. 
Secunia Research: Quicksilver Forums "mysqldump" Password Disclosure
Posted by Secunia Research on Mar 17====================================================================== Secunia Research 17/03/2010 - Quicksilver Forums "mysqldump" Password Disclosure - ====================================================================== Table of Contents Affected Software....................................................1 Severity.............................................................2 Vendor's Description... 
Secunia Research: Quicksilver Forums Cross-Site Request Forgery Vulnerability
Posted by Secunia Research on Mar 17====================================================================== Secunia Research 17/03/2010 - Quicksilver Forums Cross-Site Request Forgery Vulnerability - ====================================================================== Table of Contents Affected Software....................................................1 Severity.............................................................2 Vendor's Description of... 
Secunia Research: Quicksilver Forums Backup Information Disclosure
Posted by Secunia Research on Mar 17====================================================================== Secunia Research 17/03/2010 - Quicksilver Forums Backup Information Disclosure - ====================================================================== Table of Contents Affected Software....................................................1 Severity.............................................................2 Vendor's Description of... 
CORE-2009-0803: Virtual PC Hypervisor Memory Protection Vulnerability
Posted by CORE Security Technologies Advisories on Mar 17 Core Security Technologies - CoreLabs Advisory <a rel="nofollow" href="http://www.coresecurity.com/corelabs/">http://www.coresecurity.com/corelabs/</a> Virtual PC Hypervisor Memory Protection Vulnerability 1. *Advisory Information* Title: Virtual PC Hypervisor Memory Protection Vulnerability Advisory Id: CORE-2009-0803 Advisory URL: <a rel="nofollow" href="http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug">http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug</a> Date published: 2010-03-16 Date of last update: 2010-03-16 Vendors... 
Miranda IM silent TLS failure
Posted by Jan Schejbal on Mar 17Summary: Under certain conditions, Miranda ignores the "Use TLS" setting in Jabber accounts and uses an unencrypted connection. Affected: Miranda IM (instant messenger), at least versions 0.8.16, 0.9.0 alpha build #6 Unicode and SVN rev. 11383 Description: If the following conditions are met: - "Use TLS" is enabled in the jabber account settings (Network - Jabber - Account), - "Validate SSL certificates" is... 
Vulnerabilities in VXDate for Joomla
Posted by MustLive on Mar 17Hello Bugtraq! I want to warn you about vulnerabilities in component VXDate for Joomla. ----------------------------- Advisory: Vulnerabilities in VXDate for Joomla ----------------------------- URL: <a rel="nofollow" href="http://websecurity.com.ua/3849/">http://websecurity.com.ua/3849/</a> ----------------------------- Timeline: 10.05.2009 - found the vulnerabilities. 12.01.2010 - announced at my site. 18.01.2010 - informed developers. 13.03.2010 - disclosed at my site. -----------------------------... 
[CORELAN-10-13] - Windisc Local Stack BOF
Posted by Security on Mar 17<a rel="nofollow" href="http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-013-windisc-buffer-overflow-bnz">http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-013-windisc-buffer-overflow-bnz</a> ------------------------------------------------------------------ __ __ _________ ________ / /___ _____ / /____ ____ _____ ___ / ___/ __ / ___/ _ / / __ / __ / __/ _ / __ / __ __ / /__/ /_/ / / / __/ / /_/ / / / / / /_/ __/ /_/ / / / / / /... 
[security bulletin] HPSBGN02511 SSRT100022 rev.2 - HP Small Form Factor or Microtower PC with Broadcom Integrated NIC Firmware, Remote Execution of Arbitrary Code
Posted by security-alert on Mar 17SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02048471 Version: 2 HPSBGN02511 SSRT100022 rev.2 - HP Small Form Factor or Microtower PC with Broadcom Integrated NIC Firmware, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2010-03-15 Last Updated: 2010-03-16 Potential Security Impact: Remote execution of arbitrary code Source:... 
[USN-913-1] libpng vulnerabilities
Posted by Marc Deslauriers on Mar 16=========================================================== Ubuntu Security Notice USN-913-1 March 16, 2010 libpng vulnerabilities CVE-2009-2042, CVE-2010-0205 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.... 
Last Call for Papers, CONFidence 2010, 25-26May, Last Call for Papers
Posted by Andrzej Targosz on Mar 16CONFidence 2010 Last Call for Papers #################################### Calling all practitioners in the field of IT security! The 7th edition of CONFidence 2010, is taking place in Krakow on May 25/26, 2010. <a rel="nofollow" href="http://2010.confidence.org.pl">http://2010.confidence.org.pl</a> We invite all to send the proposed topic and abstracts of presentation till the 25th of March. Please, remember that CONFidence is an open, international conference and all presentations should be given in... 
ZDI-10-032: SAP MaxDB Malformed Handshake Request Remote Code Execution Vulnerability
Posted by ZDI Disclosures on Mar 16ZDI-10-032: SAP MaxDB Malformed Handshake Request Remote Code Execution Vulnerability <a rel="nofollow" href="http://www.zerodayinitiative.com/advisories/ZDI-10-032">http://www.zerodayinitiative.com/advisories/ZDI-10-032</a> March 16, 2010 -- Affected Vendors: SAP -- Affected Products: SAP MaxDB -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 9403. For further product information on the TippingPoint IPS, visit:... 
[USN-912-1] Audio File Library vulnerability
Posted by Marc Deslauriers on Mar 16=========================================================== Ubuntu Security Notice USN-912-1 March 16, 2010 audiofile vulnerability CVE-2008-5824 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem... 
ZDI-10-031: Apple Webkit Blink Event Dangling Pointer Remote Code Execution Vulnerability
Posted by ZDI Disclosures on Mar 16ZDI-10-031: Apple Webkit Blink Event Dangling Pointer Remote Code Execution Vulnerability <a rel="nofollow" href="http://www.zerodayinitiative.com/advisories/ZDI-10-031">http://www.zerodayinitiative.com/advisories/ZDI-10-031</a> March 16, 2010 -- Affected Vendors: Apple -- Affected Products: Apple WebKit -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 9598. For further product information on the TippingPoint IPS,... 

View the last 25 posts.
Example B: The link below will open a full-page display for kuro5hin.org & descriptions are provided in addition to titles...
Open a full page listing with descriptions (kuro5hin.org uses verbose descriptions!).
Example C: The same headlines but without the descriptions & constrained to 8 headlines.
Open a full page listing without descriptions

In general, the SSI method is easier for most folks to use, since style sheets & other markups can be set conventionally. The full-page method requires some editing of the Perl source in order to incorporate style sheets or fancy formatting.

DOWNLOAD

back to djeaux home page