This information is correct and the first address security-alert [at]
austin.ibm.com mentioned is a primary reporting address.
This address is located at OSVDB Vendor database too;
http://www.osvdb.org/vendor_dict.php?section=vendorid=1215c=I
listed as International Business Machines
New eVuln Advisory:
RedCMS Multiple XSS and SQL Injection Vulnerabilities
http://evuln.com/vulns/115/summary.html
Summary
eVuln ID: EV0115
CVE: CVE-2006-1568 CVE-2006-1569
Software: RedCMS
Sowtware's Web Site: http://redcms.co.uk/
Versions: 0.1
Critical Level:
Camino Browser HTML Parsing Null Pointer Dereference Denial of Service
Vulnerability
__
Camino Browser is prone to a denial-of-service condition when parsing certain
malformed HTML content. Successful exploitation will cause the browser to fail
or hang.
PowerClan 1.14 - SQL Injection
Software: PowerClan 1.14
Version: 1.14
Type: SQL Injection
Date: Apr 13 23:37:50 CEST 2006
Vendor: powerscripts.org
Page: http://www.powerscripts.org
Risc: min
credits:
d4igoro -
New eVuln Advisory:
aWebNews Multiple XSS and SQL Injection Vulnerabilities
http://evuln.com/vulns/116/summary.html
Summary
eVuln ID: EV0116
CVE: CVE-2006-1612 CVE-2006-1613
Software: aWebNews
Sowtware's Web Site: http://labs.aweb.com.au/awebnews.php
Versions:
k k kk k k kk kk kk k k k
k k k k k k k k k kk k k kk kk k k k k
kk k k k kk kk kk kk k k k k kk
k k k k k k k kk k kkk k k k k
k k kk k k kk kk kk k k k
k k k k k k k k k kk k k kk kk k k k k
kk k k k kk kk kk kk k k k k kk
k k k k k k k kk k kkk k k k k
k k kk k k kk kk kk k k k
k k k k k k k k k kk k k kk kk k k k k
kk k k k kk kk kk kk k k k k kk
k k k k k k k kk k kkk k k k k
Farsinews Cross-Site Scripting Path disclosure vulnerability
#'''
#Aria-Security.net Advisory
#Discovered by:[EMAIL PROTECTED] (amin emami)
#[EMAIL PROTECTED]
#Gr33t to:A.u.r.a
osCommerce = 2.2 extras/ information/source code disclosure
software site: http://www.oscommerce.com/
if extras/ folder is placed inside the www path, you can see all files on target
system, including php source code with database details, poc:
This one time, at band camp, [EMAIL PROTECTED] wrote:
If somebody has access to your phpmyadmin directory, you have a bigger issue
than this
App: phpMyAdmin 2.7.0-pl1
Advistory by: p0w3r
Exploit:
# Encyclopedia = 3.0 (login.php) CrossSite Scripting - XSS
# by n0m3rcy
# Copyright (c) 2006 n0m3rcy [EMAIL PROTECTED]
# Exploit:
www.site.com/login.php?action=formusername=usernamepassword=%22%3E%3Cscript%3Ealert(document.cookies);%3C/script%3E
# Shoutz:
cijfer , my baby , Dag myself :PpP
# Have
On a phpBB board, a user having access to the admin panel is able to execute
PHP code:
This example will execute $user_sig as PHP code:
Go to Administration Panel Styles Admin Management subSilver Edit
Set Font Colour 3 to './*
Profile
Set Signature to
I found this while auditing serendipty blog. You need a blog account (
which isnt that big of deal just google all the sites that give out free
blogs ) for this to work. After you get hte blog account you go into
your admin panel where there will be config options. The mysql details
are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1034-1[EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
April 14th, 2006
phpBB HTML template files are parsed and executed as PHP code.
This files are not well filtered so a user having access to template files can
execute PHP code. You can't trust your designer or template files you found
around the web
Example:
Replace ALL switch_enable_pm_popup in
We tested this issue on many platforms and in all cases there was reset of
apache.
Example error.log on Apache/1.3.34 (Win32) PHP/4.4.1 Windows XP :
---
[Fri Apr 14 17:17:17 2006] [info] master_main: Child processed exited
prematurely. Restarting the child process.
[Fri Apr
Title : Avast Linux Home Edition, vulnerability on a temporary folder
creation
Protuct: Avast! Linux Home Edition
Product: http://www.avast.com/eng/download-avast-for-linux-edition.html
Version: 1.0.5, 1.0.5-1
avast4workstation-1.0.5-1.i586.rpm
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200604-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Firefox Password Manager Arbtirary User Browsing History Disclosure
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1)
Gecko/20060111 Firefox/1.5.0.1
This privacy flaw has caused my fiancé and I to break-up after having dated for
5 years.
Basically, we share one
Dear Bernhard Mueller,
Opera is pretty bad at CSS, try the new fuzzer from HDM :
http://metasploit.com/users/hdm/tools/see-ess-ess-die/cssdie.html
--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
---
phpWebSite = 0.10.? (topics.php) Remote SQL Injection Exploit
---
i just plugged into the thing, and configured it for the first time... wanted
to save my settings so i used the option to save all the settings to a
configuration file on my computer. did that... and opened up the file to see
what settings the thing actually had configurable, and i found the
Hey, guess what I just found out: Microsoft have deliberately sabotaged
their DNS client's hosts table lookup functionality.
Normally you can override DNS lookup by specifying a hostname and IP
directly in the hosts file, which is searched before any query is issued to
your dns server;
On Apr 13, 2006, at 1:29 , Dave Korn wrote:
Hey, guess what I just found out: Microsoft have deliberately
sabotaged
their DNS client's hosts table lookup functionality.
I thought this was part of avoiding malware attempts to block Windows
Update.
--
brandon s. allbery
Advisory: PAJAX Remote Code Injection and File Inclusion Vulnerability
RedTeam has identified two security flaws in PAJAX.
It is possible to execute arbitrary PHP code from unchecked user
input. Additionally, it is possible to include arbitrary files on the
server ending in .class.php.
Details
On 4/13/06, Brandon S. Allbery KF8NH [EMAIL PROTECTED] wrote:
On Apr 13, 2006, at 1:29 , Dave Korn wrote:
Hey, guess what I just found out: Microsoft have deliberately
sabotaged
their DNS client's hosts table lookup functionality.
I thought this was part of avoiding malware attempts
Dave, great find! Those lists you dug up are named DomainScreenList and
HostsScreenList in the symbols for DNSAPI; here they are for
reference...
DomainScreenList:
windowsupdate.microsoft.com
windowsupdate.com
microsoftupdate.com
download.microsoft.com
update.microsoft.com
planetSearch+ - XSS Vulnerabilities
Software: planetSearch+
Version: 26.10.2005
Type: Cross Site Scripting Vulnerability
Date: Apr 13 20:44:54 CEST 2006
Vendor: PlaNet Concept e.K.
Page: http://www.planetc.de
Risc: Low
credits:
I changed $base_path to the hard coded path to all locations in application.php
and hopefully that should sanitize my site. comments?
hi,
...makes me wonder what happens if/when they need to change the
IP address of go.microsoft.com
many many people have already been burnt by the hardcoding of
addresses/IPs into their applications.
a
hi
[EMAIL PROTECTED] wrote:
hi,
...makes me wonder what happens if/when they need to change the
IP address of go.microsoft.com
many many people have already been burnt by the hardcoding of
addresses/IPs into their applications.
thats the point. its not the ip which is hardcoded. its the
On Thu, Apr 13, 2006 at 06:29:15PM +0100, Dave Korn wrote:
Hey, guess what I just found out: Microsoft have deliberately sabotaged
their DNS client's hosts table lookup functionality.
(...) I'd try to block (Windows Media Player) it in my hosts file.
Microsoft DNS client
Updated product-name/version information.
The affected product is named Saxotech Online (formerly known as Publicus),
all versions are vulnerable. (It's a 0-day.)
The sql injection has been fixed
in Confixx 3.0.9 patch build 20050519.17
On Mon, 10 Apr 2006, 3APA3A wrote:
--Wednesday, April 5, 2006, 2:12:10 PM, you wrote to bugtraq@securityfocus.com:
CKis open for any attacks as long as they are IPv6 based. If that
CKis right, this is an extremly nasty bug. If ISA Server 2004 and
CKWindows 2003 Basic
Dokeos 1.6.4 SQL Injection Vulnerability
Author: Alvaro Olavarria [EMAIL PROTECTED]
Affected: Dokeos = 1.6.4
Status: Notified hereby
Vendor url: http://www.dokeos.com
Background.
Dokeos is an Open Source elearning and course management web application
translated in 34 languages
and helping
37 matches
Mail list logo