At 12:00 PM -0600 2/12/07, [EMAIL PROTECTED] wrote:
Message: 1
Date: Mon, 12 Feb 2007 07:34:09 -0600 (CST)
From: Gadi Evron [EMAIL PROTECTED]
Subject: [botnets] Web Server Botnets and Server Farms as Attack
Platforms
To: botnets@whitestar.linuxbox.org
Cc:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1261-1[EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
February 15th, 2007
Hi,
I tried to use the security hole to speed up my control script for the
Speedport 500V Firmware 1.31 under Linux. Goal was to spare the login
request, which takes lots of seconds. But it does not work as expected.
The router remembers the login state. Access without password can only
be gained
##
#Meganoide's news v1.1.1 = RFi Vulnerabilities
#
#Download : http://www.spacemarc.it/scriptphp/index.php?script=meganoidesnews111
#
#Script Name : Meganoide's news v1.1.1
#
#
##
# Drake CMS v0.3.2 = RFi Vulnerabilities
#
#Download :
http://sourceforge.net/project/showfiles.php?group_id=166901package_id=192077release_id=420104
#
#Script Name : Drake CMS v0.3.2
#
#
##
#phpbb_wordsearch = RFi Vulnerabilities
#
#Download : http://www.spacemarc.it/scriptphp/index.php?script=phpbb_wordsearch
#
#Script Name : phpbb_wordsearch
#
#
##
#
+++
PBLang 4.60 = (index.php) Remote File Include Vulnerability
Script: PBLang
Version: 4.60
URL:
http://downloads.sourceforge.net/pblang/PBL465_nographics.zip?modtime=1098268125big_mirror=0
Found By: BorN To K!LL
Vendor Response: Zeus Technology
Zeus have posted an assessment of this advisory, and how it affects users of
Zeus Web Server at the following location:
http://support.zeus.com/zws/security/2007/02/15/location_http_header_injection_vulnerabi
A summary is as follows:
1. Zeus conforms that the
Hi, this did not hit bugtraq yet for some reason and it is serious. In AV
circles we are all worried about the abuse potential for this in malware.
uTorrent 1.6 build 474 (announce) Key Remote Heap Overflow Exploit
http://milw0rm.com/exploits/3296
Further Burak CIFTER wrote on this concern,
No RFI here, because 'path.php' defines the allegedly vulnerable parameter.
Stuart
plume\manager\articles.php:
require_once 'path.php';
require_once $_PX_config['manager_path'].'/prepend.php';
require_once $_PX_config['manager_path'].'/inc/class.article.php';
path.php:
On 2/15/07, Michal Zalewski [EMAIL PROTECTED] wrote:
Actually, there are several odd problems related to location updates and
location.hostname specifically, including one scenario that apparently
makes the script run with document.location in about: namespace.
I did not research them any
Multiple Vendor ClamAV CAB File Denial of Service Vulnerability
iDefense Security Advisory 02.15.07
http://labs.idefense.com/intelligence/vulnerabilities/
Feb 15, 2007
I. BACKGROUND
Clam AntiVirus is a multi-platform GPL anti-virus toolkit. The main purpose
of which is integration into
My ISP issues 2Wire modem/router/WAP boxes now. I found it very
interesting to explore what (few) changes require a password and what
ones do not.
In particular, packet filter and port forwarding changes require no
password at all - so changing your password on the router wouldn't do
you any
http://www.acm.org/classics/sep95/
Thanks to Cromar Scott for the link.
Great anecdotes there.
I especially liked his comments about companies You cannot trust code that you
didn't totally create yourself. (Especially code from companies that employ
people like me).
Exactly the thought that
* Dem_trac acces to log file wihtout authentification
* By : sn0oPy
* Risk : low
* site : http://jc.meier.free.fr
* exploit :
juste add to the url anc_sit.txt
http://www.target.ma http://www.target.ma/anc_sit.txt
Dork :
intitle:Gestion des fichiers log
* contact : [EMAIL
Dear Casper Dik,
I wasn't crying wolf about a Backdoor, heck I am not Steve Gibson. I
was asking whether somebody will investigate why this hasn't been
caught by audits or simply QA ?
CDSC And one which was too easy to discover;
You said it, it's easy to discover, so who has discovered it? Sun ?
All this hype over Treo's bug using 'Find' feature is unnecessary. This is
completely false that hacker can get access to data. I tested it myself on my
treo 650 and found out that I can only see the results after executing Find
function. As soon as I click on any one of the find results, treo
Summary
==
Oracle native authentication protocols are typical challenge-response
protocols. After some negotiation the client sends the username. If
the user exists the server sends an encrypted key. The client uses
the key to encrypt the user's password and sends it to the server.
One of
I wonder if that's the attitude the NSA and CIA had before the world trade
centre came down ?
The idea isn't world domination via telnet, but infamy via one malicious act.
You cannot ever really trust code that you don't write yourself.
You can run around with fantasies of world domination via
I believe in the early 90's there was a serious problem discovered in intel
chips that allowed certain standard code to be run
to overflow programs arbitrarily and gain access to operating systems in
an administrative capacity.
Also I remember the redhat (back in the day) repository being
* Ezboo webstats acces to sensitive files
* By : sn0oPy
* Risk : medium
* site : http://www.ezboo.com/softs
* exploit :
juste add this files to the url :
http://www.target.ma/ezwebstats/update.php
http://www.target.ma/ezwebstats/config.php
Dork :
inurl:/ezWebStats/
intitle:ezBOO
Let's taper off this thread. It's getting downright boring.
Thanks,
Anthony Nemmer
We are kind of going around and around, but there's a couple of
aspects to this that haven't even been talked about:
1) This seems like a case of old code somehow creeping back in to the
current versions,
Let's taper off this thread. It's getting downright boring.
Thanks,
Anthony Nemmer
jf wrote:
I believe in the early 90's there was a serious problem discovered in intel
chips that allowed certain standard code to be run
to overflow programs arbitrarily and gain access to operating systems in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Response: Potential exploitation of default administrative
credentials
Response ID: cisco-sr-20070215-http
http://www.cisco.com/warp/public/707/cisco-sr-20070215-http.shtml
Revision: 1.0
For Public Release
sure, of course when you contort reality to where college pranks are the
same as vast corporate conspiracies then im sure you will find plenty of
example, I however meant *real* ones, not what a college student did to
another for fun.
--
Success is not final, failure is not fatal:
I also have one of these 2Wire modems. In my endeavors I've noticed
that if the admin password is lost, it can be recovered by a
challenge/response code. Has anyone ever figured out this algorithm?
On 2/16/07, Mark Senior [EMAIL PROTECTED] wrote:
My ISP issues 2Wire modem/router/WAP boxes
26 matches
Mail list logo
