[SECURITY] [DSA-2069-1] New znc packages fix denial of service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2069-1 secur...@debian.org http://www.debian.org/security/ Raphael Geissert Jul 11, 2010

Re: IIS5.1 Directory Authentication Bypass by using ?:$I30:$Index_Allocation?

Looks like URLScan blocks this vulnerability by default. I've just tried the URL against one of our old Windows 2000 servers, and it gives me a 404 error.

[SECURITY] [DSA-2068-1] New python-cjson packages fix denial of service

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2068-1 secur...@debian.org http://www.debian.org/security/Giuseppe Iuculano July 11, 2010

IE6 css set Denial of Service Vulnerability

Published by Securitylab.ir Founder: unknown style type=text/css ! - The question is which set the css style of the time wrong. css definition is f: expression (this.src = 'about: blank', this.outerHTML =''); In question should be is mshtml.dll - /*![ CDATA [*/ iframe{ f:

Metasploit Framework 3.4.1 Released

Downloads and more information at http://www.metasploit.com/ -- The Metasploit Project is proud to announce the release of the Metasploit Framework version 3.4.1. As always, you can get it from our downloads page, for Windows, Linux or as an OS-independent tarball. This release sees the first

XSS holes dotDefender

dotDefender is prone to a XSS because it doesn't satinate the input vars correctly. Injecting obfusctated JavaScript code based on references vars assignment, the dotDefender WAF is vulnerable. Class: Input Validation Error Remote: Yes Credit: David K. (SH4V) Vulnerable: till 4.02 Exploit: