-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200709-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:186
http://www.mandriva.com/security/
___
rPath Security Advisory: 2007-0194-1
Published: 2007-09-20
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Local Root Deterministic Unauthorized Access
Updated Versions:
kdebase=/[EMAIL PROTECTED]:devel//1/3.4.2-3.14-1
rPath Issue Tracking System:
https://issues.rp
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200709-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
# Name : Vigile CMS v1.8 Multiple Remote XSS Vulnerability
# Download : http://www.itcms.it/
# Date : 20-09-2007
# Author : x0kster
# Mail : [EMAIL PROTECTED]
# Note : For works, the wiki or the download module must be installed in
the site.
#
# PoCs :
#
# Wiki 1 :
http://[S
pdp (architect) wrote:
http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
I am closing the season with the following HIGH Risk vulnerability:
Adobe Acrobat/Reader PDF documents can be used to compromise your
Windows box. Completely!!! Invisibly and unwillingly!!! All it takes
is to open a PDF
Paste this code into an HTML page then link it to victim (victim must be admin)
http://VICTIMURL/nuke/admin.php";
target="aiuto" METHOD=POST>
document.Faiuto.submit()
You are admin now ;)
---
Multiple Remote File Inclusion Vulnerability
---
# Founded by : Seph1roth
# Download Script: http://sourceforge.net/projects/ed-engine/
WebED-0.8999.tar.gz
# Exploit:
+++
PhpBB Xs 2 profile.php Permanent Xss Vulnerability
+++
#Found By Seph1roth
+++
[POST METHOD]
Corrupted pa
> My upcoming research feature everything regarding this and the issue you
> have
> already discussed.
really :).. which one... the one from last year?
On 9/20/07, Aditya K Sood <[EMAIL PROTECTED]> wrote:
> pdp (architect) wrote:
> > http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
> >
> > I
What about 2.20?
Impressive vulnerability, new. Not a 0day.
Not to start an argument again, but fact is, people stop calling
everything a 0day unless it is, say WMF, ANI, etc. exploited in the wild
without being known.
I don't like the mis-use of this buzzword.
Gadi.
On Thu, 20 Sep 2007, pdp (archi
[HSC] WebBatch Applications Cross Site Scripting Vulrnability
This issue is due to a failure in the application to properly sanitize
user-supplied input. Attackers may exploit this issue via a web client. An
attacker may leverage this issue to have arbitrary script code execute in
the browser o
How to hack a server with Simple PHP Blog
uploading an htacess file from
img_upload_cgi.php page.
Tested on v0.4.9
by Demential
http://www.hackish.eu
mailto: [EMAIL PROTECTED]
video here: http://hackish.eu/video/phpblog.avi
vlc download: http://www.videolan.org/vlc/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01118367
Version: 2
HPSBUX02249 SSRT071442 rev.2 - HP-UX Running the Ignite-UX or the DynRootDisk
(DRD) get_system_info Command, Local Unqualified Configuration Change
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - --
Debian Security Advisory DSA 1364-2[EMAIL PROTECTED]
http://www.debian.org/security/ dann frazier
September 19th, 2007
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- - ---
VMware Security Advisory
Advisory ID: VMSA-2007-0006
Synopsis: Critical security updates for all supported
versions of VMwar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01123426
Version: 2
HPSBUX02251 SSRT071449 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon
as possible.
R
Hi
I have released core research paper on SIP comprising of Payload problems
and Attack vectors.
This research paper lays stress on the potential weaknesses present in
the SIP
which make it vulnerable to stringent attacks. The point of discussion is to
understand the weak spots in the protocol.
http://www.gnucitizen.org/blog/0day-pdf-pwns-windows
I am closing the season with the following HIGH Risk vulnerability:
Adobe Acrobat/Reader PDF documents can be used to compromise your
Windows box. Completely!!! Invisibly and unwillingly!!! All it takes
is to open a PDF document or stumble acros
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Summary
===
Bugzilla is a Web-based bug-tracking system, used by a large number of
software projects.
This advisory covers a critical security issue that has recently been
fixed in the Bugzilla code:
* Even with account creation disabled, users
21 matches
Mail list logo
