:
-add a dependency checks for openssl needed for SIP module
-modify checks for libpq.so for Postgresql module
-new module for Netware NCP
-new module for Firebird database
if you have comments, ideas or patches to exchange, please contact me off list
cheers,
david maciejak
dma-hydra-5.4
> David Maciejak wrote:
> > Hi,
> >
> > Playing around with privilege escalation I found that WLM 8.0, 8.1 and
> > probably newer (since live call feature in fact) are vulnerable to a local
> > privilege escalation issue. It's not a critical flaw.
> >
ll be addressed soon.
cheers,
David Maciejak
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
I should have detect this!
Find enclosed an nasl file to use with nessus scanner.
david
What's Up Professional 2006 is vulnerable to a spoofing attack whereby
the attacker can trick the application into thinking he/she is making a
request from the console (which is considered trusted). This at
Also available in Metasploit framework:
http://metasploit.com/projects/Framework/modules/exploits/freesshd_key_exchange.pm
david maciejak
Hi all,
Attachment is the POC exploit for freeSSHd version
1.0.9
Advisories:
http://www.securityfocus.com/bid/17958
http://www.frsirt.com/english
ch from vendor if you are a registered user
-Keep an eye on an opensource project: http://gnms.rubyforge.org
David Maciejak
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
ludes/user.php' can be
"Invalid login"
"Invalid login: incorrect password"
"Invalid login: no such user"
The weakness has been confirmed in version 1.0.1, 1.0.2, 1.0.3.
Other versions may also be affected.
David Maciejak
__
login: no such user"
The weakness has been confirmed in version 1.0.1, 1.0.2, 1.0.3.
Other versions may also be affected.
David Maciejak
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.htm
cally dead services
(the test is about every 5 min).
Proof of Concept:
I am not intent to publicly disclose the PoC.
Workaround:
Upgrade at least to NSM FP4r1 also known as 2005.1
Thanks to quick responses from Juniper Security Team.
Davi
/trac/wiki/TracDownload
Thanks for the quick fix of the Trac Team !
David Maciejak
KYXAR.FR - Mail envoyé depuis http://webmail.kyxar.fr
___
Full-Disclosure - We believe in it.
Cha
request to be long)
-Thread many listing access on this directory
Workaround:
Upgrade to version 5.5.12
David Maciejak
KYXAR.FR - Mail envoyé depuis http://webmail.kyxar.fr
11 matches
Mail list logo