This is not really a vulnerability. It is more a
server setup problem.
Normally, you should not be able to browse files in
/cgi-bin directory; you should only be able to execute
scripts and display the page resulting from them.
BUT, we do live in an imperfect world and some server
DO allow view
Regarding IMG tags in HTML email, here is a good point I received off-list.
The sender did not wish to post directly, but approved forwarding this note.
-Peter
- Forwarded message (anonymous, forwarded with permission) -
Date: Sat, 16 Jun 2001 22:55:41 +0200
To: Peter W <[EMAIL PROTECTE
According to Tim Nowaczyk:
>
> My company implemented this but went one more step. They created a
> file that had (IP, ticket) pairs. The ticket was passed around in
> URLs, but wasn't valid unless it came from the specific IP. To
> pretend to be someone else, one would have to spoof their I
On 15 Jun 01 at 12:52, [EMAIL PROTECTED] wrote:
> > When the request comes in, check if the incoming ticket matches the
> > one stored in this user's session. If it does, this particular user
> > was given the offer by our server, and not by anyone else. To spoof
> > this system, someone would
> The discussion is about preventing the users machine being "attacked"
> unknowingly. A user faking a referer themselves isn't going to be a problem,
> as not only would they be authorizing the action, but they'd be going out of
> their way to make sure it got through. Read up on the first post t
Unfortunately, using client IP in access controls/sessions will render
your service unusable for some people behind load balanced proxies. In
such environment the source IP is not tied to the user, and will change
every now and then between a set of different IP's (not to mention that
there may be
All versions of Microsoft Internet Information Services, Remote buffer
overflow (SYSTEM Level Access)
Release Date:
June 18, 2001
Severity:
High (Remote SYSTEM level code execution)
Systems Affected:
Microsoft Windows NT 4.0 Internet Information Services 4.0
Microsoft Windows 2000 Internet Info
Siberian writes:
> [Sentry Research Labs - ID0201061701]
> (c) 2001 by www.sentry-labs.com
> [...]
> Topic:
> Security Bug in CISCO TFTPD server 1.1
>
> Vendor Status:
> Informed (06/17/01)
Just for the record, I checked with my teammates and can't find any
record that you contacted the Cisco
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: kdelibs
Date:
SCO has been notified of this issue.
Original Message
Subject: SCO Tarantella Remote file read via ttawebtop.cgi
Date: Mon, 18 Jun 2001 13:06:41 -0400
From: KF <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
http://xxx/tarantella/cgi-bin/ttawebtop.cgi/?action=start&pg=../../../../
SP2 does not break MS01-026 because that hotfix is not included in SP2 (see
http://www.microsoft.com/technet/security/w2ksp2.asp). If you look at the
filename it is Q293826_W2K_SP3_x86_en.EXE which means it is going to be an
SP3 (aka post SP2) fix. Any SP3 fix should be installed AFTER SP2 is
in
DCShop vulnerability
We have seen several Web shops using your
DCShop product as E-commerce system, where it is
possble for unauthorized persons via a Web browser
to retrieve customer creditcard numbers in cleartext.
Athough the developers on their Web site
recommends not to use the b
Wichert Akkerman wrote:
-- snip --
> > Status vendor : contacted two weeks ago but no response.
>
> I'm curious who you contacted; from what I can see you did not contact
> Debian but yet you explicitly mention that Debian is vulnerable and
> claim you contacted the vendor two weeks ago.
This is
David Raitzer wrote:
>
> I assembled an effective patch for the UNICODE directory traversal
> vulnerability issue in Microsoft Personal Web Server 4.0 for Windows 95/98,
> which was noted previously on this list. It can be downloaded at:
> http://www.geocities.com/p_w_server/pws_patch/index.htm
Hi,
there is a symlink handling problem in the pcp suite from SGI. The
binary pmpost will follow symlinks, if setuid root this leads to instant
root compromise, as found on SuSE 7.1 (I doubt that this a default SuSE
package, though).
Attached a simple C source to demonstrate this (gcc pm.c -o pm
udirectory from Microburst Technologies, Inc. http://www.uburst.com/uDirectory/
allows remote command execution
Vulnerable versions: 2.0, possibly earlier versions
uDirectory is an online directory and listing management system that allows you to
easily create,
update, and maintain an on-line dir
Strumpf Noir Society Advisories
! Public release !
<--#
-= Multiple Vulnerabilities In AMLServer =-
Release date: Monday, June 18, 2001
Introduction:
Air Messenger LAN Server is a paging gateway server for MS Windows
that allows you to send and recieve messages to a paging network
over a TC
[Sentry Research Labs - ID0201061701]
(c) 2001 by www.sentry-labs.com
Note:
This advisory is for information and educational purpouse only! We
are not responsible for any abuse or damage resulting from these
information.
Author:
Siberian
Topic:
Security Bug in CISCO TFTPD server 1.1
Vendo
-BEGIN PGP SIGNED MESSAGE-
-
Debian Security Advisory DSA-063-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Wichert Akkerman
June 17, 2001
- ---
19 matches
Mail list logo