-BEGIN PGP SIGNED MESSAGE-
_
SGI Security Advisory
Title: IRIX XFS filesystem denial of service attack
Number: 20020402-01-P
Date: April 15, 2002
wbboard 1.1.1 Cross Site Scripting Vulnerability
- -
Affected program: wbboard 1.1.1 is a phpBB-like PHP forum
Vendor : http://www.woltlab.de/
Vulnerability-Class : Cross Site Scripting (CSS)
OS specific : No
Problem-Type: Joke
severity
-
itcp advisory 12 [EMAIL PROTECTED]
http://www.it-checkpoint.net/advisory/12.html
April 14th, 2002
-
Several x-dev.de Guestbook and xNewsletter Vulnerabilities ( www.x-de
At 01:25 PM 4/12/2002, Manuel Bouyer wrote:
>NetBSD isn't vulnerable either.
What about Solaris? Its /bin/mail does not appear to have the -I
option.
--Brett Glass
On Fri, Apr 12, 2002 at 09:25:54PM -0600, Brett Glass wrote:
> At 01:25 PM 4/12/2002, Manuel Bouyer wrote:
>
> >NetBSD isn't vulnerable either.
>
> What about Solaris? Its /bin/mail does not appear to have the -I
> option.
>From my 2.7 install, it seems that /bin/mail desn't have any shell-esca
The Nortel CVX 1800 is a modem bank containing up to 2600 modems per box.
Many ISP's are using them for their dial-up customers.
While querying the CVX-1800 for SNMP codes to use in a modem statistics
program I was writing, I discovered the CVX-1800 will spill out all user
names and password
There are a number of vulnerabilities in the Melange chat system. I sent
the following email over a month ago to its author, who is not actively
maintaining it. I include some fixes for the problems encountered, but
caution that I am no longer working on it, and that there are probably
others
Actually on my Win2k install (AIM version 4.7.2480), the file is in:
C:\Documents and Settings\\Application Data\Aim\
which would not be accessable by anyone but the user or someone with
Administrator's rights
- Original Message -
From: "sunny licious" <[EMAIL PROTECTED]>
To: <[EMAIL P
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ppp-design found the following cross-site-scripting bug in SunShop
Shopping Cart:
Details
- ---
Product: SunShop Shopping Cart
Version: 2.5 and maybe all versions before
OS affected: all OS with php and mysql
Vendor-URL: http://www.turnkeywebtoo
Ive been able to do this on publicly accessible
computers...such as university labs...You can see
the buddy list of other people who have signed on to
AIM on that computer. On win2k in the folder named
winnt/AIM95/"screenname" there is a file called
userinfo.bag which stores all the na
To: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
__
Caldera International, Inc. Security Advisory
Subject:UnixWare 7.1.1 : Multiple Vulnerabilities in BIND
Advisory number:
Sunday, April 14, 2002
1. Not Possible
Technically it cannot be possible to create an html mail message from
a mailto url scheme without user input. However shoe-horning html in
through insertion of script tags does make it possible. Default
installation of Outlook Express and probably Outloo
Release : April 15 2002
Author : Spybreak ([EMAIL PROTECTED])
Software : Webalizer
Version : 2.01-09, 2.01-06
URL : http://www.mrunix.net/webalizer/
Status : vendor contacted
Problems : remote buffer overflow
--- INTRO ---
The Webalizer is a web server log file analysis program
whi
13 matches
Mail list logo