Microsoft PPTP Server and Client remote vulnerability

phion Security Advisory 26/09/2002 Microsoft PPTP Server and Client remote vulnerability Summary - The Microsoft PPTP Service shipping with Windows 2000 and XP contains a remotely exploitable pre-authentication bufferoverflow. Affected Systems

Re: Xoops RC3 script injection vulnerability fixed

In-Reply-To: [EMAIL PROTECTED] RC3.0.5 is released to fix a security vulnerability recently posted on Bugtraq ML. Overview === There was a vunerability when a user previews/submits a news in the News module, HTML tags were allowed to process. Solution === All users are

Errata: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The CVE for this issue in gv should have been CAN-2002-0838 instead of CAN-2001-0832. There was a little confusion when Red Hat originally assigned it to us out of their reserved pool. Sorry for any inconvenience.

Re: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv

From: David Endler [EMAIL PROTECTED] Date: Thu, 26 Sep 2002 08:58:48 -0600 (MDT) A proof of concept exploit for Red Hat Linux designed by zen-parse is attached to this message. It packages the overflow and shellcode in the %%PageOrder: section of the PDF. [root@victim]# ls -al

Postnuke XSS issues

I got an awful lot of email from BUGTRAQers saying that the solution for PHPNUKE's problems is to use Postnuke. This is obviously not a panacea. http://news.postnuke.com/modules.php?op=modloadname=Newsfile=indexcatid=topic=scriptalert(document.cookie);/script It's obviously apparent that CMS

RE: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Boris, Does not work for me: boris@reston-0491:~/convert$ gv -v gv 3.5.8 (debian) boris@reston-0491:~/convert$ gv gv-exploit.pdf Segmentation fault boris@reston-0491:~/convert$ ls -al /tmp/itworked ls: /tmp/itworked: No such file or

[SECURITY] [DSA 149-2] New glibc packages fix

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 149-2 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze September 26th, 2002

PHP-Nuke x.x AND PostNuke SQL Injection

Hello again, just to say that PostNuke ( fork of PHP-Nuke ) is vulnerable to the same bugs AND it is possible to inject different SQL code in order to do other funny but dangerous things. Note to the guys of those projects: Filter those URL entries!!! Cheers, Pedro Inacio

Postnuke XSS issues [correction]

As it turns out the Postnuke issue in particular is a red herring. As the lead developer describes it -- the cookie generated is a local site cookie that is sandboxed within the confines of the browser/session. It is not the remote user's cookie. It is easy to be fooled by such a vulnerability

remote SYSTEM compromise in WASD OpenVMS http server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Multiple vulnerabilities in WASD http server for OpenVMS Version 1.0, 25 Sept 2002. 0. Contents 1. Summary 2. Severity: Critical 3. Vulnerable versions 4. Description 5. Solutions 6. Examples of site weaknesses 7.

iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 iDEFENSE Security Advisory 09.26.2002 Exploitable Buffer Overflow in gv DESCRIPTION The gv program that is shipped on many Unix systems contains a buffer overflow which can be exploited by an attacker sending a malformed postscript or Adobe pdf