-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDEFENSE Security Advisory 10.31.02b:
http://www.idefense.com/advisory/10.31.02b.txt
Prometheus Application Framework Code Injection
October 31, 2002
I. BACKGROUND
Jason Orcutt's Prometheus is a web application framework written in
PHP. It is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDEFENSE Security Advisory 10.31.02a:
http://www.idefense.com/advisory/10.31.02a.txt
Denial of Service Vulnerability in Linksys BEFSR41 EtherFast
Cable/DSL Router
October 31, 2002
I. BACKGROUND
Linksys Group Inc.s EtherFast Cable/DSL Router with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDEFENSE Security Advisory 10.31.02c:
http://www.idefense.com/advisory/10.31.02c.txt
PHP-Nuke SQL Injection Vulnerability
October 31, 2002
I. BACKGROUND
PHP-Nuke is a news automated system specially designed to be used in
Intranets and Internet.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 186-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 1st, 2002
http://zdnet.com.com/2100-1105-964057.html
The only new is that the attacker relays the packets from the trusted
client.
This is not needed for the spoof.
The solution in the defcon 8 presentation is far more easier.
You do not need to arpspoof and NAT.
* Spoof trusted client on the same LAN:
Just take the MAC and IP of the trusted
This is known to be effective on Software Version:
SB4200-0.4.4.0-SCM06-NOSH. (possibly others?)
I am unable to replicate it against SB4220-0.6.3.0-SCM-01-NOSH
Perhaps you could try and get ATT to upgrade your CM and see
if it still applies.
This might be something Motorola has already fixed
Ok, some examples of how this could be used to have a bit of fun are at:
http://c-mills.ctru.auckland.ac.nz/Transparent/
Again I say that it's not a big deal but does demonstrate some of the
kind of things people could get up to where the print versus screen
displays differ.
I reiterate
This is known to be effective on Software Version:
SB4200-0.4.4.0-SCM06-NOSH. (possibly others?)
I am unable to replicate it against SB4220-0.6.3.0-SCM-01-NOSH
Perhaps you could try and get ATT to upgrade your CM and see if it
still applies.
This might be something Motorola has already fixed
[Note to Moderator:
This vulnerability would probably affect only the 500,000 or so Indian
subscribers of the Indian ISP - VSNL. But there being no India-specific
forum to post bugs we are posting it here.]
Name: Integrated Dialer Software for VSNL
-BEGIN PGP SIGNED MESSAGE-
Hash: MD5
Mindwall is an advanced network security system. It is a combined software
that provides you with information, alerts and controls to protect your
system from external attacks and intrusions, and internal abuses.
Mindwall major features are:
- -
Heysoft Security Bulletin
Title: Bug in EventSave and EventSave+
Date: 01 November 2002
Software: EventSave prior to version 5.3
EventSave+ prior to version 5.3
Vendor: Frank
Discovered by: HD Moore
Products Tested: Netscreen-25 (All models expected to be vulnerable)
Vendor contacted: October 23rd
Vendor confirmed: October 23rd
CVE: CVE-2001-0144 covered this bug.
Original Bug discovered by: Michal Zalewski of the BindView RAZOR Team.
In February of 2001, BindView's
I was able to duplicate this on 4 different Netscreen-100's with Software
Version 3.0.1r2.0
John
-Original Message-
From: Erik Parker [mailto:erik.parker;digitaldefense.net]
Sent: Friday, November 01, 2002 1:31 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Netscreen SSH1 CRC32
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDEFENSE Security Advisory 11.01.02:
http://www.idefense.com/advisory/11.01.02.txt
Buffer Overflow Vulnerability in Abuse
October 31, 2002
I. BACKGROUND
Abuse is a popular side-scrolling video game. More information can be
found at
That weakness would exist in any product that filters by domain name,
because many of them will not perform a reverse DNS lookup. This would be
the behavior of most home products (such as Cyberpatrol) which allow an
administrator to specify forbidden domains, but if I wanted to see the site
bad
There is a major correction to this data. Netscreen contacted me a couple
of minutes after posting this. When they confirmed it was vulnerable to
CRC32, it appears they were actually confirming there was a 'problem', and
not the actual CRC32 bug.
This DoS is unrelated to the CRC32 bug,
ion-p.exe allows Remote File Retrieving
Exploit Example:
www.Server.com/cgi-bin/ion-p.exe?page=c:\winnt\repair\sam
Zero X, member of www.lobnan.de
--
Powered by Outblaze
Hi,
ion-p.exe allows Remote File Retrieving
www.Server.com/cgi-bin/ion-p.exe?page=c:\winnt\repair\sam
The 'ion-p' *NIX version is also vulnerable. Directory traversal chars can be used,
too:
/cgi-bin/ion-p?page=../../../../../etc/hosts
Bye,
Stuart
--
Stuart Moore
19 matches
Mail list logo