Informations :
°°
Website : http://www.plansbiz.net
Version : 3.5 GOLD
Problems : File copy/upload
PHP Code/Location :
°°°
room/save_item.php :
if($name == OR $ref == ){
echo You are fogot enter
I've seen this problem with NCFTP 2.7.1 on Solaris 8, and I wondering if
anyone knew of a fix for this or could tell me if I'm just missing
somethinhg obvious.
Here's what I tested with ncftp.
I have 2 virtual users, userA and userB. UserA puts a file, then when
userB ftp's to that
Todd (and lists),
You wrote:
This is not completely correct, and I wanted to clarify how an attack
against a domain-member's EFS encrypted files can work. The threat
model is this:
It is important to distinguish between a weakness in EFS (there is none,
as described here) and the risk
-BEGIN PGP SIGNED MESSAGE-
__
SGI Security Advisory
Title: IRIX ToolTalk RPC Server Format String Vulnerability update
Number : 20021102-02-P
Date : January 21, 2003
Reference:
Original Message:
-
From: [EMAIL PROTECTED] [EMAIL PROTECTED]
Date: Wed, 22 Jan 2003 09:00:58 -0500
To: [EMAIL PROTECTED]
Subject: Path Parsing Errata in Apache HTTP Server
Path Parsing Errata in Apache HTTP Server
ABSTRACT
The Apache HTTP Server http://httpd.apache.org/
I thought this news might interest the group ...
ExtremeTech (http://extremetech.com) just released an article on a new type of
vulnerability recently reported to CERT, Cross-Site Tracing (XST).
After months of extensive research, San Jose California-based WhiteHat Security has
unmasked a flaw
YabbSE Remote Code Execution Vulnerability ( By Mindwarper :: [EMAIL PROTECTED] :: )
--- ---
--
Vendor Information:
--
Homepage : http://www.yabbse.org
Vendor : informed
Mailed advisory: 21/01/02
Vender Response : None
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 235-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
January 22nd, 2003
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: printer-drivers
Version : 3.0;3.1;3.2
Website : http://zorum.phpoutsourcing.com/
Problem : Include file
File:
-
include.php
-
PHP Code:
-
[...]
include($gorumDir/generformlib_multipleselection.php);
Hello everybody.
We found vulnerability in WinRAR 3.10 or lower version,
and reported details to Author of this Software at 2003/01/12.
Fixed version 3.11 of WinRAR was released,
so we release the Information about this vulnerability.
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I recently completed a white paper that demonstrates some techniques
that can be used for detecting spoofed MAC addresses on 802.11
networks. In this paper I identify tactics that can be used to
identify the use of the Wellenreiter, FakeAP and
Version: All
Script: edit.php
vendor: itop10.net
Type: Code Injection/Execution Vulnerability
---
Another critical vulnerability has been found by the CyberArmy Security
Research Team that effects php topsites.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 233-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
January 21st, 2003
On Wed, 22 Jan 2003, Pete Soderling wrote:
I thought this news might interest the group ...
ExtremeTech (http://extremetech.com) just released an article on a new type of
vulnerability recently reported to CERT, Cross-Site Tracing (XST).
After months of extensive research, San Jose
-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package:susehelp
Announcement-ID:SuSE-SA:2003:005
Date: Mon Jan
16 matches
Mail list logo
