Some XSS vulns

2003-03-19 Thread Ertan Kurt
While searching for a CMS for my site I found out the following: ezPublish 2.2.7 http://target/search/?SectionIDOverride=1SearchText=scriptalert(document.cookie);/script also when entered an URL like http://target/scriptalert('test')/script and site admin checks latest served URLs the script will

[OpenPKG-SA-2003.023] OpenPKG Security Advisory (delegate)

2003-03-19 Thread OpenPKG
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenPKG Security AdvisoryThe OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [EMAIL PROTECTED]

[SECURITY] [DSA 264-1] New lxr packages fix information disclosure

2003-03-19 Thread Martin Schulze
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 264-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze March 19th, 2003

[INetCop Security Advisory] ++Danger++ Outblaze Web based e-mail that is exposed in very dangerous state !!!

2003-03-19 Thread dong-h0un U
== INetCop Security Advisory #2003-0x82-014.c == * Title: ++Danger++ Outblaze Web based e-mail that is exposed in very dangerous state !!! 0x01. Description Outblaze Web based e-mail is

[OpenPKG-SA-2003.024] OpenPKG Security Advisory (ircii)

2003-03-19 Thread OpenPKG
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenPKG Security AdvisoryThe OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [EMAIL PROTECTED]

SuSE Security Announcement: samba (SuSE-SA:2003:016)

2003-03-19 Thread Marc Heuse
Resent for Announcement-ID change from SuSE-SA:2003:015 to SuSE-SA:2003:016 -BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:samba, samba-client

WF-Chat

2003-03-19 Thread subj
Product : WF-Chat Version : 1.0 Beta WebSite : http://jid.2yd.ru Problem : Viewing users account. Description: For own a admin accsess in this chat u'r needing view files: Inicks.txt !pwds.txt In short, all informations about registered users be at this files And access for

SMB/CIFS Security Vulnerability in Samba on IRIX

2003-03-19 Thread SGI Security Coordinator
-BEGIN PGP SIGNED MESSAGE- __ SGI Security Advisory Title: SMB/CIFS Security Vulnerability in Samba Number : 20030302-01-I Date : March 19, 2003 Reference: CVE CAN-2003-0085

Easy DoS on Kaspersky Anti-Hacker v1.0

2003-03-19 Thread Bojan Zdrnja
Product: Kaspersky Anti-Hacker Version: 1.0 Website: http://www.kaspersky.com/buyonline.html?info=967571 1. Introduction --- Kaspersky Anti-Hacker is a Kaspersky Lab personal firewall product. As other products in this category, Kaspersky Anti-Hacker allows creation of packet and

linux kmod/ptrace bug - details

2003-03-19 Thread Andrzej Szombierski
Hello There are many discussions (on slashdot for example) on the recent linux ptrace ( kmod) bug. I'll try to clarify what is this all about. It's a local root vulnerability. It's exploitable only if: 1. the kernel is built with modules and kernel module loader enabled and 2.

[RHSA-2003:089-00] Updated glibc packages fix vulnerabilities in RPC XDR decoder

2003-03-19 Thread bugzilla
- Red Hat Security Advisory Synopsis: Updated glibc packages fix vulnerabilities in RPC XDR decoder Advisory ID: RHSA-2003:089-00 Issue date:2003-03-19 Updated on:2003-03-19

RE: EEYE: XDR Integer Overflow

2003-03-19 Thread Sinan Eren
Hi Marc, I'm looking at the xdrmem_putbytes() from solaris 8 foundation source cd, /cdrom/s8_foundation_src_en/osnet_volume/usr/src/lib/libnsl/rpc/xdr_mem.c line 168 static bool_t xdrmem_getbytes(XDR *xdrs, caddr_t addr, int len) { int tmp; trace2(TR_xdrmem_getbytes, 0, len);

Java Security Fixes on IRIX

2003-03-19 Thread SGI Security Coordinator
-BEGIN PGP SIGNED MESSAGE- __ SGI Security Advisory Title: Java Security Fixes Number : 20030303-01-I Date : March 19, 2003 Reference: CERT CA-2002-07 Reference: CERT VU#368819

MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes

2003-03-19 Thread Tom Yu
-BEGIN PGP SIGNED MESSAGE- MIT krb5 Security Advisory 2003-003 2003-03-18 Topic: faulty length checks in xdrmem_getbytes Severity: serious SUMMARY === The MIT Kerberos 5 implementation includes an RPC library derived from SUNRPC. We have been notified that the

iDEFENSE Security Advisory 03.19.03: Heap Overflow in Windows Script Engine

2003-03-19 Thread iDEFENSE Labs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 iDEFENSE Security Advisory 03.19.03: http://www.idefense.com/advisory/03.19.03.txt Heap Overflow in Windows Script Engine March 19, 2003 I. BACKGROUND Microsoft Corp.'s Windows Script Engine within the Windows operating system (OS) interprets and

CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's EvolutionMail User Agent

2003-03-19 Thread CORE SECURITY TECHNOLOGIES ADVISORIES
Core Security Technologies Advisory http://www.coresecurity.com Multiple vulnerabilities in Ximian's Evolution Mail User Agent Date Published: 2003-03-19 Last Update: 2003-03-19 Advisory ID: CORE-20030304-01 Bugtraq IDs: 7117, 7118, 7119 CVE

mutt-1.4.1 fixes a buffer overflow.

2003-03-19 Thread Thomas Roessler
Mutt versions 1.4.1 and 1.5.4 have just been released and will soon be available from ftp://ftp.mutt.org/mutt/. Both versions fix a buffer overflow in mutt's IMAP client code which was identified by Core Security Technologies, and fixed by Edmund Grimley Evans. A more detailed advisory will be

[OpenSSL Advisory] Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding

2003-03-19 Thread Bodo Moeller
OpenSSL Security Advisory [19 March 2003] Klima-Pokorny-Rosa attack on RSA in SSL/TLS === Czech cryptologists Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa have come up with an extension of the Bleichenbacher attack on RSA with PKCS #1 v1.5 padding as