-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
NSFOCUS Security Advisory(SA2003-01)
Topic: Microsoft Windows XP Redirector Local Buffer Overflow Vulnerability
Release Date: 2003-3-27
CVE CAN ID: CAN-2003-0004
Affected system:
===
- - Microsoft Windows XP
- - Microsoft Windows
Product: My guest book
Version: ?
OffSite: ?
Problem: CSS and unauthorized access in admin panel
--
1)Cross Site scripting
http://[target]/myguestBk/add1.asp?name=Namesubject=Subj[EMAIL
PROTECTED]message=scr*ptalert (Test!)/scr*pt
Or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Trustix Secure Linux Security Advisory #2003-0013
Package name: openssl
Summary: Klima-Pokorny-Rosa
Date: 2003-03-26
Affected versions: TSL 1.1,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 270-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
March 27sh, 2003
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 271-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
March 27th, 2003
In-Reply-To: [EMAIL PROTECTED]
Unfortunately, on my US Windows 2K SP3 build (and I assume all others),
those %u directives get translated into question marks. (0x003F in hex)
:
I tested it only on Korean version of Windows(Server and Professional
edition).
This exploit must be much easier to
On Wed, 26 Mar 2003 11:14:43 -0500, you wrote:
Unfortunately, on my US Windows 2K SP3 build (and I assume all others),
those %u directives get translated into question marks. (0x003F in hex)
:
%u32ac%u77e2,
I tried the %u trick while coding rs_iis.c exploit and it happened
as Dave stated so I
I told dlink about this problem last year Sepember. They told they will release a fix
I have not see a fix.
It looks like dlink will not be doing any thing about this problem.
In futher I will post here as well.
Thanks
Malkit Singh
From: Arhont Information Security [EMAIL PROTECTED]
Regards
Muhammad Faisal Rauf Danka
*** There is an attachment in this mail. ***
_
---
[ATTITUDEX.COM]
http://www.attitudex.com/
---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
//@(#) Mordred Security Labs advisory
Release date: March 27, 2003
Name: PHP for Windows - buffer overflow in openlog() function
Versions affected: all versions for Windows platforms
Risk: average
Author: Sir Mordred ([EMAIL PROTECTED])
I.
Security Corporation Security Advisory [SCSA-013]
PROGRAM: Ceilidh
HOMEPAGE: http://www.lilikoi.com
VULNERABLE VERSIONS: 2.70 and prior
Arhont Ltd - Information Security Company
Arhont Advisory by: Andrei Mikhailovsky (www.arhont.com)
Advisory: D-Link DSL Broadband Modem/Router
Router Model Name: D-Link DSL-500
Model Specific: Other models might be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Trustix Secure Linux Security Advisory #2003-0014
Package name: glibc
Summary: xdr / rpc
Date: 2003-03-26
Affected versions: TSL 1.1, 1.2, 1.5
-
Did this guy miss the discussion about this very issue like, two weeks
ago?
I think the ultimate resolution of that discussion was that users are
lazy and stupid (uninformed), not likely to change defaults or be
savvy enough to use third-party encryption software, much less be
inclined to have to
-
Red Hat Security Advisory
Synopsis: Updated kerberos packages fix various vulnerabilities
Advisory ID: RHSA-2003:051-01
Issue date:2003-03-26
Updated on:2003-03-26
Product:
I don't believe your shell code will work on other Kernel32.dll than the
version with the following ImageBase:
\x00\x00\xe7\x77 // offsets of kernel32.dll for some win ver..
Because your code is reversed as:
loc_8F:
mov eax, [esi]
add eax, ebp
cmp dword ptr [eax],
---
Immunix Secured OS Security Advisory
Packages updated: openssl, openssh, mod_ssl
Affected products: ImmunixOS 6.2, 7.0, 7+
Bugs fixed: CAN-2003-0131 CAN-2003-0147
Date: Wed Mar
I have just checked 5 different 6.5 installs some of which have been
upgraded from previous 6.5 beta's and this file most definattly does not
exist under 6.5
[EMAIL PROTECTED] wrote:
In-Reply-To: [EMAIL PROTECTED]
From: Jim Geovedi [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re:
A user of ours has reported that the D-Link DI-614+
Wireless router/firewall is vulnerable to several old,
well known vulnerablities. The user was able to reproduce
the problem multiple times with consistent results. Not
having the equipment, we have NOT reproduced these ourselves,
and would
Hey Mr. Mordred, all,
In PHP emalloc() function implements the error safe wrapper around
malloc().
Unfortunately this function suffers from an integer overflow and
considering the fact that emalloc() is used in many places around PHP
source code, it may lead to many serious security issues.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Problem: Snort-1.9.1 using a default snort.conf configuration does
not detect certain crafted packets.
Details: Snort-1.9.1 does not detect packets when the SYN,FIN and ECN
echo bits set. The following is an example of a packet:
12:37:12.386797
Vladimir Katalov [EMAIL PROTECTED] writes:
We were able to write a 'fake' plug-in fakecert.api which does
nothing, but being loaded by Adobe Acrobat (and Reader) 4 and 5
as the certified one even in 'trusted' mode, though we don't have
a 'Reader Integration Key' (this plug-in has been
22 matches
Mail list logo