Local file retrieving in QNX Internet Appliance Toolkit http-daemon
(web.server)
Vendor-URL: http://www.qnx.com
Description:
----
I recently found a 3,5-disk labeled with QNX-demo on my desk. This is
the Take the 1.44M Web Challenge!-disk I got it in 1998. I couldn't find
the demo on the
Informations :
°
Language : PHP
Version : Free 2.2.1
Website : http://www.pmachine.com
Problem : Include() Security Hole
PHP Code/Location :
°°°
This will work if register_globals is ON *OR* OFF.
/pm/lib.inc.php :
hi...
Topic: MyServer 0.4.1 DOS
Product:Myserver 0.4.1 (http://myserverweb.sourceforge.net)
Note: yep, I'm on the dole, anyone wanna give me a job :)
Vendor Notification:Wps, sorry i forgot ;)
Background:
(from homepage)
MyServer is a free and easy to
Many XSS Vulnerabilities in XMB Forum.
Program Name : XMB Forum
AffectedVersion : 1.8 Partagium (may be the newest version)
Home Page: http://www.xmbforum.com
Author : Knight Commander (at hackervn.net)
+Vul:
In this link:
=
Kereval Security Advisory [KSA-001]
Multiple vulnerabilities in Tutos
=
PROGRAM: Tutos
HOMEPAGE: http://www.tutos.org
VULNERABLE VERSIONS: 1.1
RISK: Medium/High
IMPACT: Cross Site Scripting
RELEASE
INetCop Security Advisory #2003-0x82-018
Title: GNATS (The GNU bug-tracking system) multiple buffer overflow vulnerabilities.
0x01. Description
About:
GNATS is a portable
Hi everyone.
I don't know if this is a new issue but it is a simple way to
bypass (in some limited form) ZoneAlarm's Application level
Internet access blocking.
Windows dll shell32.dll exports a well known and documented function called
ShellExecute. From Win32 Programmer's refference:
Sorry, no pretty describing document this time.
--
kokanin
DSR-korean-elm.pl---txt.poo.av.is.gay
Description: Binary data
Knud Erik Højgaard wrote:
Sorry, no pretty describing document this time.
Oops, haste makes waste.
The shellcode is by eSDee, not zillion.
--
kokanin
On Sun, 8 Jun 2003, Nicholas Weaver wrote:
IF the hash is good, FINDING collisions doesn't necessarily help the
attacker, as the attacker really needs to generate lots of collisions
to make the searches O(n) instead of O(1), since that is teh key
behind this attack.
First, I myself assume
--
- EXPL-A-2003-010 exploitlabs.com Advisory 010
--
-= PerlEdit =-
exploitlabs.com
June 21, 2003
Vunerability:
-
lt;scriptgt;
wnd=open(about:blank,,);
wnd.moveTo(screen.Width,screen.Height);
WndDoc=wnd.document;
WndDoc.open();
WndDoc.clear();
buffer=;
for(i=1;i=127;i++)buffer+=X;
buffer+=DigitalScream;
WndDoc.write(HR align='+buffer+');
WndDoc.execCommand(SelectAll);
WndDoc.execCommand(Copy);
TA-2003-06 Denial of Service Attack against Armida Databased Web Server v1.0
contributed by: rushjo
Tripbit Security Advisory
TA-2003-06 Denial of Service Attack against Armida Databased Web Server v1.0
TA-2003-06 php-form-misconfiguration in VisNetic WebMail v.5.8.6.6
contributed by: rushjo
=
Tripbit Security Advisory
TA-2003-06 php-form-misconfiguration in VisNetic WebMail v.5.8.6.6
Hi,
I'm writing to correct a fatal reporting that was posted to one of the
security focus mailing lists about SquirrelMail. It discusses files
being accessible via the SquirrelMail website, and criticizes
SquirrelMail to be at fault. The details for the exploit can be seen
on the bugtraq
XSS Exploit In phpBB viewtopic.php
A: BACKGROUND [from phpbb.com]
phpBB is a high powered, fully scalable, and highly customisable open-
source bulletin board package. phpBB has a user-friendly interface, simple
and straightforward administration panel, and helpful FAQ. Based on the
powerful
Product: Sambar Server
Vendor: Sambar Technologies
Versions:
VULNERABLE
- 6.0 ?
- 5.x
- 4.x
- 3.x
NOT VULNERABLE
- ?
-
Description:
Multi-threaded, extensible
TA-2003-06 Directory Transversal Vulnerability in iWeb Server 2
contributed by: rushjo
==
Tripbit Security Advisory
TA-2003-06 Directory Transversal Vulnerability in iWeb Server 2
-Original Message-
From: Christopher Rector [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 19, 2003 9:11 AM
To: Scott R. Patronik
Subject: Re: PALM DESKTOP SOFTWARE / WIN 2000
If a user logged in and the workstation is locked, the answer
is yes the user can still retrieve
19 matches
Mail list logo