Affected Software: rssh - all versions prior to 2.3.0
Vulnerability: local user privilege escalation
Severity: *CRITICAL*
Impact: local users can gain root access
Solution: Please upgrade to v2.3.1
Summary
---
rssh is a restricted
re: http://www.phpbb.com/phpBB/viewtopic.php?t=352966
[Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode
[Sec] fixed XSS issue (only valid for Internet Explorer) if html tags are
allowed and enabled
[Sec] added configurable maximum login attempts to prevent
==
Secunia Research 30/12/2005
- TUGZip ARJ Archive Handling Buffer Overflow Vulnerability -
==
Table of Contents
Affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hardened-PHP Project
www.hardened-php.net
-= Security Advisory =-
Advisory: TinyMCE Compressor Vulnerabilities
Release Date: 2005/12/29
Last Modified: 2005/12/29
If you have the latest Norton Defintions you will not be ale to save the WMF
file to your hard drive. It will be detected as being infected with
Bloodhound.Exploit.56
http://securityresponse.symantec.com/avcenter/venc/data/bloodhound.exploit.56.html
Anyone know anything about:
http://www.frame4.net/mdpro
?
-Original Message-
From: Hayes, Bill [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 28, 2005 6:02 PM
To: [EMAIL PROTECTED]
Cc: bugtraq@securityfocus.com
Subject: RE: WMF Exploit
CERT now has posted Vulnerability Note VU#181038, Microsoft
Windows may be vulnerable to
Title: Yahoo mail Cross Site Scripting
Author: Simo Ben youssef aka _6mO_HaCk simo_at_morx_org
Date: 22 December 2005
MorX Security Research Team
http://www.morx.org
Service: Webmail
Vendor: Yahoo mail, and possibly others
Vulnerability: Cross Site Scripting / Cookie-Theft / Relogin attacks
Here, let's make the rendering issue simple:
Due to IE being so content help-happy there are a
myriad of IE-friend file types (e.g.-.jpg) that one
can simply rename a metafile to for purpose of web
exploitation, and IE will pull out the wonderful hey;
It is not only *.wmf extensions it is all files that
have windows metafile headers that will open with the
Windows Picture and Fax Viewer. Any file that has the
header of a windows metafile can trigger this exploit.
--- Hayes, Bill [EMAIL PROTECTED] wrote:
CERT now has posted Vulnerability
[KAPDA::#18] - WebWiz Products SQL Injection
Happy new year ! :)
KAPDA New advisory
Vulnerable products :
webwiz site news access2000 : vesion 3.06 and prior versions
webwiz journal access2000 : version 1.0
webwiz weekly poll access2000 : version 3.06 and prior versions
database login
On Thu, 29 Dec 2005, Bill Busby wrote:
It is not only *.wmf extensions it is all files that
have windows metafile headers that will open with the
Windows Picture and Fax Viewer. Any file that has the
header of a windows metafile can trigger this exploit.
Sunbelt Kerio and Bleeding Snort
12 matches
Mail list logo