Dropbear SSH server Denial of Service
Credits: Pablo Fernandez
March 7th, 2006
I. BACKGROUND
Dropbear is a relatively small SSH 2 server and client. It runs on a
variety of POSIX-based platforms. Dropbear is open source software,
distributed under a MIT-style license. Dropbear is particularly us
Arhont Ltd - Information Security
Arhont Advisory by: Konstantin V. Gavrilenko (http://www.arhont.com)
http://www.hackingciscoexposed.com
Arhont ref: arh200511-1
Advisory: Cisco PIX embryonic state machine TTL(n-1) DoS
Class:
Arhont Ltd - Information Security
Arhont Advisory by: Konstantin V. Gavrilenko (http://www.arhont.com)
http://www.hackingciscoexposed.com
Arhont ref: arh200601-1
Advisory: Cisco PIX embryonic state machine 1b data DoS
Class:
We encountered an interesting bug while working on our web interfaces. We
posted it to Sun, but we are curious if the security community sees any way to
exploit this in more than a DOS sense. This isnt our speciality, that's why we
are inquiring here.
This is a copy of the post to Sun's bug tr
New eVuln Advisory:
ShoutLIVE PHP Code Execution & Multiple XSS Vulnerabilities
http://evuln.com/vulns/87/summary.html
Summary
eVuln ID: EV0087
CVE: CVE-2006-0940 CVE-2006-0941
Software: ShoutLIVE
Sowtware's Web Site:
http://cynic.x10hosting.com/downloadfile.ph
###
Luigi Auriemma
Application: Alien Arena 2006 Gold Edition
http://red.planetarena.org
Versions: <= 5.00
Platforms:Windows and Linux
Bugs: A] safe_cprintf server form
"Loudblog is a sleek and easy-to-use Content Management System (CMS) for
publishing media content on the web."
SQL Injection in podcast.php (magic_quotes=off):
http://[target]/loudblog/podcast.php?id=1' and '1'='0' union select
password,null,null,null,null,null,null,null,null,null,null,null,null
What: Purple paper on discovery and exploitative vhost hacking techniques.
Whom (target audience): pentesters.
Where:
http://public.gnucitizen.org/papers/exegesis.pdf
http://www.ikwt.com/projects/exegesis.pdf
Nick Boyce wrote:
> Hmmm. I didn't realise the "Show Images" setting got stored, and I
> don't think that's the best strategy from a privacy point of view.
It surprised me, too. The threat model was spammers trying to verify
live addresses, and in that model loading a webbug multiple times is no
w
Cpanel hsa the vulnerability to discover the path of the files
exp:
loginto your cpanel account
goto fantastico
try to install one of the scripts ! exp: 4images
if the server set a permission on the /tmp , cpanel tmp files yuo should see
this
Warning: main(/home/userid/public_html/fantversion.
I've sent this issue into Linksys referening this post as that I have the
problem myself.
Application: IM Lock 2006
Vendor: www.comvigo.com
Corporation: Comvigo, Inc.
Version: Latest: (2 March 2006) - Home Edition, Enterprise & Professional
Description: IM Lock 2006 discloses passwords to local users.
Background:
===
Security Auditing & Management software, IM Lock controls a
I've tested this and cannot get SQL to execute. The "s" parameter is run past
PHP's intval() which knocks off anything that's not a number.
Can you explain how you got this to work?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 987-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
March 7th, 2006
This is not the first time that we see those kind of "attacks", but on
the recent days, I've noticed those requests on my webservers with a
considerable frequency:
83.84.14X.XXX - - [06/Mar/2006:18:18:12 -0500] "GET
/index2.php?option=com_content&do_pdf=1&id=1index2.php?_REQUEST[option]=com_conten
--
HYSA-2006-004 h4cky0u.org Advisory 013
--
Date - Tue Mar 07 2006
TITLE:
==
phpBannerExchange 2.0 Directory Traversal Vulnerability
SEVERITY:
=
High
SOFTWARE:
summary
software: Link Bank
vendors website: http://daverave.64digits.com/index.php?page=linkbank
versions: n/a
class: remote
status: unpatched
exploit: available
solution: not available
discovered by: retard
risk level: hi
Version 5 is the only WRT54G that runs VXWorks (for now)
http://www.linksysinfo.org/modules.php?name=Content&pa=showpage&pid=6#table
Mine is version 4, so I cannot test this.
Daniel Ramírez Valdez, CISSP
Neoris / Networking Group
Office: 52.81..5442
Mobile: 52.81.8064.4845
mailto: [EMAIL PRO
summary
software: HitHost
vendors website: http://daverave.64digits.com/index.php?page=hithost
versions: <= 1.0.0
class: remote
status: unpatched
exploit: available
solution: not available
discovered by: retard
risk level:
19 matches
Mail list logo