: Affected Packages: Corrected Packages:
OpenPKG CURRENT <= sendmail-8.13.5-20060219 >= sendmail-8.13.6-20060322
OpenPKG 2.5 <= sendmail-8.13.5-2.5.0>= sendmail-8.13.5-2.5.1
OpenPKG 2.4 <= sendmail-8.13.4-2.4.0>= sendmail-8.13.4-2.4.1
OpenPKG 2.3
-BEGIN PGP SIGNED MESSAGE-
__
SUSE Security Announcement
Package:sendmail
Announcement ID:SUSE-SA:2006:017
Date: Wed, 22
I can't find any info on this delicious IE bug, but it seems to be publicly
known:
r=document.getElementById("c");
a=r.createTextRange();
It will badly access a (virtual?) pointer table, making EIP to jump at a random
address. This has various effects on the system I've tested
[snip]
> VII. References
> The latest revision of this advisory is available at
> ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc
[snip]
this advisory, along with the 2 other ones released this morning, are
still not visible on the project FTP server at noon US e
Date: 03/22/2006
Vendor: OSI Codes
Product: PHP Live!
Versions: tested 3.0
Vulnerability: Cross Site Scripting
Location: status_image.php
Exploit:
/phplive/js/status_image.php?base_url=alert(document.cookie)
Stumbled across this while auditing a web server, vendor has been notified.
--K-sPecial
The SunAlert for this vulnerability in Solaris and Solaris 10 patch to
fix it have been
posted to http://sunsolve.sun.com/search/document.do?assetkey=1-26-102252-1
Alan Coopersmith * [EMAIL PROTECTED] * [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1013-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
March 22nd, 2006
cutenews 1.4.1 Arbitrary File Access
Cute news is a powerful and easy for using news
management system that use flat files to store its
database.
It supports comments, archives, search function, image
uploading, backup function, IP banning, flood
protection ...
http://cutephp.com
Credit:
The in
WinHKI 1.6x Archive Extraction Directory traversal
WinHKI Archiver administrator ask me for penetration
test. here is the result :
WinHKI Archiver: compression (hki, cab, zip, gzip,
tar, jar...)
extract 14 formats (hki, rar, ace, zip, gzip, tar,
...)
Encryption / Decryption support
Full zip su
DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'
Author: Kevin Finisterre
Vendor: http://www.motorola.com
Product: 'Motorola PEBL U6, Motorola V600, other Motorola P2k based phones?'
References:
http://www.digitalmunition.com/DMA[2006-0321a].txt
http://www.motorol
New eVuln Advisory:
PHP SimpleNEWS, PHP SimpleNEWS MySQL - Authentication Bypass Vulnerability
http://evuln.com/vulns/94/summary.html
Summary
eVuln ID: EV0094
Vendor: Himpfen Consulting Company
Vendor's Web Site: http://www.himpfenconsulting.com/
Software: PHP S
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-06:11.ipsec Security Advisory
The FreeBSD Project
Topic: I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-06:12.opie Security Advisory
The FreeBSD Project
Topic: O
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-06:13.sendmail Security Advisory
The FreeBSD Project
Topic: R
14 matches
Mail list logo