[OpenPKG-SA-2006.007] OpenPKG Security Advisory (sendmail)

: Affected Packages: Corrected Packages: OpenPKG CURRENT <= sendmail-8.13.5-20060219 >= sendmail-8.13.6-20060322 OpenPKG 2.5 <= sendmail-8.13.5-2.5.0>= sendmail-8.13.5-2.5.1 OpenPKG 2.4 <= sendmail-8.13.4-2.4.0>= sendmail-8.13.4-2.4.1 OpenPKG 2.3

SUSE Security Announcement: sendmail remote code execution (SUSE-SA:2006:017)

-BEGIN PGP SIGNED MESSAGE- __ SUSE Security Announcement Package:sendmail Announcement ID:SUSE-SA:2006:017 Date: Wed, 22

IE crash

I can't find any info on this delicious IE bug, but it seems to be publicly known: r=document.getElementById("c"); a=r.createTextRange(); It will badly access a (virtual?) pointer table, making EIP to jump at a random address. This has various effects on the system I've tested

Re; FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail

[snip] > VII. References > The latest revision of this advisory is available at > ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc [snip] this advisory, along with the 2 other ones released this morning, are still not visible on the project FTP server at noon US e

PHP Live! XSS status_image.php

Date: 03/22/2006 Vendor: OSI Codes Product: PHP Live! Versions: tested 3.0 Vulnerability: Cross Site Scripting Location: status_image.php Exploit: /phplive/js/status_image.php?base_url=alert(document.cookie) Stumbled across this while auditing a web server, vendor has been notified. --K-sPecial

Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0

The SunAlert for this vulnerability in Solaris and Solaris 10 patch to fix it have been posted to http://sunsolve.sun.com/search/document.do?assetkey=1-26-102252-1 Alan Coopersmith * [EMAIL PROTECTED] * [EMAIL PROTECTED]

[SECURITY] [DSA 1013-1] New snmptrapfmt packages fix insecure temporary file

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1013-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze March 22nd, 2006

cutenews 1.4.1 Arbitrary File Access

cutenews 1.4.1 Arbitrary File Access Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports comments, archives, search function, image uploading, backup function, IP banning, flood protection ... http://cutephp.com Credit: The in

WinHKI 1.6x Archive Extraction Directory traversal

WinHKI 1.6x Archive Extraction Directory traversal WinHKI Archiver administrator ask me for penetration test. here is the result : WinHKI Archiver: compression (hki, cab, zip, gzip, tar, jar...) extract 14 formats (hki, rar, ace, zip, gzip, tar, ...) Encryption / Decryption support Full zip su

DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'

DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack' Author: Kevin Finisterre Vendor: http://www.motorola.com Product: 'Motorola PEBL U6, Motorola V600, other Motorola P2k based phones?' References: http://www.digitalmunition.com/DMA[2006-0321a].txt http://www.motorol

[eVuln] PHP SimpleNEWS, PHP SimpleNEWS MySQL - Authentication Bypass Vulnerability

New eVuln Advisory: PHP SimpleNEWS, PHP SimpleNEWS MySQL - Authentication Bypass Vulnerability http://evuln.com/vulns/94/summary.html Summary eVuln ID: EV0094 Vendor: Himpfen Consulting Company Vendor's Web Site: http://www.himpfenconsulting.com/ Software: PHP S

FreeBSD Security Advisory FreeBSD-SA-06:11.ipsec

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-06:11.ipsec Security Advisory The FreeBSD Project Topic: I

FreeBSD Security Advisory FreeBSD-SA-06:12.opie

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-06:12.opie Security Advisory The FreeBSD Project Topic: O

FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-06:13.sendmail Security Advisory The FreeBSD Project Topic: R