==
Secunia Research 03/08/2006
- PC Tools AntiVirus Insecure Default Directory Permissions -
==
Table of Contents
Affected
###
#Aria-Security.net Advisory #
#Discovered by: OUTLAW #
# www.Aria-security.net #
#Gr33t to: A.u.r.a l2odon [EMAIL
===
Ubuntu Security Notice USN-331-1August 03, 2006
linux-source-2.6.15 vulnerabilities
CVE-2006-2934, CVE-2006-2935, CVE-2006-2936
===
A security issue affects the
===
Ubuntu Security Notice USN-332-1August 03, 2006
gnupg vulnerability
CVE-2006-3746
===
A security issue affects the following Ubuntu releases:
Ubuntu 5.04
Ubuntu 5.10
William A. Rowe, Jr. wrote:
Apache HTTP Server 2.2.3 Released
The Apache Software Foundation and The Apache HTTP Server Project are
pleased to announce the release of version 2.2.3 of the Apache HTTP Server
(Apache).
This version of Apache is principally a bug and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1139-1[EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
August 3rd, 2006
Philip M. Gollucci wrote:
William A. Rowe, Jr. wrote:
Apache HTTP Server 2.2.3 Released
...
CVE-2006-3747: An off-by-one flaw exists in the Rewrite module,
mod_rewrite, as shipped with Apache 1.3 since 1.3.28, 2.0 since 2.0.46,
and 2.2 since 2.2.0.
Is a release
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
0. HISTORICAL CONSIDERATIONS
Nowadays it's very easy to have a virtual server with (for instance)
mysql and php or any other sort of server-side authentication system,
but some time ago many people were trying to use some kinds of
[MajorSecurity Advisory #27]ToendaCMS - Cross Site Scripting Issue
Details
===
Product: Toenda CMS
Affected Version: =1.0.3(stable) and 1.1
Immune Version: None known
Security-Risk: low
Remote-Exploit: yes
Vendor-URL: http://www.toenda.com/
Vendor-Status: informed
Advisory-Status:
#!/usr/bin/php -q -d short_open_tag=on
?
echo SendCard = 3.4.0 unauthorized administrative access / remote commands\n;
echo execution exploit\n;
echo by rgod [EMAIL PROTECTED];
echo site: http://retrogod.altervista.org\n;;
echo dork: \Powered by sendcard - an advanced PHP e-card
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1140-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
August 3rd, 2006
#SolpotCrew
Community
#
# modernbill ver 1.6 (DIR) Remote File Inclusion
#
# Download file : http://freshmeat.net/projects/modernbill/
#
#
#
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Drupal security advisory DRUPAL-SA-2006-011
Advisory ID:DRUPAL-SA-2006-011
Project:Drupal core
---
XSS vbulletin 3.5.4 With IE
---
Author:Stefan
Group: EnigmaGroup
---
This is XSS that only works using IE
By Saving malicous code as a .pdf and uploading as a attchment on a post. when
the attachment is viewed in
[EMAIL PROTECTED] wrote:
Title: Barracuda Arbitrary File Disclosure
This vulnerability doesn't just allow arbitrary file disclosure, but
also allows remote execution of commands through use of the pipe
characher (|), e.g:
+
+
+ ME Download System 1.3 Remote File Inclusion
+
+
+
+ Affected Software .: ME Download System 1.3
+ Venedor ...: http://www.ehmig.net/
+
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
///CYBER-WARRiOR.ORG\
#ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability
-
#Author: xoron
-
#script: ZoneX 1.0.3 - Publishers Gold Edition
-
#Class : Remote
-
[EMAIL PROTECTED]: x0r0n[at]hotmail[dot]com
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00732238
Version: 1
HPSBUX02137 SSRT051024 rev.1 - HP-UX Running Xserver
Local Execution of Arbitrary Code, Privilege Elevation
NOTICE: The information in this Security Bulletin should be
21 matches
Mail list logo