Re: net2ftp: a web based FTP client :) <= Remote File Inclusion

securfrog said: > i guess you should learn some PHP before posting on bugtracks ... > >" net2ftp: a web based FTP client :) <= Remote File Inclusion " > >===> you should try your PoC before posting , there's no remote file >include in that code ... You are probably looking at recent versions, wh

[SECURITY] [DSA 1194-1] New libwmf packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1194-1[EMAIL PROTECTED] http://www.debian.org/security/ Moritz Muehlenhoff October 9th, 2006

yet another OpenSSH timing leak?

Hello Bugtraq, Here we are again... During a recent penetration test i stumbled upon yet another OpenSSH timing leak, leading to remote disclosure of valid usernames. It's not as big as the one i found in the past (CVE-2003-0190), but it can indeed be exploited over the Internet, nevertheless.

[ECHO_ADV_52$2006]OpenDock Easy Gallery <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability

ECHO_ADV_52$2006 --- [ECHO_ADV_52$2006]OpenDock Easy Gallery <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability -

Cisco Security Advisory: Limitations in Cisco Secure Desktop

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Limitations in Cisco Secure Desktop Advisory ID: cisco-sa-20061009-csd http://www.cisco.com/warp/public/707/cisco-sa-20061009-csd.shtml Revision 1.0 For Public

SUSE Security Announcement: php4,php5 (SUSE-SA:2006:059)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 __ SUSE Security Announcement Package:php4,php5 Announcement ID:SUSE-SA:2006:059 Date:

HITBSecConf2006 CTF Source code and daemons

Hello everybody HITBSecConf2006 is now over we had a blast and it was one of our largest conferences. Every year along with the conference we run the Capture-The-Flag game and this year we had teams from other parts of the world come and join us, teams like Zone-H from italy, Dokdo-Kor (Padocon)

SQL injection - moodle

// http://www.w4cking.com Product: moodle 1.6.2 http://www.moodle.org Vulnerability: SQL injection Notes: - SQL injection can be used to obtain password hash - the moodle blog "module" must be enabled - guest access to the blog must be enabled POC: /blog

Re: [Full-disclosure] SQL injection - moodle

A security vulnerability was recently discovered in all versions of Moodle 1.6 and later that allows SQL injection. A quick one-line fix has already been added to CVS to patch this problem for 1.6.x and 1.7 versions. Update your servers using CVS as soon as possible, or edit the file blog/index.ph

SQL injection - 4images

// http://www.w4cking.com Product: 4images 1.7.x http://www.4homepages.de Vulnerability: SQL injection Notes: - SQL injection can be used to obtain password hash - for version 1.7.3, you must log in as a registered user POC: /<4images_dir>/search.php?sea

PHP open_basedir with symlink() function Race Condition PoC exploit

/* [N]eo [S]ecurity [T]eam [NST] - Advisory #26 - 09/10/06 Program: PHP Homepage: http://www.php.net Vulnerable Versions: PHP 3, 4, 5 Risk: High! Impact: Critical Risk -==PHP open_base

Freenews v1.1 <= (chemin) Remote File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Freenews v1.1 <= (chemin) Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by XORON(turkish hacker) -=-=-=-=-=-=-=-=-

XSS IN paFileDB 3.1

XSS IN paFileDB 3.1 BY b0rizQ --- ZARLOULE04 [at] HOTMAIL [dot] FR - FILE : pafiledb.php Dork : (PHP Arena) http://[traget]/pafiledb.php?action=category&id=1";>aler

[ECHO_ADV_48$2006] WebYep <= 1.1.9 (webyep_sIncludePath) Multiple Remote File Inclusion Vulnerability

ECHO_ADV_48$2006 --- [ECHO_ADV_48$2006] WebYep <= 1.1.9 (webyep_sIncludePath) Multiple Remote File Inclusion Vulnerability --

Advisory 09/2006: PHP unserialize() Array Creation Integer Overflow

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PHP unserialize() Array Creation Integer Overflow Release Date: 2006/10/09 Last Modified: 2006/

PHPMyNews 1.4 <= (cfg_include_dir) Remote File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= PHPMyNews 1.4 <= (cfg_include_dir) Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by XORON(turkish hacker) -=-=-=-=

[ECHO_ADV_51$2006] docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File Inclusion Vulnerability

ECHO_ADV_51$2006 - [ECHO_ADV_51$2006] docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File Inclusion Vulnerability - Aut

[ECHO_ADV_50$2006]OpenDock Easy Blog <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability

ECHO_ADV_50$2006 --- [ECHO_ADV_50$2006]OpenDock Easy Blog <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability

Advanced Poll v2.02 :) <= Remote File Inclusion

+ + + Advanced Poll v2.02 :) <= Remote File Inclusion + + + + Affected Software .: Advanced Poll v2.02 + Venedor ...: http://www.proxy2.de + Class ...

[ECHO_ADV_49$2006]OpenDock Easy Doc <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability

ECHO_ADV_49$2006 --- [ECHO_ADV_49$2006]OpenDock Easy Doc <=1.4 (doc_directory) Multiple Remote File Inclusion Vulnerability -

Re: [funsec] Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()]

On Wed, 4 Oct 2006, Alexander Sotirov wrote: > Rewriting the entire function in asm is a lot of unnecessary effort. Why > didn't > you add a simple length check and a 5-byte jump to it in the vulnerable > function? > > Patch right before the call to _IE5_SHADETYPE_TEXT::TOKENS::Ptok, check the >

The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit

#=== === #The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion Exploit #=== #Bug in :index.ph