securfrog said:
> i guess you should learn some PHP before posting on bugtracks ...
>
>" net2ftp: a web based FTP client :) <= Remote File Inclusion "
>
>===> you should try your PoC before posting , there's no remote file
>include in that code ...
You are probably looking at recent versions, wh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1194-1[EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
October 9th, 2006
Hello Bugtraq,
Here we are again... During a recent penetration test i stumbled upon yet
another OpenSSH timing leak, leading to remote disclosure of valid
usernames. It's not as big as the one i found in the past (CVE-2003-0190),
but it can indeed be exploited over the Internet, nevertheless.
ECHO_ADV_52$2006
---
[ECHO_ADV_52$2006]OpenDock Easy Gallery <=1.4 (doc_directory) Multiple Remote
File Inclusion Vulnerability
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Limitations in Cisco Secure Desktop
Advisory ID: cisco-sa-20061009-csd
http://www.cisco.com/warp/public/707/cisco-sa-20061009-csd.shtml
Revision 1.0
For Public
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
__
SUSE Security Announcement
Package:php4,php5
Announcement ID:SUSE-SA:2006:059
Date:
Hello everybody HITBSecConf2006 is now over we had a blast and it was
one of our largest
conferences. Every year along with the conference we run the
Capture-The-Flag game and this
year we had teams from other parts of the world come and join us, teams
like Zone-H from italy,
Dokdo-Kor (Padocon)
//
http://www.w4cking.com
Product:
moodle 1.6.2
http://www.moodle.org
Vulnerability:
SQL injection
Notes:
- SQL injection can be used to obtain password hash
- the moodle blog "module" must be enabled
- guest access to the blog must be enabled
POC:
/blog
A security vulnerability was recently discovered in all versions of
Moodle 1.6 and later that allows SQL injection. A quick one-line fix has
already been added to CVS to patch this problem for 1.6.x and 1.7 versions.
Update your servers using CVS as soon as possible, or edit the file
blog/index.ph
//
http://www.w4cking.com
Product:
4images 1.7.x
http://www.4homepages.de
Vulnerability:
SQL injection
Notes:
- SQL injection can be used to obtain password hash
- for version 1.7.3, you must log in as a registered user
POC:
/<4images_dir>/search.php?sea
/*
[N]eo [S]ecurity [T]eam [NST] - Advisory #26 - 09/10/06
Program: PHP
Homepage: http://www.php.net
Vulnerable Versions: PHP 3, 4, 5
Risk: High!
Impact: Critical Risk
-==PHP open_base
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Freenews v1.1 <= (chemin) Remote File Include Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Discovered by XORON(turkish hacker)
-=-=-=-=-=-=-=-=-
XSS IN paFileDB 3.1 BY b0rizQ ---
ZARLOULE04 [at] HOTMAIL [dot] FR
-
FILE : pafiledb.php
Dork : (PHP Arena)
http://[traget]/pafiledb.php?action=category&id=1";>aler
ECHO_ADV_48$2006
---
[ECHO_ADV_48$2006] WebYep <= 1.1.9 (webyep_sIncludePath) Multiple Remote File
Inclusion Vulnerability
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hardened-PHP Project
www.hardened-php.net
-= Security Advisory =-
Advisory: PHP unserialize() Array Creation Integer Overflow
Release Date: 2006/10/09
Last Modified: 2006/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
PHPMyNews 1.4 <= (cfg_include_dir) Remote File Include Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Discovered by XORON(turkish hacker)
-=-=-=-=
ECHO_ADV_51$2006
-
[ECHO_ADV_51$2006] docmint <= 2.0 (MY_ENV[BASE_ENGINE_LOC]) Remote File
Inclusion Vulnerability
-
Aut
ECHO_ADV_50$2006
---
[ECHO_ADV_50$2006]OpenDock Easy Blog <=1.4 (doc_directory) Multiple Remote File
Inclusion Vulnerability
+
+
+ Advanced Poll v2.02 :) <= Remote File Inclusion
+
+
+
+ Affected Software .: Advanced Poll v2.02
+ Venedor ...: http://www.proxy2.de
+ Class ...
ECHO_ADV_49$2006
---
[ECHO_ADV_49$2006]OpenDock Easy Doc <=1.4 (doc_directory) Multiple Remote File
Inclusion Vulnerability
-
On Wed, 4 Oct 2006, Alexander Sotirov wrote:
> Rewriting the entire function in asm is a lot of unnecessary effort. Why
> didn't
> you add a simple length check and a 5-byte jump to it in the vulnerable
> function?
>
> Patch right before the call to _IE5_SHADETYPE_TEXT::TOKENS::Ptok, check the
>
#===
===
#The latest version of iSearch is V2.16 <= (index.php) Remote File Inclusion
Exploit
#===
#Bug in :index.ph
22 matches
Mail list logo