"Today, Mozilla made public bug #360493, which exposes Firefox's Password
Manager on many public sites. The flaw derives from Firefox's willingness to
supply the username and password stored on one page on a domain to another page
on a domain. For example, username/password input tags on a Myspa
XSS in scriptat support InverseFlow Help Desk v2.31
::
Discovered : SwEET-DeViL & viP HaCkEr & HaCkEr sUn
Name scriptat: InverseFlow Help Desk v2.31
tame : AL-garnei
K-S-A
::
#
hi
here it is, perl proxy checker using samair.ru ,
you can supply proxy list in there, max 15 lines manually,
see hints in the code :
code:
--
#!/usr/bin/perl
#
# proxck-001.pl - perl proxy list checker
#
Attention!
Calling all practitioners in the field of IT security!
The 3rd edition of the best Polish IT security conference, CONFIDENCE
2007, is taking place on May 12/13, 2007. Once again, the royal city
of Cracow (Krakow), with a little help from the ProIdea Foundation,
will host the world's be
> that vuln is about as useless as the dhcpd vuln I found. I guess it's good
> for practice, but why would you brag about finding that
Since it was a vulnerability that bugtraq could post immediately
since they didn't have to alert their corporate sugardaddies about it
first ;)
Vulnerability:
Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD
dynamic loaders.
Impact: Serious. May lead to privilege escalation.
A class of security vulnerabilities has resurfaced in the dynamic loaders
of FreeBSD, OpenBSD, and NetBSD in the sanitization of environment
variab
that vuln is about as useless as the dhcpd vuln I found. I guess it's good for
practice, but why would you brag about finding that
Impact: Serious. May lead to privilege escalation.
A class of security vulnerabilities has resurfaced in the dynamic loaders
of FreeBSD, OpenBSD, and NetBSD in the sanitization of environment
variables for suid and sgid binaries.
Due to either badly implemented sanitization or a lack of it, a s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:208-1
http://www.mandriva.com/security/
___
Windows Media ASX PlayList File Denial Of Service Vulnerability
Tested:
Windows Media 10.00.00.4036
Windows XP SP2
file "example.asx":
This vulnerability was patched from v2.6.3.
Jim
Given that NGS Software participated in Microsoft's Security Development
Lifecycle [1] and your paper is already being referenced by Microsoft
employees [2], the following question should be addressed to ensure the
comparison is fair:
Did NGS Software find any bugs in a version of SQL Server mentio
Hi Matt,
Given that NGS Software participated in Microsoft's Security Development
Lifecycle [1] and your paper is already being referenced by Microsoft
employees [2], the following question should be addressed to ensure the
comparison is fair:
Did NGS Software find any bugs in a version of SQL S
Hi Steve,
There seems to have a common association between signedess errors and
integer overflow:
http://www.phrack.org/archives/60/p60-0x0a.txt
IMHO, they are not the same. The issue seems pretty much like Apache
Chunked-Encoding Signedess error (when dealing with chunked http
header values) an
Gruzicki Wlodek wrote:
( By default banner hasn't got set suid bit )
Why in the world would someone add a suid bit to banner? Maybe it's a
bug, but you had to work hard to turn it into a vulnerability.
==
Secunia Research 22/11/2006
- PassGo SSO Plus Insecure Default Directory Permissions -
==
Table of Contents
Affected Software...
.=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-.
| __ |
| .-" "-. |
| / banner \ |
| _ | | _ |
|( \ |, .-. .-. ,|
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 21, 2006 5:07 AM
> To: bugtraq@securityfocus.com
> Subject: LS-20061113 - CA BrightStor ARCserve Backup Remote
> Buffer Overflow Vulnerability
>
> LS-20061113
>
> LSsec has discovered a v
18 matches
Mail list logo