> The following WMF exploit appeared on milw0rm today:
> http://www.milw0rm.com/exploits/3111
Another 'old new thing' (i.e. plagiarism):
http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048530.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048547.html
> The vu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Symantec Vulnerability Research
http://www.symantec.com/research
Security Advisory
Advisory ID: SYMSA-2007-001
Advisory Title: Oracle Application Server 10g - Directory Traversal
Re
[EMAIL PROTECTED] wrote:
> Script:Trevorchan v0.7
Fake vuln
> require_once($tc_config['rootdir']."/inc/functions.php");
> require_once($tc_config['rootdir']."/inc/encryption.php");
These vars are initialized in config.php, which is require-d by the
files you mention.
> Exploit:
Obviously, yo
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
So it could be remotely
exploitable after all.
On the other hand, most people don't tell their browsers to open up a
separate application to handle ftp:// links.
I agree. It could be exploited in the aforementioned way(but: WS_FTP is not
registered to handle FTP protocol by default). Now I am
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:014
http://www.mandriva.com/security/
___
On 1/14/07, 3APA3A wrote:
Pretending this vulnerability IS exploitable, what is security impact
from it? What can you achieve by exploiting this vulnerability you cant
archive without it?
This is a very relevant question, as it appears from the description
that the vulnerability *is* exploi
This is very true... and in some cases rather than do either you chose
to sit on the bug. Its almost a cache 22... some folks invest time
upfront putting work into various vulnerabilities and have no way to get
back that investment. That in essence amounts to free QA for vendor X,Y
or Z and not
rPath Security Advisory: 2007-0008-1
Published: 2007-01-15
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
Indirect Deterministic Denial of Service
Updated Versions:
gd=/[EMAIL PROTECTED]:devel//1/2.0.33-4.2-1
References:
http://www.cve.mitre.org/cgi-bin/cvename.cg
K F (lists) wrote:
> We all know black hats are selling these sploits for <=$25k so why
> should the legit folks settle for anything less? As an example the guys
> at MOAB kicked around selling a Quicktime bug to iDefense but in the end
> we decided it was not worth it due to low pay...
>
> Low
Amen!
KF is 100% on the money. I can arrange the legitimate purchase of most
working exploits for significantly more money than iDefense, In some cases
over $75,000.00 per purchase. The company that I am working with has a
relationship with a legitimate buyer, all transactions are legal. If you
vulnerability script indexu all versions
Found by :SwEET-DeViL & viP HaCkEr & HaCkEr sUn
TeaM AL-GaRNi
Application : indexu
version : all versions
URL : http://www.nicecoder.com/
google : "Powered by INDEXU 5."
Exploits :
|//1\\|
in upgrade.php
http://www.site.com/INDEXU_PATH/upgrade.php?pflag=upg
No offense to iDefense as I have used their services in the past... but
MY Q1 2007 Challenge to YOU is to start offering your researchers more
money in general! I've sold remotely exploitable bugs in random 3rd
party products for more $$ than you are offering for these Vista items
(see the h0n0
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
I know someone who will pay significantly more per vulnerability against the
same targets.
On 1/10/07 12:27 PM, "contributor" <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Also available at:
> http://labs.idefense.com/vcp/challenge.php#more_q1+2007%3A+vulnerabili
Lee Rumble writes:
This has always been the case with the Remedy system which I use day in
and
day out. This is also present in older versions too and I have spoken with
them about this, but they do not deem this to be a security flaw.
Hello Lee,
if they think or not it is a security flaw
Actually, this can be pretty serious depending on server settings, but
an improper example was given.
Better one:
jax_petitionbook.php?languagepack=../../some_other_allowed_file_uploads/myfile.php.gif%00
Many servers will have magic quotes on to defeat the null byte, but by no means
all.
Jo
Hi,
Yeah , you are the best ;[
P.S:It is fake bug, because
"(...)
$phpbb_root_path = "./";
(...)"
(http://www.google.com/codesearch?hl=pl&q=show:QzeIQQZQ7BQ:h8q8TE-XBMQ:Ex0tElneoM4&sa=N&ct=rd&cs_p=http://www.pottum.nl/gallery_web/gallery-1.4.4-pl4-sms9.tar.gz&cs_f=gallery/contrib/phpBB2/modules
The Cross-site Request Forgery FAQ has been released to address some of the
common
questions and misconceptions regarding this commonly misunderstood web flaw.
URL: The Cross-site Request Forgery FAQ
http://www.cgisecurity.com/articles/csrf-faq.shtml
Regards,
- Robert
[E
-=[ADVISORY---]=-
SmE FileMailer 1.21
Author: CorryL[EMAIL PROTECTED]
-=[---]=-
-=[+] Applicati
Gallery 1.4.4-pl4 and all versions of Gallery 1 more recent than this
(I didn't check older versions as they are over 2 years old) are
actually not vulnerable to this. The actual code in contrib/phpBB2/
modules.php is:
42 $phpbb_root_path = "./";
43 // connect to phpbb
rPath Security Advisory: 2007-0007-1
Published: 2007-01-15
Products: rPath Linux 1
Rating: Informational
Exposure Level Classification:
Indirect User Deterministic Denial of Service
Updated Versions:
kdenetwork=/[EMAIL PROTECTED]:devel//1/3.4.2-3.3-1
References:
http://www.cve.mitre.or
netVigilance Security Advisory #10
dt_guestbook version 1.0f XSS vulnerability
Description:
dt_guestbook is a fully-featured message board system with admin interface. Due
to program flaws it is possible for the remote attacker to conduct XSS attacks.
The remote attacker can convince the victim
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:016
http://www.mandriva.com/security/
___
KDE Security Advisory: kpdf/kword/xpdf denial of service vulnerability
Original Release Date: 2007-01-15
URL: http://www.kde.org/info/security/advisory-20070115-1.txt
0. References
CVE-2007-0104
1. Systems affected:
KDE 3.2.0 up to including KDE 3.5.5. KDE 3.5.6 and newer is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:015
http://www.mandriva.com/security/
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:017
http://www.mandriva.com/security/
___
Hi
Application : php advanced transfer manager
Vulnerability Kind : Remote Password Hash Discloure
Product Link : phpatm.free.fr
version : All Versions Affected
mail: [EMAIL PROTECTED]
Author : Black-0ut
exploit :
#/usr/bin/perl
##
#
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Gallery <= 1.4.4-pl4 (phpbb_root_path) Remote File Include Vulnerability
Script : Gallery
Version : 1.4.4-pl4
URL :
http://puzzle.dl.sourceforge.net/sourceforge/gallery/gallery-1.6-alpha3.tar.gz
Author : BorN To K!LL
=-=-=-=-=-=
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200701-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
31 matches
Mail list logo