===
Ubuntu Security Notice USN-452-1 April 11, 2007
kdelibs, qt-x11-free vulnerability
CVE-2007-0242
===
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
This has been fixed in the trunk.
On 12 Apr 2007 13:14:14 -, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Via the Phpwiki 1.3.x UpLoad feature some hackers from russia uploaded a php3
or php4 file,
install a backdoor at port 8081 and have access to your whole disc and overtake
the server.
A url in the file is http://ccteam
Product Name: Aircrack-ng (0.7)
Vendor: http://www.aircrack-ng.org
Date: 13 April, 2007
Author: Jonathan So < jonny [ @ ] nop-art [ dot ] net>
Advisory URL: http://www.nop-art.net/advisories/airodump-ng.txt
I. DESCRIPTION
A buffer overflow vulnerability has been found in airodump-ng, part of
the
On 12 Apr 2007 [EMAIL PROTECTED] wrote:
> Via the Phpwiki 1.3.x UpLoad feature some hackers from russia uploaded a php3
> or php4 file,
> install a backdoor at port 8081 and have access to your whole disc and
> overtake the server.
>
> A url in the file is http://ccteam.ru/releases/c99shell
>
>
Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability
iDefense Security Advisory 04.12.07
http://labs.idefense.com/intelligence/vulnerabilities/
Apr 12, 2007
I. BACKGROUND
PFS (the Portable File System) allows mounting of ISO 9660, High Sierra,
and Rock Ridge (ISO 9660 with R
\n\tEx: http://www.example.com/chatness/\n";);
$url = $argv[1];
$ch = curl_init($url . "admin/options.php");
if(!$ch) die("Error Initializing CURL");
echo "[ ] Attempting To Fetch Admin Login...\n";
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$res = curl_exec($ch);
if(!$res) die("Error Conn
"""
""" :: ::: """
""" :: :: :: : ::"""
""" :: :: : : """
""":: :: ::: ::: :: :: :: :::: """
""" :: :: :: : : : :: :: """
"""
On that note you might as well deny php5 too
--Ryan Neufeld
IT Systems Manager
[EMAIL PROTECTED]
MagPower Systems Inc.
Ph: (640)940-3232
Fax: (640)940-3233
-Original Message-
From: Gadi Evron [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 12, 2007 9:50 AM
To: [EMAIL PROTECTED]
Cc:
"""
""" :: ::: """
""" :: :: :: : ::"""
""" :: :: : : """
""":: :: ::: ::: :: :: :: :::: """
""" :: :: :: : : : :: :: """
"""
Cross site scripting in mephisto 0.7.3
security advisory
References:
http://www.mephistoblog.com
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1873
Description:
Cross site scripting describes attacks that allow to insert malicious
html or javascript code via get or post forms. This
"""
""" :: ::: """
""" :: :: :: : ::"""
""" :: :: : : """
""":: :: ::: ::: :: :: :: :::: """
""" :: :: :: : : : :: :: """
"""
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200704-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00571568
Version: 9
HPSBUX01137 SSRT5954 rev.9 - HP-UX Running TCP/IP (IPv4), Remote Denial of
Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon
as
INFIGO IS Security Advisory #ADV-2007-04-01
http://www.infigo.hr/
Title: Enterprise Security Analyzer server remote buffer overflows
Advisory ID: INFIGO-2007-08
Date: 2007-04-05
Advisory URL: http://www.infigo.hr/en/in_focus/advisories/INFIGO-200
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00913684
Version: 1
HPSBUX02203 SSRT071339 rev.1 - HP-UX Running Portable File System (PFS), Remote
Increase in Privilege
NOTICE: The information in this Security Bulletin should be acted upon
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco
Wireless Control System
Advisory ID: cisco-sa-20070412-wcs
http://www.cisco.com/warp/public/707/cisco-sa-20070412-wcs.shtml
Revision 1.0
For Public Release 2007 April 12 1600 UTC (GMT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00901872
Version: 1
HPSBGN02199 SSRT071312 rev.1 - Mercury Quality Center ActiveX, Remote
Unauthorized Arbitrary Code Execution
NOTICE: The information in this Security Bulletin should be acte
Via the Phpwiki 1.3.x UpLoad feature some hackers from russia uploaded a php3
or php4 file,
install a backdoor at port 8081 and have access to your whole disc and overtake
the server.
A url in the file is http://ccteam.ru/releases/c99shell
The uploaded file has a php, php3 or php4 extension and
\n\n\t Ex:
http://www.example.com/e107/ usera passb\n");
$url = $argv[1];
$user = $argv[2];
$pass = $argv[3];
$ch = curl_init($url . "e107_admin/admin.php");
if(!$ch) die("Error Initializing CURL");
//Login
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, "
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00965724
Version: 1
HPSBST02206 SSRT071354 rev.1 - Storage Management Appliance (SMA), Microsoft
Patch Applicability MS07-014
NOTICE: The information in this Security Bulletin should be acted
Cross site scripting in toendaCMS 1.5.3
security advisory
References:
http://www.toendacms.com/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1872
Description:
Cross site scripting describes attacks that allow to insert malicious
html or javascript code via get or post forms. This c
Cross site scripting in chcounter 3.1.3
security advisory
References:
http://chcounter.org/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1871
Description:
Cross site scripting describes attacks that allow to insert malicious
html or javascript code via get or post forms. This can b
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00944467
Version: 1
HPSBUX02205 SSRT061120 rev.1 - HP-UX Running ARPA Transport, Local Denial of
Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon
a
Sometimes greed can be the downfall of the greatest people and nations but in
this case it's software. Steganos Encrypted File safe for Windows is one of the
most commonly used file security systems in the world. They boast how excellent
their encryption and how uncrackable they are. This is pro
On Mon, 2 Apr 2007, Bob Fiero wrote:
> RBLs such as SpamCop gave me an idea a few years back. We should
> build a virtual wall around the country.
In theory it is a good idea, but in practice it is not clear if
the rate of false positives or false negatives will not ruin the
system. Even if you pr
26 matches
Mail list logo
