On Tue, 21 Aug 2007, 3APA3A wrote:
> 6. Ivan Nl (http://uNkn0wn.eu) reports vulnerabilities in
> Linkliste 1.2, Butterfly online vistors counter 1.08, mcLinksCounter
> 1.2, My_REFERER 1.08.
>
> Original messages in English are available from
> http://securityvulns.com/sour
###
Luigi Auriemma
Application: Asura engine (network SDK)
http://www.rebellion.co.uk
Games:Rogue Trooper <= 1.0
Prism: Guard
> On a side note, when I was testing this vulnerability, I tried
> varying the size of the ICMP packet. Strangely enough, I got no response
> if the packet was of size 1469 bytes, or 1471 bytes. There must be
> something special about 1470 byte ICMP packets. Anyone have any ideas?
>
VISITE ORIGINAL ADVISORY FOR MORE DETAILS
http://myimei.com/security/2007-08-22/olate-download-342downloadphp-sql-injection.html
VISITE ORIGINAL ADVISORY FOR MORE DETAILS
Software: Olate Download
Sowtware's Web Site: http://www.olate.co.uk/
Versions: 3.4.2
Class: Remote
Status: Unpatched
Exploit: A
Am I missing something or if it was a concentrated DOS by bots or mischievous
cretins, wouldnt we have network evidence like we see in another DOS
situations. If the traffic was examined wouldnt we see different findings e.g.
malicious calls vs. regular login traffic causing Skype's internal alg
I've also tried this on a Verizon Palm OS Treo Smartphone, and it took only one
ICMP packet at the size noted in this writeup. This bug is definitely
different then the ICMP flood affecting palm pilots in CVE-2003-0293.
Hello,
I have heard something about TeamSpeak 2 Server vulnerabilities
but never found any full disclosure of it. Does somebody know something
about it?
Greetings
Moderator note: this copy of the post has a corrected URL.
CORE GRASP for PHP is a web-application protection software aimed at
detecting and blocking injection vulnerabilities and privacy violations.
As mentioned during its presentation at Black Hat USA 2007, GRASP is
being released as open sourc
It appears that Camino Project has released new security update version 1.5.1
recently.
Reference:
Camino 1.5.1 Release Notes
http://www.caminobrowser.org/releases/1.5.1/
"Upgraded to version 1.8.1.6 of the Mozilla Gecko rendering engine, which includes
several critical security and stability f
VISITE ORIGINAL ADVISORY FOR MORE DETAILS
http://myimei.com/security/2007-08-22/olate-download-342modulescorefldmphpcomments-tag-url-xss.html
VISITE ORIGINAL ADVISORY FOR MORE DETAILS
——-Summary—-
Software: Olate Download
Sowtware's Web Site: http://www.olate.co.uk/
Versions: 3.4.2
Class: R
VISIT ORIGINAL ADVISORY FOR MORE DETAILES
http://myimei.com/security/2007-08-22/olate-download-342modulescoreuimphpxss.html
VISIT ORIGINAL ADVISORY FOR MORE DETAILES
——-Summary—-
Software: Olate Download
Sowtware's Web Site: http://www.olate.co.uk/
Versions: 3.4.2
Class: Remote
Status: Unpa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01143196
Version: 1
HPSBST02255 SSRT071456 rev.1 - Storage Management Appliance (SMA), Microsoft
Patch Applicability MS07-042 to MS07-050
NOTICE: The information in thi
Dear [EMAIL PROTECTED],
It looks like duplicated for CVE-2005-2454 and should be fixed in Lotus
Notes client 7.0.2, see
http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21246773
Please specify Notes client version.
--Wednesday, August 22, 2007, 2:25:28 PM, you wrote to
bugtraq@securi
CORE GRASP for PHP is a web-application protection software aimed at
detecting and blocking injection vulnerabilities and privacy violations.
As mentioned during its presentation at Black Hat USA 2007, GRASP is
being released as open source under the Apache 2.0 license and can be
obtained from http
Refer to the advisory...
OS2A
Ripe Website Manager SQL Injection and Cross Site Scripting Vulnerabilities
OS2A ID: OS2A_1009 Status:
07/11/2007 Issue
Discovered
Version Tested:
Sun Application Server 9.0_0.1 (build b02-p01)
Technical Description of the vulnerability:
In the process of performing application security testing of software on
Sun box, the Sun Admin Console was used to manipulate/change SSL Ciphers.
Changes to the ORB listeners (SSL and SSL_Mu
Local Privilege Escalation Through Default ntmulti.exe File Permissions
Unprivileged users can execute arbitrary programs that run with the privileges
of the LocalSystem account by replacing the Multi-user Cleanup Service
executable with arbitrary executables. This vulnerability exists because t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:169
http://www.mandriva.com/security/
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2007:168
http://www.mandriva.com/security/
___
19 matches
Mail list logo