-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2008:019
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I ask for apologies if it bothers somebody.
MD5 and SHA1 hashes per each PoC file.
F-Prot Antivirus
-
d54de0bab426d71ea48d819ca0ac1de4
d8565761239d9a57309c94d32ae1950f77559e4c
cfe971aec2c7a786177a701a3c88e161
On Mon, Jan 21, 2008 at 09:25:08AM +0100, Florian Weimer wrote:
| Note that all domains that contain hosts should have a localhost A
| record in them.
That RFC was obsoleted by RFC 1912 in 1996, so there's no RFC
conformance issue if you omit the domain names. But it explains why
there are
Troopers 08 - get skilled or get owned is a new two-day conference that
brings together some of the brightest minds of the international infosec
community. The event will be held on 23rd and 24th april 2008 in
Munich/Germany. Keynotes will be given by Dan Bernstein and Christofer Hoff.
There
sarcasm tagfor=oblivoious
Yeh, but what if I want you to justify your decisions in the context of my
perceptions?
You don't find it reasonable that because you wish to share your efforts for
free that they should serve my needs as well?
/sarcasm
For the record, I tried Tim's blocklists and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1473[EMAIL PROTECTED]
http://www.debian.org/security/ Florian Weimer
January 21, 2008
PacerCMS Multiple Vulnerabilities (XSS/SQL).
Product: PacerCMS
Version: 0.6
Vendor: http://pacercms.sourceforge.net/
Date:01/22/08
- Introduction
PacerCMS is a content management solution for student and non-daily
community
# Name : Belong Site Builder 0.1b Bypass Admincp
# Download From : http://www.belongsoftware.co.uk/
Or Direct Link : http://www.belongsoftware.co.uk/site_builder_v0_1beta.zip
# Found By : RoMaNcYxHaCkEr We Are H-T TeaM (Houssamix - ToXiC)
# Home Page : Not Yet :(
#Founded: 21, January 2008
#Autor: NBBN
#Type: XSS
#DeluxeBB Version: 1.1
#Register
Unfortunately there's a bit of confusion, as Mike Davidson of
mikeindustries.com is no longer the maintainer of sIFR, and he has not updated
the sIFR page in a while.
This issue was found and resolved on July 4th 2007, in version 2.0.3. It also
appears that Internet Explorer is not vulnerable
1. Abstract
There is and a XSRF under Dean's Permalinks Migration Plugin version
1.0 which allow any attacker to conduct the user to do and a
unsolicited action this combined within a XSS bug (also found) in the
plugin allows and attacker to gain valid credentials for the WordPress
based CMS.
2.
Apache mod_negotiation Xss and Http Response Splitting
Date: January 22th, 2008
Tested Versions: Apache =1.3.39
= 2.0.61
= 2.2.6
Minded Security ReferenceID:
MSA01150108
Credits:
Discovery by
Stefano Di Paola of Minded
12 matches
Mail list logo