Here is the latest bunch of hacking incidents added to WHID, the Web Hacking
Incident Database (http://www.webappsec.org/projects/whid)
+ A particularly juicy one was an SQL injection at the site of RIAA
(Recording Industry Association of America), one of the most hated
organizations on the
[waraxe-2008-SA#065] - Remote Shell Command Execution in Coppermine 1.4.14
===
Author: Janek Vind waraxe
Date: 30. January 2008
Location: Estonia, Tartu
Web: http://www.waraxe.us/advisory-65.html
Target software
Author : ShaFuck31
maiL : [EMAIL PROTECTED]
Script Name : tinyBB v0.2 Message Board
DownLoad Script : http://php.arsivimiz.com/indir.php?id=335
Vuln. File : footers.php
Vuln. Code : require_once($tinybb_footers);
Vuln. : http://Victim.Com/ScriptPath/footers.php?tinybb_footers=shELL
Webspell 4.01.02 2 Vulnerabilites Founded by NBBN Vendor:
http://cms.webspell.org
1) Cross-Site
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200801-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Author : ShaFuck31
maiL : [EMAIL PROTECTED]
Script Name : Ye#351;il Koridor Ziyaretçi Defteri
DownLoad Script : http://php.arsivimiz.com/indir.php?id=973
Script's HomePage : http://www.yesilmedya.com
Vuln. File : index.php
Vuln. : http://www.victim.com/defter/index.php?sayfa=[sqL inj.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2008:028
http://www.mandriva.com/security/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200801-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
From: Ofer Shezaf [mailto:[EMAIL PROTECTED]
Sent: Wednesday, 30 January, 2008 08:31
To: Bugtraq
and another University (MSU,
http://www.webappsec.org/projects/whid/byid_id_2007-83.shtml)
suffered serious hacking.
That's Montana State University. There are a number of universities in
the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Cisco Wireless Control System Tomcat mod_jk.so
Vulnerability
Advisory ID: cisco-sa-20080130-wcs
http://www.cisco.com/warp/public/707/cisco-sa-20080130-wcs.shtml
Revision 1.0
For Public Release 2008 January 30 1600 UTC
Advisory for Oracle CPU January 2008 - Ultra Search excessive
privileges
See http://www.petefinnigan.com/Advisory_CPU_Jan_2008.htm for details.
Description
Oracle Ultra-Search uses database and Oracle text functionallity to
provide a uniform search function that is fully
rPath Security Advisory: 2008-0032-1
Published: 2008-01-30
Products:
rPath Linux 1
rPath Appliance Platform Linux Service 1
Rating: Severe
Exposure Level Classification:
Local Root Deterministic Privilege Escalation
Updated Versions:
[EMAIL PROTECTED]:1/6.8.2-30.13-1
[EMAIL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200801-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200801-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200801-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
15 matches
Mail list logo