--
MULTIPLE REMOTE VULNERABILITIES --Small Pirates v-2.1--
--
CMS INFORMATION:
--WEB: http://spirate.net/foro/
--DOWNLOAD: http://spirate.net/foro/
--DEMO:
rPath Security Advisory: 2009-0092-1
Published: 2009-05-27
Products:
rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath Linux 1
rPath Linux 2
Rating: Major
Exposure Level Classification:
Remote Root Deterministic Unauthorized Access
Updated
XSS vulnerability in 'Monitor_Bandwidth' - PRTG Traffic Grapher
http://blog.bkis.com/?p=704
1. General information
PRTG Traffic Grapher is a network monitoring solution, which helps
manage and classify bandwidth usage of a network by providing accurate
results about network traffic and usage
rPath Security Advisory: 2009-0095-1
Published: 2009-05-27
Products:
rPath Linux 1
Rating: Minor
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated Versions:
tshark=conary.rpath@rpl:1/1.0.8-0.1-1
wireshark=conary.rpath@rpl:1/1.0.8-0.1-1
rPath
Survey: MIME/Content-Type-Sniffing Issues in Image Uploads in Forum Scripts
Author: Jacques Copeau
Abstract
Internet Explorer, especially versions 7 and 6, can be tricked to treat images
as html, opening XSS vulnerabilities in software that
# Securitylab.ir
# Application Info:
# Name: ecshop
# Version: 2.6.2
# Website: http://www.ecshop.com
#
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts:
rPath Security Advisory: 2009-0091-1
Published: 2009-05-27
Products:
rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath Linux 1
rPath Linux 2
Rating: Critical
Exposure Level Classification:
Remote Root Deterministic Unauthorized Access
Thierry Zoller thie...@zoller.lu wrote:
According to a Bugzilla entry memory is also leaked during the process.
So let's recap, we have a function that generates key material and looping
causes memory to leak. One might think this should be important enough to
investigate, especially if you
From the very-low-hanging-fruit-department
Firefox Denial of Service (KEYGEN)
Release mode: Forced release.
Ref
Well MaXe,
That's very clever of you. The vendor is rolling out a patch and new version
to address the issues you have raised. Not sure why you beleive this software,
developed with untold manhours and effort, and then offered for a very modest
fee, should be released without appropriate
ZDI-09-021: Apple QuickTime PICT Unspecified Tag Heap Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-021
May 13, 2009
-- CVE ID:
CVE-2009-0010
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint
=
=
=
=
=
=
=
=
Please excuse multiple copies of this message.
=
=
=
=
=
=
=
=
Call for Papers: ACM CCS WORKSHOPS
Hello Susan!
If Microsoft did it, than it's good. But better for my opinion to do such as
in Windows XP Professional - not to disable admin account by default, but to
make password of default admin account similar to password of first admin
(during installation process). Because if default admin
Hi Tavis,
The bug title says Denial of service, not information leak, or crypto
leak or whatever.
That's it, one might want to write a paper how, by indirect
means memory leaks can wreak havoc, that's an exercise
I happily leave to the reader. The point was that you
better analyse
Windows 7 is soon to be released. Translation that means no one is
investing any resources into an operating system that is just hanging
around long enough for the RTM of Windows 7 to be installed on
netbooks. Every version of XP professional that I've touched in the
last three years on HP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
StoneTrip S3DPlayers remote command injection
1. *Advisory Information*
Title: StoneTrip S3DPlayers remote command injection
Advisory ID:
Achievo - Cross Site Scripting Vulnerability
Version Affected: 1.3.4 (August 12, 2008) (newest)
Info: Achievo is a flexible web-based resource management tool for business
environments.
Achievo's resource management capabilities will enable organisations to support
their business processes in
Affected product
Novell Groupwise webaccess
Affected software: 7.x and 8.0
Vulnerability details
-
Groupwise WebAccess implements a security parser designed to prevent embedded
scripts in HTML emails from executing in the users's browser.
Unfortunately
18 matches
Mail list logo