Dear John Smith,
In general case we are discussing, DoS may be caused by e.g. some
combination of allowed tags/properties or by malformed image.
As it was pointed by author, this attack may be performed with
scripting disabled (with [iframe src=]). That's why e-mail vector
#
# Securitylab.ir
#
# Application Info:
# Name: Nginx
# Tested on nginx 0.8.35
# Nginx 0.8.36 and higher is not vulnerable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02115103
Version: 2
HPSBUX02523 SSRT100036 rev.2 - HP-UX Running ONCplus rpc.pcnfsd, Remote Denial
of Service (DoS), Increase in Privilege
NOTICE: The information in this Security Bulletin
Hello Bugtraq!
I want to warn you about security vulnerability in ArtDesign CMS. It's
Ukrainian commercial CMS.
-
Advisory: Vulnerability in ArtDesign CMS
-
URL: http://websecurity.com.ua/4035/
-
Affected
GR Board v1.8.6.1 stab (page.php?theme) Remote File Inclusion Vulnerability
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __
Security Advisory
IS-2010-001 - Netgear WG602v4 Saved Pass Stack Overflow
Advisory Information
Published:
2010-05-30
Updated:
2009-05-30
Manufacturer: Netgear
Model: WG602v4
Firmware version: V1.1.0 (Europe)
Vulnerability Details
-
Class:
Buffer
Someone pointed out that even with -P-, gs will read gs_init.ps from
current directory:
http://bugs.ghostscript.com/show_bug.cgi?id=691350
Still, they do not regard this with any urgency.
I also see no -P- and no absolute paths for the ps files mentioned in
many gs scripts e.g. /usr/bin/pdf2dsc
DM Database Server Memory Corruption Vulnerability
Vulnerable: All Version
Vendor: www.dameng.com
Discovered by: Shennan Wang (HuaweiSymantec SRT)
Details:
=
A vulnerability in DM Database Server all version allows attacker to execute
arbitrary code or cause a
Hi Vladimir,
Thanks for your views.
I was carried away because the author used scripts (in a global script tag)
in the PoC of the issue in question which made unconditional recursion
possible.
Without scripts enabled, if iframe's src property is set to itself(?), it is
parsed upto 1 level
===
GR Board v1.8.6. (theme) Local File Inclusion Vulnerability
===
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __
what about the stable branch? Versions 0.7.65 and earlier?
Hello Susan and other readers, who replied to my previous advisory.
Earlier I've already answered Vladimir, now I'd answer Susan and soon I'd
answer John. But now one important note to every reader of the list,
including John Smith. Which I already wrote about 1,5 week ago (after
posting of a
12 matches
Mail list logo