[Full-disclosure] [SECURITY] [DSA 1079-1] New MySQL 4.0 packages fix several vulnerabilities

2006-05-28 Thread Martin Schulze
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1079-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze May 29th, 2006

[Full-disclosure] Jiwa Financials - Reporting allows execution of arbitrary reports as SQL user with full permissions.

2006-05-28 Thread Robert Passlow
  Date: 28/5/2006   Product: Jiwa Financials 6.4.14  - http://www.jiwa.com.au/     Vulnerability: Reporting allows execution of arbitrary reports as SQL user with full SELECT, INSERT, UPDATE, DELETE SQL permissions.     Product Background -   On execution Jiw

Re: [Full-disclosure] VulnSale: Windows Vista Exploit

2006-05-28 Thread 0x80
Oh I am fucking sorry for my fucking cunt mouth. On Sun, 28 May 2006 18:34:41 -0700 Aaron Gray <[EMAIL PROTECTED]> wrote: >Language please. > >- Original Message - >From: <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Cc: >Sent: Monday, May 29, 2006 2:07 AM >Subject: Re: [Full-disclosure

[Full-disclosure] Advisory: Blend Portal <= 1.2.0 for phpBB 2.x (blend_data/blend_common.php) File Inclusion Vulnerability

2006-05-28 Thread Mustafa Can Bjorn IPEKCI
--Security Report-- Advisory: Blend Portal <= 1.2.0 for phpBB 2.x (blend_data/blend_common.php) File Inclusion Vulnerability. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 28/05/06 07:52 PM --- Contacts:{ ICQ: 10072 MSN/Email: [EMAIL PROTECTED] Web: http://www.nukedx.com }

Re: [Full-disclosure] VulnSale: Windows Vista Exploit

2006-05-28 Thread Aaron Gray
Language please. - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: Sent: Monday, May 29, 2006 2:07 AM Subject: Re: [Full-disclosure] VulnSale: Windows Vista Exploit No, I have not been interviewed. I am the fag that you gave a blow job too last night in tha

Re: [Full-disclosure] VulnSale: Windows Vista Exploit

2006-05-28 Thread 0x80
No, I have not been interviewed. I am the fag that you gave a blow job too last night in that truckstop bathroom. On Fri, 26 May 2006 07:38:41 -0700 evilrabbi <[EMAIL PROTECTED]> wrote: >are you the fag that was interviewed by the washington post? > >On 5/25/06, [EMAIL PROTECTED] <[EMAIL PROTEC

Re: [Full-disclosure] Internet Explorer Ver 6.0.2800.1106 vulnerability

2006-05-28 Thread 0x80
How is a simple crash a vulnerability? you can make IE crash different ways. The trick is making it run your code. On Fri, 26 May 2006 05:49:39 -0700 r k <[EMAIL PROTECTED]> wrote: >Hi All, > > >IE Ver 6.0.2800.1106 crashs when we try to resizeby() in the html >page. > >the following

[Full-disclosure] Advisory: UBBThreads 5.x, 6.x Multiple File Inclusion Vulnerabilities.

2006-05-28 Thread Mustafa Can Bjorn IPEKCI
--Security Report-- Advisory: UBBThreads 5.x,6.x Multiple File Inclusion Vulnerabilities. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 09:44 PM --- Contacts:{ ICQ: 10072 MSN/Email: [EMAIL PROTECTED] Web: http://www.nukedx.com } --- Vendor: Infopop (http://www.infopo

[Full-disclosure] Advisory: ASPSitem <= 2.0 Multiple Vulnerabilities.

2006-05-28 Thread Mustafa Can Bjorn IPEKCI
--Security Report-- Advisory: ASPSitem <= 2.0 Multiple Vulnerabilities. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 08:26 PM --- Contacts:{ ICQ: 10072 MSN/Email: [EMAIL PROTECTED] Web: http://www.nukedx.com } --- Vendor: ASPSitem (http://www.aspsitem.com) Version:

[Full-disclosure] Advisory: phpBB 2.x (Activity MOD Plus) File Inclusion Vulnerability.

2006-05-28 Thread Mustafa Can Bjorn IPEKCI
--Security Report-- Advisory: phpBB 2.x (Activity MOD Plus) File Inclusion Vulnerability. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 07:49 PM --- Contacts:{ ICQ: 10072 MSN/Email: [EMAIL PROTECTED] Web: http://www.nukedx.com } --- Vendor: phpBB-Amod (http://www.php

[Full-disclosure] Advisory: phpBB 2.x (admin/admin_hacks_list.php) Local Inclusion Vulnerability.

2006-05-28 Thread Mustafa Can Bjorn IPEKCI
--Security Report-- Advisory: phpBB 2.x (admin/admin_hacks_list.php) Local Inclusion Vulnerability. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 07:37 PM --- Contacts:{ ICQ: 10072 MSN/Email: [EMAIL PROTECTED] Web: http://www.nukedx.com } --- Vendor: Nivisec (http

[Full-disclosure] Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities

2006-05-28 Thread Mustafa Can Bjorn IPEKCI
--Security Report-- Advisory: Eggblog <= 3.x Multiple Remote Vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 06:15 PM --- Contacts:{ ICQ: 10072 MSN/Email: [EMAIL PROTECTED] Web: http://www.nukedx.com } --- Vendor: Eggblog (http://www.eggblog.net/) Versi

[Full-disclosure] Advisory: [EMAIL PROTECTED] Interactive Web <= 0.8x Multiple Remote Vulnerabilities.

2006-05-28 Thread Mustafa Can Bjorn IPEKCI
--Security Report-- Advisory: [EMAIL PROTECTED] Interactive Web <= 0.8x Multiple Remote Vulnerabilities. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 05:57 PM --- Contacts:{ ICQ: 10072 MSN/Email: [EMAIL PROTECTED] Web: http://www.nukedx.com } --- Vendor: Facile (ht

[Full-disclosure] Advisory: Enigma Haber <= 4.3 Multiple Remote SQL Injection Vulnerabilities

2006-05-28 Thread Mustafa Can Bjorn IPEKCI
--Security Report-- Advisory: Enigma Haber <= 4.3 Multiple Remote SQL Injection Vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 05:16 PM --- Contacts:{ ICQ: 10072 MSN/Email: [EMAIL PROTECTED] Web: http://www.nukedx.com } --- Vendor: EnigmaASP (http://ww

[Full-disclosure] Advisory: tinyBB <= 0.3 Multiple Remote Vulnerabilities.

2006-05-28 Thread Mustafa Can Bjorn IPEKCI
--Security Report-- Advisory: tinyBB <= 0.3 Multiple Remote Vulnerabilities. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 05:37 AM --- Contacts:{ ICQ: 10072 MSN/Email: [EMAIL PROTECTED] Web: http://www.nukedx.com } --- Vendor: Epicdesigns (http://www.epicdesigns.co.

[Full-disclosure] Advisory: ASPBB <= 0.52 (perform_search.asp) XSS vulnerability

2006-05-28 Thread Mustafa Can Bjorn IPEKCI
--Security Report-- Advisory: ASPBB <= 0.52 (perform_search.asp) XSS vulnerability --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 04:26 PM --- Contacts:{ ICQ: 10072 MSN/Email: [EMAIL PROTECTED] Web: http://www.nukedx.com } --- Vendor: ASPBB (www.aspbb.org) Version: 0.

[Full-disclosure] Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities

2006-05-28 Thread Mustafa Can Bjorn IPEKCI
--Security Report-- Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 03:16 PM --- Contacts:{ ICQ: 10072 MSN/Email: [EMAIL PROTECTED] Web: http://www.nukedx.com } --- Vendor: MiniNuke (http://www.miniex.net/) (http:

[Full-disclosure] XSS vuln- swapitshop.com

2006-05-28 Thread vulnkiller
Vendor: SwapitShop.com- 'Safe cash for young people that they can earn & spend on things they want.' Discovered by: robokoder N.B. admin were informed 20 days ago... no fix yet- appalling   this is a cross-site scripting (XSS) vulnerability that allows for the injection of potentially malic

[Full-disclosure] A Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8 & 9

2006-05-28 Thread Adbulaziz Hariri
A Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8 & 9 To read more http://www.safehack.com/Advisory/pgp/PGPcrack.html We have discovered a security

[Full-disclosure] Books from security conference speakers ... reloaded !

2006-05-28 Thread [EMAIL PROTECTED]
Hello Because some of you point other good books written by other security conference speakers than we choose, we post again a new selection of books on http://www.security-briefings.com Thanks for all subscribers that have participated. regards _

Re: [Full-disclosure] *zeroday warez* MDAEMON LATEST VERSION PREAUTH REMOTE ROOT HOLE *zeroday warez*

2006-05-28 Thread [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 if this is about "how to ruin a discovery" do you excel dude, keep it up. kcope wrote: > MDAEMON LATEST VERSION PREAUTH *REMOTE ROOT HOLE* > > zeroday discovered by kcope kingcope[at]gmx.net !!! > shouts to alex,wY!,bogus,revoguard,adizeone > > Desc

[Full-disclosure] *zeroday warez* MDAEMON LATEST VERSION PREAUTH REMOTE ROOT HOLE *zeroday warez*

2006-05-28 Thread kcope
MDAEMON LATEST VERSION PREAUTH *REMOTE ROOT HOLE* zeroday discovered by kcope kingcope[at]gmx.net !!! shouts to alex,wY!,bogus,revoguard,adizeone Description There's a remotely exploitable preauthentication hole in Alt-N MDaemon. It is a Heap Overflow in the IMAP Daemon. It can be triggered by s

Re: [Full-disclosure] I need some backdoor code source

2006-05-28 Thread Joaquim Moreno
Backdoors/rootkits sources.. http://packetstormsecurity.org/UNIX/penetration/rootkits/ Regards, ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] I need some backdoor code source

2006-05-28 Thread Rob \"Nexis\" Nelson
Azreal, Mind if I ask what KIND of research? azrael goblin wrote: hi ,guys. Recently, i am studying backdoor, but i cant find some stuffs to learn.Does somebody know where i can find some dackdoor/trojan code source. regards, azrael

[Full-disclosure] I need some backdoor code source

2006-05-28 Thread azrael goblin
hi ,guys.   Recently, i am studying backdoor, but i cant find some stuffs to learn.Does somebody know where i can find some dackdoor/trojan code   source.   regards,   azrael ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-