Dear [EMAIL PROTECTED],
smc> References:
smc> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
Description Unspecified vulnerability in HP Tru64 UNIX 4.0F PK8 up to
5.1B-3 and HP Internet Express for Tru64 UNIX 6.3 through 6.5, when
running Sendmail, might allow remote
Good work, Paul.
This KB document #327817 had time stamp
'Last edited - 05/31/2006' during your post. It says '06/08/2006' now.
It appears that Secunia published (first) advisory today:
http://secunia.com/advisories/20576/
Their severity is Moderately Critical (3/5).
- Juha-Matti
Paul Szabo <[
Advisory: Unauthorized password recovery in phpBannerExchange
RedTeam identified an SQL injection that can be triggered due to a bad
user input sanitization in phpBannerExchange. It is possible to recover
a password of an user and thereby overtake his account.
Details
===
Product: phpBanner
Advisory: Authentication bypass in phpBannerExchange
RedTeam identified two SQL injections in phpBannerExchange. It is
possible to bypass user authentication with them.
Details
===
Product: phpBannerExchange
Affected Versions: All versions up to phpBannerExchange 2.0 RC5
Fixed Versions: 2.0
This is covered in the Tor FAQ:http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#head-a79d22244cc04ca5472832cbcc315198b875f34c
The best attack that I know of right know involves measuring latency to each Tor node and correlating that with transmissions at the destination server. The latency goe
could some one tell me why/how this happens.
1. Open up Notepad
2. Type in this sentence exactly (without quotes): "this app can break"
3. Save the file to your hard drive.
4. Close Notepad
5. Open the saved file by double clicking it.
Instead
> >-Original Message-
> >From: [EMAIL PROTECTED] [mailto:full-
> >[EMAIL PROTECTED] On Behalf Of John Bond
> >Sent: Friday, June 16, 2006 12:12 AM
> >To: full-disclosure@lists.grok.org.uk
> >Subject: [Full-disclosure] notepad oddatiy
> >
> >could some one tell me why/how this happens.
> >
On 6/16/06, John Bond <[EMAIL PROTECTED]> wrote:
could some one tell me why/how this happens.
unicode
-- mic (fd tech support)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsore
Absolutely not, just test it. You can use strings "Bush hid the facts" and "aa aaa
aaa" mentioned at many source news too. Don't use carriage return. Works fine with my xp and
w2k machines.
- Juha-Matti
--clip--
I hope this is a sick joke...
___
Confirmed on xpsp2, fully patched.
~Mike.
John Bond wrote:
could some one tell me why/how this happens.
1. Open up Notepad
2. Type in this sentence exactly (without quotes): "this app can break"
3. Save the file to your hard drive.
4. Close N
===
Ubuntu Security Notice USN-297-2 June 15, 2006
mozilla-thunderbird, thunderbird-quickfile updates
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.
On 6/15/06, mikeiscool <[EMAIL PROTECTED]> wrote:
On 6/16/06, John Bond <[EMAIL PROTECTED]> wrote:> could some one tell me why/how this happens.
unicode-- mic (fd tech support)
i think you mean b0rkcode
___
Full-Disclosure - We believe in it.
Charter:
ציטוט Juha-Matti Laurio:
Absolutely not, just test it. You can use strings "Bush hid the facts"
and "aa aaa aaa" mentioned at many source news too. Don't use carriage
return. Works fine with my xp and w2k machines.
It's a bug:
http://blogs.msdn.com/michkap/archive/2006/06/14/631016.aspx
--
ht
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
* 3APA3A <[EMAIL PROTECTED]> [2006-06-15 12:14:13 +0400]:
> Dear [EMAIL PROTECTED],
>
> smc> References:
>
> smc> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
>
> Description Unspecified vulnerability in HP Tru64 UNIX 4.0F PK8 up to
> 5.1B-3 and HP Internet Express for
Download: http://sourceforge.net/projects/sinfp/
Info: http://www.gomor.org/sinfp
Mailing list: https://lists.sourceforge.net/lists/listinfo/sinfp-discuss
NEWS FOR 2.00:
- complete rewrite
- sinfp.db completely reworked
- new tests based on comparison between probe and response (TCP seq/a
what's really interesting is that if you do that, then overwrite text
(little black boxes) with anything else i.e. "this is random text".
save the file, then revert back to the original text. it shows the
text perfectly
spooky :)
On 15/06/06, Shoshannah Forbes <[EMAIL PROTECTED]> wrote:
ציט
/cvename.cgi?name=CVE-2006-2916
http://issues.rpath.com/browse/RPL-426
http://www.kde.org/info/security/advisory-20060615-2.txt
Description:
In previous versions of arts, the artswrapper program has a
vulnerability which enables a local users to escalate to root
privileges if
/cvename.cgi?name=CVE-2006-2449
http://issues.rpath.com/browse/RPL-425
http://www.kde.org/info/security/advisory-20060615-1.txt
Description:
KDM allows the user to select the session type for login. This setting
is stored in the user home directory. Previous versions of KDM will
mysql 5.0.20 Community version under Windows XP Professional
Query works fine, no crash at all.
On Thu, 15 Jun 2006 15:50:21 -0400
"Brent Meshier" <[EMAIL PROTECTED]> wrote:
BM> I am not able to reproduce this bug.
BM>
BM> mysql> select str_to_date( 1, NULL );
BM> ++
I am not able to reproduce this bug.
mysql> select str_to_date( 1, NULL );
++
| str_to_date( 1, NULL ) |
++
| NULL |
++
1 row in set (0.00 sec)
Brent Meshier
Director IT Operations
Global Transport Logisti
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:105
http://www.mandriva.com/security/
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:106
http://www.mandriva.com/security/
___
Salut,
On Thu, 2006-06-15 at 15:50 -0400, Brent Meshier wrote:
> I am not able to reproduce this bug.
>
> mysql> select str_to_date( 1, NULL );
> ++
> | str_to_date( 1, NULL ) |
> ++
> | NULL |
> ++
> 1 row
26 matches
Mail list logo