-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1102-1[EMAIL PROTECTED]
http://www.debian.org/security/ Steve Kemp
June 26th, 2006
Source: http://securityreason.com/achievement_securityalert/41
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[error_log() Safe Mode Bypass PHP 5.1.4 and 4.4.2]
Author: Maksymilian Arciemowicz (cXIb8O3)
Date:
- -Written: 10.6.2006
- -Public: 26.06.2006
from SECURITYREASON.COM
CVE-2006-3011
- ---
Greetings to the list,
I have written a short paper on principles and failures of IT security
based on a real-world example of a (yet unpublished) issue with DB
CarSharing - a German car rental company.
Extract:
Preface
This paper is not meant to be a disclosure or accusation. Although it is
b
On 6/25/06, xyberpix <[EMAIL PROTECTED]> wrote:
N3td3v yep, Valdis and Todd, I'm not too sure I understand why?
Could you let me in on your reasoning, afaik Todd has always contributed decent
stuff to this list.
Just wanna know the reasoning behind your comment, that's all.
xyberpix
xber
N3td3v yep, Valdis and Todd, I'm not too sure I understand why?Could you let me in on your reasoning, afaik Todd has always contributed decent stuff to this list.Just wanna know the reasoning behind your comment, that's all.xyberpixOn 22 Jun 2006, at 23:39, nirvana wrote:I agree with you.People
Greetings to the list,
As known, Microsoft did announce a security vulnerability concerning an
overflow within the TCP/IP stack implementation when source routing
fields are used:
http://www.microsoft.com/technet/security/bulletin/MS06-032.mspx
Is anyone aware of an exploit or POC code for th
Author:JAAScois
Date: 25.6.2006
Type: Heap Overflow
Product: http://live.com , http://messenger.msn.com
Patch: N/A
Link :
http://securitydot.net/xpl/exploits/vulnerabilities/articles/1108/exploit.html
--
Best Regards,
Aleksander Hristov < root at securitydot.net > < http://sec
MSRC says in http://blogs.technet.com/msrc/archive/2006/06/20/437826.aspx :
this is actually a vulnerability in hlink.dll which is a Windows component
so has much wider exposure than just Excel, as identified also e.g. in
http://www.auscert.org.au/6421
http://www.kb.cert.org/vuls/id/39
yes i do have confirmed this in a post to bugtraq,the issue is with hlink.dll
On 6/25/06, Juha-Matti Laurio <[EMAIL PROTECTED]> wrote:
It appears that two references mentioned in code posting (see Advisories) are
erroneous.
Code posting says about error while handling malformed URL strings; i.e