-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1410-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
November 24, 2007
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1412-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
November 24, 2007
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1411-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
November 24, 2007
I have been in contact with Aurigma and they have fixed the issue. They plan on
releasing an update on Monday. I would like to thank Andrew S. and the Aurigma
development team for a fast response and a quick turnaround.
Elazar
___
Full-Disclosure - W
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[PHP 5.2.4 mail.force_extra_parameters unsecure ]
Author: Maksymilian Arciemowicz (cXIb8O3)
SecurityReason
Date:
- - Written: 06.09.2007
- - Public: 0x.0x.2007
SecurityReason Research
SecurityAlert Id: 47
CVE: CVE-2007-3378
SecurityRisk: Medium
Aff
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200711-33
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200711-34
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
XSS with UTF-7 in yahoo.com
Abstract:
XSS with UTF-7 was found in yahoo.com (already fixed).
Although charset was specified in HTTP response header, but
charset-name was incorrect so XSS occurred.
PoC:
http://search.yahoo.com/search?p=%2BADw-/title%2BAD4-%2BADw-script%2BAD4-alert(document.cookie
Well everytime I type in "n3td3v" into Google "web" search, a
sponsored link appears at the side claiming "Learn more about
n3td3v here", however when users click on the URL, it goes to
http://security.yahoo.com which in reality has no information about
n3td3v there.
So many problems araise from t