- Cisco ASA5520 Web VPN Host Header XSS
- Description
Cross-site scripting.
- Product
Cisco, ASA5520, IOS 7.2(2)22
- PoC
Modified request:
POST /+webvpn+/index.html HTTP/1.1
Host: 'scriptalert('BugsNotHugs')/scriptmeta httpequiv=
content='www.owasp.org
Accept: image/gif, image/x-xbitmap,
Alo,
Well, I have a CUPS opened on the port 631, I have access to administration
pages
Does any1 have tricks/tips to elevate local privilegies?
-mark
___
Full-Disclosure - We believe in it.
Charter:
--
(PT-2009-09) Positive Technologies Security Advisory
Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege
Escalation Vulnerabilities
Hi there,
I've noticed that some weird requests are showing up in the error logs
of one of my apache webservers.
The requests seem to have the following in common:
* GET Request on some random alphanumeric string like GET /hDMe9NS
* Referer has some randomized, invalid URL like
Jan,
On Tue, Mar 31, 2009 at 11:30 AM, Jan G.B. ro0ot.w...@googlemail.com wrote:
Hi there,
I've noticed that some weird requests are showing up in the error logs
of one of my apache webservers.
The requests seem to have the following in common:
* GET Request on some random alphanumeric
Hi Andres,
thanks for your Ideas.
2009/3/31 Andres Riancho andres.rian...@gmail.com:
Jan,
On Tue, Mar 31, 2009 at 11:30 AM, Jan G.B. ro0ot.w...@googlemail.com wrote:
Hi there,
I've noticed that some weird requests are showing up in the error logs
of one of my apache webservers.
The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
Multiple vulnerabilities in Sun Calendar Express Web Server
1. *Advisory Information*
Title: Multiple vulnerabilities in Sun Calendar Express
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1759-1 secur...@debian.org
http://www.debian.org/security/ Steffen Joeris
March 30, 2009
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1760-1 secur...@debian.org
http://www.debian.org/security/ Steffen Joeris
March 30, 2009
Hi!
Not an exploit or bug but just another sample of making things
difficult. Try to find out in HTML source where foobar comes from:
http://www.digg.ee/xsl2.html
Ignore other stuff on this host. Just happened to be logged in there
when idea came :)
Enjoy!
Tõnu
This list is not amused, Mr. Ballmer. Consequently, the trolls are now
asleep. Fuck them anyways.
On Tue, Mar 31, 2009 at 8:33 AM, Tonu Samuel t...@jes.ee wrote:
Hi!
Not an exploit or bug but just another sample of making things
difficult. Try to find out in HTML source where foobar comes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
VMware Security Advisory
Advisory ID: VMSA-2009-0004
Synopsis: ESX Service Console updates for openssl, bind, and
vim
Infiltrated Research Group is proud to introduce RMBSS Risk Metrics
Budgetary Scoring System. A synergy of best practices frameworks
that synchronizes industry known security frameworks for more
thorough Risk Assessments and Analysis. The concept was born out
of the need for Information Security
13 matches
Mail list logo