:
-add a dependency checks for openssl needed for SIP module
-modify checks for libpq.so for Postgresql module
-new module for Netware NCP
-new module for Firebird database
if you have comments, ideas or patches to exchange, please contact me off list
cheers,
david maciejak
dma-hydra-5.4
.
cheers,
David Maciejak
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
David Maciejak wrote:
Hi,
Playing around with privilege escalation I found that WLM 8.0, 8.1 and
probably newer (since live call feature in fact) are vulnerable to a local
privilege escalation issue. It's not a critical flaw.
The problem occurs when livecall.exe process is launch
I should have detect this!
Find enclosed an nasl file to use with nessus scanner.
david
What's Up Professional 2006 is vulnerable to a spoofing attack whereby
the attacker can trick the application into thinking he/she is making a
request from the console (which is considered trusted). This
Also available in Metasploit framework:
http://metasploit.com/projects/Framework/modules/exploits/freesshd_key_exchange.pm
david maciejak
Hi all,
Attachment is the POC exploit for freeSSHd version
1.0.9
Advisories:
http://www.securityfocus.com/bid/17958
http://www.frsirt.com/english
on an opensource project: http://gnms.rubyforge.org
David Maciejak
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
/user.php' can be
Invalid login
Invalid login: incorrect password
Invalid login: no such user
The weakness has been confirmed in version 1.0.1, 1.0.2, 1.0.3.
Other versions may also be affected.
David Maciejak
___
Full-Disclosure - We believe
confirmed in version 1.0.1, 1.0.2, 1.0.3.
Other versions may also be affected.
David Maciejak
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
(the test is about every 5 min).
Proof of Concept:
I am not intent to publicly disclose the PoC.
Workaround:
Upgrade at least to NSM FP4r1 also known as 2005.1
Thanks to quick responses from Juniper Security Team.
David Maciejak
/TracDownload
Thanks for the quick fix of the Trac Team !
David Maciejak
KYXAR.FR - Mail envoyé depuis http://webmail.kyxar.fr
___
Full-Disclosure - We believe in it.
Charter: http
request to be long)
-Thread many listing access on this directory
Workaround:
Upgrade to version 5.5.12
David Maciejak
KYXAR.FR - Mail envoyé depuis http://webmail.kyxar.fr
11 matches
Mail list logo