Cross Site Scripting DOS (Zyxel B-420 Ethernet Bridge)
Wird einer B-420 Ethernet Bridge folgende URL übergeben startet sie neu.
http:///Forms/rpAuth_1?ZyXEL%20ZyWALL%20Seriestop.location.pathname
= ""
Wird das ganze noch einmal wiederholt startet sie nicht mehr neu, sondern
hängt einfach
bzw. ni
The Macallan Mail Solution are vulnerable to the problems shown below:
"Macallan Mail Solution Web Interface Authentication Bypass" similar to
vulnerability reported earlier by Secunia
http://secunia.com/advisories/10861/
Denial of Service when requesting an overly long URL starting with
Vendor:
ArGoSoftDate: December 31,
2004Issue: ArGoSoft FTP Server reveals valid usernames and
allows for brute force attacksURL: http://www.argosoft.com/ftpserver/Advisory:
http://www.lovebug.org/argosoft_advisory.txt
Program Overview:
ArGoSoft FTP Server is a lightweight F
You know, people that set these auto-replies often give out a good
amount of information (of the social engineering kind and otherwise), if
someone were to apply themselves...
Schwarzwaelder, Joerg wrote:
I will not be in the office at least until January 9th, 2005.
Please send
- ssh, watchdog a
I also care about noise, and responding to stupid mails makes it worse.
Every time people send stupid mails like the rm file thing, and people reply to
the list, the author was successful in filling the list with crap for a day or
so.
If no one replies, then they dont get attention and the peop
Vendor: Xanga
URL: http://www.xanga.com/
Versions: Current
Remote: Yes
Vendor notified: 04 Nov 2004 at 16:48
Vendor response: NONE
Summary:
~~~
Xanga is a fully featured blogging system, it
provides great control over look & feel of a users
blog by allowing HTML with only basic checks.
Xanga ha
--On Thursday, December 30, 2004 9:36 AM + Barrie Dempster
<[EMAIL PROTECTED]> wrote:
I'd have to agree with the eEye statement on this one. You sent out an
advisory without disclosing the details, which offers no real benefit to
anyone. Many people consider this responsible disclosure but th
Vendor: Xanga
URL: http://www.xanga.com/
Versions: Current
Remote: Yes
vendor notified: 06 Oct 2004 at 14:08
Vendor response: NONE
Summary:
~~~
Xanga is a fully featured blogging system, it
provides great control over look & feel of a users
blog by allowing HTML with only basic checks.
Xanga h
wolong of Keeptouch.net has issue a challenge to any security professionals to test out his system as he believe he has achieve total anonymity by connecting though 3 proxy servers running behind firewall Yahoo! Mobile- Download the latest ringtones, games, and more!_
Cross Site Scripting Vulnerabilities and Possible Code Execution in
SugarCRM
Author: Jose Antonio Coret (Joxean Koret)
Date: 2004
Location: Bas
Various Vulnerabilities in OWL Intranet Engine
Author: Jose Antonio Coret (Joxean Koret)
Date: 2004
Location: Basque Country
--
---
Two Vulnerabilities in ViewCVS
---
Author: Jose Antonio Coret (Joxean Koret)
Date: 2004
Location: Basque Country
-
Vendor: Xanga
URL: http://www.xanga.com/
Versions: Current
Remote: Yes
vendor notified: 06 Oct 2004 at 14:08
Vendor response: NONE
Summary:
~~~
Xanga is a fully featured blogging system, it
provides great control over look & feel of a users
blog by allowing HTML with only basic checks.
Xang
Indeed, but as mentioned in another FD post (something along the lines
of "don't mind me, just getting the xmas auto replies") how many do we
know aren't honey pots? or being closely monitored? It could alll be
an elaborate scheme..
On Fri, 31 Dec 2004 23:14:43 -0500, Byron L. Sonne <[EMAIL PROTE
14 matches
Mail list logo
