SecurityFocus

h2desk helpdesk path disclosure vulnerability 2008-03-01
joseph giron13 gmail com

Heathco's h2desk helpdesk ticking system provides a ticketing solution for small and large organizations alike. Blah blah.

On to the exploit. h2desk's session handling is custom and doesnt use the standard phpsession id handling. As a result, if you add a tic (') or any other invalid character t

[ more ] [ reply ]

Koobi CMS 4.3.0 - 4.2.3 (categ) Remote SQL Injection Vulnerability 2008-03-01
sys-project hotmail com

[+] [JosS] + [Spanish Hackers Team] + [Sys - Project]

[+] Info:

[~] Software: Koobi CMS 4.3.0 - 4.2.3

[~] HomePage: http://www.dream4.de/

[~] Exploit: Remote SQL Injection [High]

[~] Where: index.php

[~] Bug Found By: Jose Luis Góngora Fernández | JosS

[~] Contact: sys-project[at]hotmail.

[ more ] [ reply ]

Mambo com_Musica "id" Remote SQL Injection 2008-03-01
no-reply aria-security net

Aria-Security Team (Persian Security Network)

http://Aria-Security.Net

-------------------------------

Shoutz : AurA, imm02tal, Kinglet, iM4N, & All our staff

Mambo com_Musica "id" Remote SQL Injection

index.php?option=com_musica&Itemid=172&tasko=viewo &task=view2&id=-4214/**/union+select/*

[ more ] [ reply ]

[ MDVSA-2008:056 ] - Updated gnumeric packages fix vulnerability 2008-02-29
security mandriva com

[USN-582-1] Thunderbird vulnerabilities 2008-02-29
Jamie Strandboge (jamie canonical com)

===========================================================
Ubuntu Security Notice USN-582-1 February 29, 2008
mozilla-thunderbird, thunderbird vulnerabilities
CVE-2008-0304, CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,
CVE-2008-0418, CVE-2008-0420
=========================================

[ more ] [ reply ]

rPSA-2008-0094-1 kernel 2008-02-29
rPath Update Announcements (announce-noreply rpath com)

rPath Security Advisory: 2008-0094-1
Published: 2008-02-29
Products:
rPath Linux 1
rPath Appliance Platform Linux Service 1

Rating: Major
Exposure Level Classification:
Local User Deterministic Denial of Service
Updated Versions:
kernel=conary.rpath.com@rpl:1-vmware/2.6.22.19-0.1-1

[ more ] [ reply ]

rPSA-2008-0093-1 thunderbird 2008-02-29
rPath Update Announcements (announce-noreply rpath com)

rPath Security Advisory: 2008-0093-1
Published: 2008-02-29
Products:
rPath Linux 1

Rating: Major
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
thunderbird=conary.rpath.com@rpl:1/2.0.0.12-0.1-1

rPath Issue Tracking System:
https://i

[ more ] [ reply ]

rPSA-2008-0092-1 tshark wireshark 2008-02-29
rPath Update Announcements (announce-noreply rpath com)

rPath Security Advisory: 2008-0092-1
Published: 2008-02-29
Products:
rPath Linux 1

Rating: Major
Exposure Level Classification:
Indirect User Deterministic Denial of Service
Updated Versions:
tshark=conary.rpath.com@rpl:1/0.99.8-0.1-1
wireshark=conary.rpath.com@rpl:1/0.99.8-0.1-1

r

[ more ] [ reply ]

rPSA-2008-0091-1 cups 2008-02-29
rPath Update Announcements (announce-noreply rpath com)

rPath Security Advisory: 2008-0091-1
Published: 2008-02-29
Products:
rPath Linux 1

Rating: Severe
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated Versions:
cups=conary.rpath.com@rpl:1/1.1.23-14.6-1

rPath Issue Tracking System:
https://issues.rpath.com/

[ more ] [ reply ]

Release: Pass-The-Hash toolkit v1.3 2008-02-29
Hernan Ochoa (hernan gmail com)

SOURCE CODE:
http://oss.coresecurity.com/pshtoolkit/release/1.3/pshtoolkit_v1.3-src.t
gz

BINARIES:
http://oss.coresecurity.com/pshtoolkit/release/1.3/pshtoolkit_v1.3.tgz

DOCUMENTATION:
http://oss.coresecurity.com/projects/pshtoolkit.htm
http://oss.coresecurity.com/pshtoolkit/doc/index.html

WHATSNE

[ more ] [ reply ]

netOffice Dwins 1.3 Remote code execution. 2008-02-29
db rawsecurity org

netOffice Dwins 1.3 Remote code execution.
--------------------------------------------------------

Product: netOffice Dwins
Version: 1.3 p2
Vendor: http://netofficedwins.sourceforge.net/
Date: 02/29/08

- Introduction

"netOffice Dwins is a free web based time tracking, timesheet, and
project

[ more ] [ reply ]

Centreon <= 1.4.2.3 (index.php) Remote File Disclosure 2008-02-29
sys-project hotmail com

[+] Info:

[~] Software: Centreon <= 1.4.2.3

[~] HomePage: http://www.centreon.com

[~] Exploit: Remote File Disclosure [High]

[~] Where: include/doc/index.php

[~] Bug Found By: Jose Luis Góngora Fernández|JosS

[~] Contact: sys-project[at]hotmail.com

[~] Web: http://www.spanish-hackers.com

[

[ more ] [ reply ]

[ MDVSA-2008:055 ] - Updated ghostscript packages fix arbitrary code execution vulnerability 2008-02-29
security mandriva com

PHPMyTourney Remote file include Vulnerability 2008-02-29
security soqor net

Hello

PHPMyTourney Remote file include Vulnerability

Discovered By : HACKERS PAL

Copy rights : HACKERS PAL

Website : http://www.soqor.net

Email Address : security (at) soqor (dot) net [email concealed]

home page : http://phpmytourney.sourceforge.net

Script : PHPMyTourney

vulnerable file : phpmytourney/source

[ more ] [ reply ]

Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded Credentials 2008-02-29
brad antoniewicz foundstone com

Title: Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded Credentials

Vendor: Beehive Software

Vendor URL: http://www.thebeehive.com/

Affected File: http://<host>/sfcommon/SendFile.jar

Vendor Contact Date: 7/26/2007

Vendor Response: None

Workaround:

The simplest way to

[ more ] [ reply ]

Ghostscript buffer overflow 2008-02-28
Chris Evans (scarybeasts gmail com)

Hi,

Buffer overflow in Ghostscript. A useful attack vector because a lot
of UNIX workstations will put PS files on the web through Ghostscript.

The problem is a stack-based buffer overflow in the zseticcspace()
function in zicc.c. The issue is over-trust of the length of a
postscript array which a

[ more ] [ reply ]

[ MDVSA-2008:054 ] - Updated dbus packages fix vulnerability 2008-02-28
security mandriva com

rPSA-2008-0082-1 espgs 2008-02-28
rPath Update Announcements (announce-noreply rpath com)

rPath Security Advisory: 2008-0082-1
Published: 2008-02-28
Products:
rPath Linux 1

Rating: Major
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
espgs=conary.rpath.com@rpl:1/8.15.1-1.5-1

rPath Issue Tracking System:
https://issues.rp

[ more ] [ reply ]

rPSA-2008-0088-1 am-utils 2008-02-28
rPath Update Announcements (announce-noreply rpath com)

rPath Security Advisory: 2008-0088-1
Published: 2008-02-28
Products:
rPath Linux 1

Rating: Minor
Exposure Level Classification:
Local Non-deterministic Unauthorized Access
Updated Versions:
am-utils=conary.rpath.com@rpl:1/6.0.9-11.4-1

rPath Issue Tracking System:
https://issues.rpa

[ more ] [ reply ]

Loginwindow.app and Mac OS X 2008-02-28
Jacob Appelbaum (jacob appelbaum net) (1 replies)

Moin moin Bugtraq readers,

Bill Paul and I have discovered that LoginWindow.app doesn't clear
credentials after a user is authenticated. We discovered this while
testing our EFI-based memory recovery utilities discussed recently[0].

We've found that depending on the state of capture, the passwords

[ more ] [ reply ]

Re: Loginwindow.app and Mac OS X 2008-02-29
oc photon (ocphoton gmail com) (1 replies)

Re: Loginwindow.app and Mac OS X 2008-02-29
Jacob Appelbaum (jacob appelbaum net) (1 replies)

Re: Loginwindow.app and Mac OS X 2008-02-29
Matt Johnston (matt ucc asn au)

rPSA-2008-0086-1 pcre 2008-02-28
rPath Update Announcements (announce-noreply rpath com)

rPath Security Advisory: 2008-0086-1
Published: 2008-02-28
Products:
rPath Linux 1
rPath Appliance Platform Linux Service 1

Rating: Major
Exposure Level Classification:
Remote Unauthorized Access
Updated Versions:
pcre=conary.rpath.com@rpl:1/7.6-0.1-1

rPath Issue Tracking System:

[ more ] [ reply ]

rPSA-2008-0084-1 lighttpd 2008-02-28
rPath Update Announcements (announce-noreply rpath com)

rPath Security Advisory: 2008-0084-1
Published: 2008-02-28
Products:
rPath Linux 1

Rating: Major
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated Versions:
lighttpd=conary.rpath.com@rpl:1/1.4.18-0.2-1

rPath Issue Tracking System:
https://issues.rpath.co

[ more ] [ reply ]

XSS on XRMS- open source CRM 2008-02-28
vijayv cascentral com

XRMS: An open source web enabled LAMP based CRM.

Vulnerability: Confirmation messages upon updates in XRMS are clear text passed across in the URL. Simple test of injection of a script resulted in exposing cross site scripting vulnerability.

[ more ] [ reply ]

RE: Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products 2008-02-28
Raymond_Villafania support trendmicro com

Greetings!

I have submitted this case to our Product Specialist. We'll update you for the progress.

Regards,
Raymond F. Villafania
Systems Engineer
TrendLabs HQ, Trend Micro Incorporated

-----Original Message-----
From: Rainer Link (ADM-EU)
Sent: Thursday, February 28, 2008 5:48 AM
To: Vulner

[ more ] [ reply ]

Re: 123 Flash Chat Module for phpBB 2008-02-28
f10 by-f10 com

the download link is wrong

this is the right one :

http://www.hotscripts.com/jump.php?listing_id=34321&jump_type=1r

[ more ] [ reply ]

PR07-42: Webroot disclosure on Juniper Networks Secure Access 2000 2008-02-28
ProCheckUp Research (research procheckup com)

PR07-42: Webroot disclosure on Juniper Networks Secure Access 2000

Vulnerability found: 6th December 2007

Vendor informed: 12th December 2007

Severity: Low

Description:

By simply requesting the 'remediate.cgi' script omitting certain
parameters, the web server returns the physical path of the

[ more ] [ reply ]

PR07-41: XSS on Juniper Networks Secure Access 2000 2008-02-28
ProCheckUp Research (research procheckup com)

PR07-41: XSS on Juniper Networks Secure Access 2000

Vulnerability found: 6th December 2007

Vendor informed: 12th December 2007

Severity: Medium-high

Description:

Juniper Networks Secure Access 2000 is vulnerable to a vanilla XSS.

Vulnerable server-side script: '/dana-na/auth/rdremediate.cgi'

[ more ] [ reply ]