|
|
Colapse all |
Post message
FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com 2007-08-11 ilkerkandemir mynet com #!/usr/bin/php -q -d short_open_tag=on <? echo " # FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit # AUTHOR: ilker kandemir <ilkerkandemir[at]mynet.com> # DOWNLOAD:http://sourceforge.net/project/showfiles.php?group_id=189733 # Thanks to rgod for the php code and Ajann for helps [ more ] [ reply ] phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit 2007-08-11 ilkerkandemir mynet com #!/usr/bin/php -q -d short_open_tag=on <? print ' //'===================================================================== ========================== //'[Script : phpDVD v1.0.4 //'[Author : iLker Kandemir <ilkerkandemir[at]mynet.com> //'[S.Page : http://ugo.scarlata.it/phpdvd/phpDVD-1 [ more ] [ reply ] [ MDKSA-2007:157 ] - Updated kdelibs packages fix cross-site scripting (XSS) vulnerabilities 2007-08-11 security mandriva com [SECURITY] [DSA 1353-1] New tcpdump packages fix arbitrary code execution 2007-08-11 Moritz Muehlenhoff (jmm debian org) Re: Gästebuch Version 1.5 Remote Command Execution Vulnerability 2007-08-10 ilkerkandemir mynet com (1 replies) echo "<meta http-equiv='refresh' content='0;URL=install.php'>"; redirecting brotha ;) Not RFI [ more ] [ reply ] Re: Gstebuch Version 1.5 Remote Command Execution Vulnerability 2007-08-10 Carsten Eilers (ceilers-lists gmx de) Re:Re: [ELEYTT] 3SIERPIEN2007 2007-08-09 Michal Bucko (michal bucko eleytt com) Dear "xyborg", As far as I remember this particular issue's description (the one I had sent) didn't involve any URL bar spoofing information (this was generally all about the notion of 'security'-related confusement I was playing with). But, nevertheless, thank you for reminding me ;) Cheers, [ more ] [ reply ] Zyxel Zywall 2 multiple vulnerabilities 2007-08-10 Henri Lindberg - Smilehouse Oy (henri lindberg smilehouse com) [ MDKSA-2007:155 ] - Updated tcpdump packages fix remote denial of service 2007-08-10 security mandriva com rPSA-2007-0157-1 firefox thunderbird 2007-08-10 rPath Update Announcements (announce-noreply rpath com) rPath Security Advisory: 2007-0157-1 Published: 2007-08-10 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Indirect User Non-deterministic Unauthorized Access Updated Versions: firefox=/conary.rpath.com@rpl:devel//1/2.0.0.6-0.1-1 thunderbird=/conary.rpath.com@rpl:de [ more ] [ reply ] rPSA-2007-0155-1 openssl openssl-scripts 2007-08-10 rPath Update Announcements (announce-noreply rpath com) rPath Security Advisory: 2007-0155-1 Published: 2007-08-10 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Local System User Non-deterministic Information Exposure Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.7-1 openssl-scripts=/conary.rpath.co [ more ] [ reply ] rPSA-2007-0154-1 cups poppler tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi 2007-08-10 rPath Update Announcements (announce-noreply rpath com) rPath Security Advisory: 2007-0154-1 Published: 2007-08-10 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Remote System User Deterministic Privilege Escalation Updated Versions: cups=/conary.rpath.com@rpl:devel//1/1.1.23-14.2-1 poppler=/conary.rpath.com@rpl:devel// [ more ] [ reply ] [ MDKSA-2007:154 ] - Updated xine-ui packages fix denial of service and arbitrary code execution 2007-08-09 security mandriva com Joomla 1.0.12 CMS - Session fixation Issue in backend Administration interface 2007-08-10 router email si ======================================================================== ============ Team Intell Security Advisory TISA2007-03 ------------------------------------------------------------------------ ------------ Joomla 1.0.12 CMS - Session fixation Issue in backend Administration interface ========= [ more ] [ reply ] BH/DC: Tactical Exploitation Materials 2007-08-09 H D Moore (sflist digitaloffense net) At Black Hat 2007 and Defcon 15, Valsmith and I gave a talk entitled "Tactical Exploitation". This talk introduced a tactical approach to penetration testing that does not rely on exploiting known vulnerabilities. During the talk, we used a combination of new tools and lesser-known techniques to [ more ] [ reply ] Re: Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability 2007-08-09 laurent gaffie gmail com false advisory again here... you should read the code, unless to do a basic search with your editor for : -include($ -include_once($ -require($ -require_once($ dont you think you should try your "PoC" before you do send it on a professional bugtraq like securityfocus ? plz guys stop diffusing th [ more ] [ reply ] New Oracle Forensics Paper 2007-08-10 David Litchfield (davidl ngssoftware com) Hey all, I've just posted a new paper on Oracle Forensics and my Black Hat presentation to http://www.databasesecurity.com/oracle-forensics.htm The new paper is entitled "Oracle Forensics Part 5: Finding Evidence of Data Theft in the Absence of Auditing" and explores some of the ideas I discussed [ more ] [ reply ] [HS-A007] Qbik WinGate Remote Denial of Service 2007-08-10 Harmony Security Advisory (advisory harmonysecurity com) Title ===== [HS-A007] Qbik WinGate Remote Denial of Service Date ==== 10 August 2007 Affected Software ================= WinGate versions 5.x and 6.x (prior to 6.2.2). Overview ======== WinGate by Qbik IP Management Limited is a sophisticated gateway and server product used in over 600,000 [ more ] [ reply ] Re: Guestbook Script 1.9 RFI 2007-08-09 laurent gaffie gmail com false advisory again here... in every files you can see : /***************************************************** ** Send safety signal to included files *****************************************************/ define('IN_SCRIPT', 'true'); you should read the code, unless to do a basic [ more ] [ reply ] Re: TS-2007-002-0: BlueCat Networks Adonis root Privilege Access 2007-08-09 security bluecatnetworks com BlueCat Networks acknowledges the existence of this issue and our testing confirms that this can allow a Proteus Administrator to write arbitrary data using TFTP to an Adonis system and potentially damage or compromise it. This issue is the result of data validation errors in Proteus with respect t [ more ] [ reply ] iDefense Security Advisory 08.09.07: Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities 2007-08-09 iDefense Labs (labs-no-reply idefense com) Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities iDefense Security Advisory 08.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 09, 2007 I. BACKGROUND OpenView Operations software is a suite of network management tools used to monitor events on, and eval [ more ] [ reply ] VNSECON07 Materials released 2007-08-08 Jerome Athias (jerome athias free fr) Hi ladies and gentlemen, I'm happy to announce the availability of my materials for my talk at VNSECON07 ( http://conf.vnsecurity.net/ ), Ho Chi Minh, Vietnam. You can find the intro and slides + the full-text paper at: https://www.securinfos.info/VNSECON2007 Covered topics: * usage, enhancement [ more ] [ reply ] Join us at OWASP Mumbai Meet : 6th September 2007 2007-08-09 dharmeshmm owasp org OWASP Mumbai joins in celebrating OWASP Live 0. OWASP Live 0 is Day of Worldwide OWASP One Day Conferences. Block your calendar on 6th September 2007 to join us on the event. Registrations for the event are FREE !! Interested in Speaking / Sharing your thoughts?? The topic of the event will be o [ more ] [ reply ] |
|
Privacy Statement |
----------------------------------------------
Script : Best Top List
Version : All Version
Site : http://besttoplist.sourceforge.net (Closed)
Founder : Rizgar
Contact : rizgar (at) linuxmail (dot) org [email concealed] and irc.gigachat.net #kurdhack
Thanks : KHC, PH , Cold
[ more ] [ reply ]