-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability

Severity: Tomcat 7.0.x - Low, Tomcat 6.0.x - Moderate

Vendor: The Apache Software Foundation

Versions Affected:
- - Tomcat 7.0.0 to 7.0.4
- Not affected in default configuration.

[ more ]  [ reply ]

New eVuln Advisory:

url XSS in Hot Links Lite

http://evuln.com/vulns/142/summary.html

-----------Summary-----------

eVuln ID: EV0142

Software: Hot Links Lite

Vendor: Mrcgiguy

Version: 1.0

Critical Level: low

Type: Cross Site Scripting

Status: Unpatched. No reply from developer(s)

PoC:

[ more ]  [ reply ]

Dear All,

I'm proud to announce that the H2HC Cancun entrance is now free - Thanks
to our sponsors that helped us to make this happen: Microsoft, Nitro
Security, Trustwave and others!

As many of you already know, H2HC (Hackers to Hackers Conference) is
been held for the 7th year in São Paulo, but

[ more ]  [ reply ]

'Free Simple Software' SQL Injection Vulnerability (CVE-2010-4298)
Mark Stanislav - mark.stanislav (at) gmail (dot) com [email concealed]

I. DESCRIPTION
---------------------------------------
A vulnerability exists in the 'Free Simple Software' download module which allows for a 'UNION SELECT' to easily expose the applicatio

[ more ]  [ reply ]

Hi list

Earlier this year, Trusteer discovered a vulnerability in Apple Safari for Windows (versions 4.0.2-4.0.5 and 5.0-5.0.2). The issue is in the Javascript Math.random function, which is implemented in Safari via its WebKit core. Trusteer reported this vulnerability to Apple and to WebKit.org.

[ more ]  [ reply ]

New eVuln Advisory:

report.cgi SQL inj in Hot Links SQL

http://evuln.com/vulns/141/summary.html

-----------Summary-----------

eVuln ID: EV0141

Software: Hot Links SQL 3

Vendor: Mrcgiguy

Version: 3.2.0

Critical Level: medium

Type: SQL injection

Status: Unpatched. No reply from developer(

[ more ]  [ reply ]

vBulletin - XSS Filter Bypass within Profile Customization

Versions Affected: 4.0.8 PL1 (3.8.* is not vulnerable.)

Info:
Content publishing, search, security, and more - vBulletin has it all.
Whether it's available features, support, or ease-of-use, vBulletin offers
the most for your money. Learn

[ more ]  [ reply ]

Hello Bugtraq!

I want to warn you about Insufficient Anti-automation and Denial of Service
vulnerabilities in CMS SiteLogic (in addition to those multiple
vulnerabilities in CMS SiteLogic which I disclosed in 2009-2010). It's
Ukrainian commercial CMS.

SecurityVulns ID: 11258.

--------------------

[ more ]  [ reply ]

Hello Hans!

First, it's not a site specific hole, it's browser specific. So issue in
browser and it'll be working at any site. And I used universal PoC (suitable
for most cases). For online testing and especially for attacking purposes
you can use any working web site (e.g. google.com).

http://www

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thanks for your replies ( especially linuxoid.rain at gmail dot com and
mfardiles ). Mentioned above users informed me that my vulerability also
affect DIR-600 and DIR-320 D-Link router models. I'm going to buy those
routers and test all available firmw

[ more ]  [ reply ]

Hi,

Using ?-- will not work on part of the sites with a problem. A blind
Xss attack using single and double quotes do.

Best regards,

Hans

-----Original Message-----
From: MustLive [mailto:mustlive (at) websecurity.com (dot) ua [email concealed]]
Sent: Sunday, November 14, 2010 6:54 PM
To: bugtraq (at) securityfocus (dot) com [email concealed]
Subject:

[ more ]  [ reply ]

VUPEN Security Research - Apple Safari Scrollbar Handling Use-after-free
Vulnerability (VUPEN-SR-2010-245)

http://www.vupen.com/english/research.php

I. BACKGROUND
---------------------

"Apple Safari is a web browser developed by Apple. As of February 2010,
Safari was the fourth most widely used

[ more ]  [ reply ]

Vtiger CRM 5.2.0 Multiple Vulnerabilities

Name Multiple Vulnerabilities in Vtiger CRM
Systems Affected Vtiger CRM 5.2.0 and possibly earlier versions
Severity Medium
Impact (CVSSv2) Medium 9/10, vector: (AV:N/AC:L/Au:N/C:P/I:P/A:C)
Vendor http://www.vtigercr

[ more ]  [ reply ]

Felipe,

The bug goes back all the way to 2.4.0. But please keep in mind that
this exploit was intended as a joke - it only allows you to read a
single byte of uninitialized kernel stack memory, out of a 64-byte
buffer. In addition, you're not even guaranteed to be reading
contiguous data if you r

[ more ]  [ reply ]

Hi there,

It works because there is "Content-Location" header in .mht file so
our malicious code will be there.
"Content-Location" is outside <html></html> so it will work only in IE
(with .htm extension ofcourse).

Example code of .mht file with XSS:

[...]
Content-Type: text/html;
charset="utf-8

[ more ]  [ reply ]

New eVuln Advisory:
URL and Title XSS in AxsLinks
http://evuln.com/vulns/139/summary.html

-----------Summary-----------
eVuln ID: EV0139
Software: AxsLinks
Vendor: AXScripts
Version: 0.3
Critical Level: medium
Type: Cross Site Scripting
Status: Unpatched. No reply from developer(s)
PoC: Not availa

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-1018-1 November 18, 2010
openssl vulnerability
CVE-2010-3864
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 9.

[ more ]  [ reply ]

Dear All,

I'm happy to announce that the H2CSO (Hackers to CSO) debate will happen
again!

We will broadcast the debate freely on the internet, in English. To
subscribe just go to the link:
http://www.decisionreport.com.br/securityleaders/Inscricao_ingles.html

The Decision Report is organizin

[ more ]  [ reply ]

VUPEN Security Research - Apple Safari Selections Handling Use-after-free
Vulnerability (VUPEN-SR-2010-246)

http://www.vupen.com/english/research.php

I. BACKGROUND
---------------------

"Apple Safari is a web browser developed by Apple. As of February 2010,
Safari was the fourth most widely use

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:239
http://www.mandriva.com/security/
______________________________________________________________________

[ more ]  [ reply ]

New eVuln Advisory:

Cookie Auth Bypass in Hot Links SQL

http://evuln.com/vulns/140/summary.html

-----------------------[ Summary ]-------------------------

eVuln ID: EV0140

Software: Hot Links SQL 3

Vendor: Mrcgiguy

Version: 3.2.0

Critical Level: high

Type: Authentication Bypass

Status:

[ more ]  [ reply ]

The Call for Papers for the second annual HITBSecConf in Europe is now
open! Taking place from the 17th - 20th of May at the NH Grand
Krasnapolsky in Amsterdam, HITB2011AMS will be a quad-track conference
line up featuring keynote speaker Joe Sullivan (Chief Security Officer
of Facebook) and a speci

[ more ]  [ reply ]

Multiple vulnerabilities were found in web application chCounter <= 3.1.3.

Author:
- Matias Fontanini(mfontanini (at) cert.unlp.edu (dot) ar [email concealed]).

Requirements:
- Downloads must be enabled(this is not default).
- magic_quotes off.
- Access to administration site

=SQLInjection=
Location: administration/index.php

[ more ]  [ reply ]

Dan,

What kernel versions are vulnerable to this one ?

Felipe

On 10/11/2010 17:05, James Lay wrote:
> What kernel version(s) is/are impacted? Tried on one and no workie.
>
> James
>
>
> On 11/9/10 3:18 PM, "Dan Rosenberg"<dan.j.rosenberg (at) gmail (dot) com [email concealed]> wrote:
>
>> Enjoy...
>>
>> -Dan
>>
>>
>>

[ more ]  [ reply ]

Vulnerability ID: HTB22696
Reference: http://www.htbridge.ch/advisory/xss_in_compactcms_1.html
Product: CompactCMS
Vendor: compactcms.nl ( http://www.compactcms.nl/ )
Vulnerable Version: 1.4.1
Vendor Notification: 04 November 2010
Vulnerability Type: XSS (Cross Site Scripting)
Status: Fixed by Ven

[ more ]  [ reply ]

Vulnerability ID: HTB22695
Reference: http://www.htbridge.ch/advisory/xss_in_compactcms.html
Product: CompactCMS
Vendor: compactcms.nl ( http://www.compactcms.nl/ )
Vulnerable Version: 1.4.1
Vendor Notification: 04 November 2010
Vulnerability Type: XSS (Cross Site Scripting)
Status: Fixed by Vendo

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:238
http://www.mandriva.com/security/
______________________________________________________________________

[ more ]  [ reply ]

########################################################

AWCM v2.2 Auth Bypass Vulnerabilities

########################################################

____ __ __ __

/\ _`\ /\ \ __

[ more ]  [ reply ]

nullcon Dwitiya (2.0)
The Jugaad(hacking) Conference

nullcon is an initiative by null - The open security community.

Website:
http://nullcon.net

Calling all Jugaadus(hackers)
It's the time of the year when we welcome research done by the
community as paper submissions for nullcon.
So, sip your co

[ more ]  [ reply ]

Vulnerability ID: HTB22688
Reference: http://www.htbridge.ch/advisory/sql_injection_in_icebb.html
Product: IceBB
Vendor: XAOS Interactive ( http://icebb.net/ )
Vulnerable Version: 1.0-rc10
Vendor Notification: 02 November 2010
Vulnerability Type: SQL Injection
Status: Not Fixed, Vendor Alerted, Aw

[ more ]  [ reply ]