SecurityFocus

Another new technique to bypass SEHOP. ( no 'xor pop pop ret' ) 2010-10-02
geinblues gmail com

Lately, MS Windows SEH overflow attack technique only uses the methods.

[mostly used method]

win xp sp2(SEH): 'pop pop ret' - David Litchfield 2003.

win xp sp3(SafeSEH): unloaded module's 'pop pop ret' - Litchfield 2003.

win server 2008/Vista sp1(SEHOP): SYSDREAM(c)'s 'xor pop pop ret'.

[

[ more ] [ reply ]

[ MDVSA-2010:193 ] qt-creator 2010-10-03
security mandriva com

[ MDVSA-2010:191 ] mailman 2010-10-01
security mandriva com

Multiple vulnerabilities in WordPress 2 and 3 2010-10-01
MustLive (mustlive websecurity com ua)

Hello Bugtraq!

I want to warn you about Cross-Site Scripting, Full path disclosure,
Information Leakage, Directory Traversal, Arbitrary File Deletion and Denial
of Service vulnerabilities in WordPress.

For all these attacks it's needed to have access to admin account, or to
have account with right

[ more ] [ reply ]

[STANKOINFORMZASCHITA-10-01] Netbiter® webSCADA multiple vulnerabilities 2010-10-01
info itdefence ru

[STANKOINFORMZASCHITA-10-01] Netbiter® webSCADA ? multiple vulnerabilities

Authors: Eugene Salov (eugene (at) itdefence (dot) ru [email concealed]), Andrej Komarov (komarov (at) itdefence (dot) ru [email concealed])
Product: Netbiter® webSCADA
CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:R/C:C/I:C/A:C)
Impact Subscore: 10.0
Exploitability Subscore: 8.0
Availa

[ more ] [ reply ]

THOTCON 0x2 - Call For Papers is Open -> 10.01.10 2010-10-01
THOTCON Announce (announce thotcon org)

****************************************
***BEGIN THOTCON TRANSMISSION***********

What: THOTCON 0x2
When: 04.22.11
Where: TOP_SECRET
Call For Papers Opens: 10.01.10
Call for Papers Closes: 01.01.11
More Info: <http://www.thotcon.org>

*** ABOUT ******************************
THOTCON (pronounced \Ë?

[ more ] [ reply ]

Re: XSRF (CSRF) in Zimplit 2010-10-01
security curmudgeon (jericho attrition org)

Hi HTBridge,

: Vulnerability ID: HTB22605
: Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_zimplit.html
: Vendor: Zimplit Ltd. ( http://www.zimplit.com/ )
: Vulnerable Version: 3.0 and Probably Prior Versions
: Vendor Notification: 15 September 2010
: Vulnerability Type: CSRF (Cross-Sit

[ more ] [ reply ]

Re: XSS vulnerability in Pluck 2010-09-30
security curmudgeon (jericho attrition org)

: Vulnerability ID: HTB22610
: Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_pluck.html
: Vulnerable Version: 4.6.3 and probably prior versions
: Vendor Notification: 15 September 2010
: Vulnerability Type: XSS (Cross Site Scripting)
: Status: Not Fixed, Vendor Alerted, Awaiting

[ more ] [ reply ]

[ MDVSA-2010:190 ] libtiff 2010-09-30
security mandriva com

ZDI-10-181: IBM TSM FastBack Server ActivateLTScriptReply Remote Code Execution Vulnerability 2010-09-29
ZDI Disclosures (zdi-disclosures tippingpoint com)

ZDI-10-181: IBM TSM FastBack Server ActivateLTScriptReply Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-181
September 29, 2010

-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)

-- Affected Vendors:
IBM

-- Affected Products:
IBM Tivoli Storage Manager FastBack

--

[ more ] [ reply ]

ZDI-10-180: IBM TSM FastBack Server _SendToLog Remote Code Execution Vulnerability 2010-09-29
ZDI Disclosures (zdi-disclosures tippingpoint com)

ZDI-10-180: IBM TSM FastBack Server _SendToLog Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-180
September 29, 2010

-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)

-- Affected Vendors:
IBM

-- Affected Products:
IBM Tivoli Storage Manager FastBack

-- TippingPoin

[ more ] [ reply ]

ZDI-10-186: IBM TSM FastBack _CalcHashValueWithLength Remote Denial of Service Vulnerability 2010-09-29
ZDI Disclosures (zdi-disclosures tippingpoint com)

ZDI-10-186: IBM TSM FastBack _CalcHashValueWithLength Remote Denial of Service Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-186
September 29, 2010

-- CVSS:
5, (AV:N/AC:L/Au:N/C:N/I:N/A:P)

-- Affected Vendors:
IBM

-- Affected Products:
IBM Tivoli Storage Manager FastBack

-- Vu

[ more ] [ reply ]

ZDI-10-185: IBM TSM FastBack Server _Eventlog Format String Remote Code Execution Vulnerability 2010-09-29
ZDI Disclosures (zdi-disclosures tippingpoint com)

ZDI-10-185: IBM TSM FastBack Server _Eventlog Format String Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-185
September 29, 2010

-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)

-- Affected Vendors:
IBM

-- Affected Products:
IBM Tivoli Storage Manager

-- Tipping

[ more ] [ reply ]

ZDI-10-179: IBM TSM FastBack Mount Service Arbitrary Overwrite Remote Code Execution Vulnerability 2010-09-29
ZDI Disclosures (zdi-disclosures tippingpoint com)

ZDI-10-179: IBM TSM FastBack Mount Service Arbitrary Overwrite Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-179
September 29, 2010

-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)

-- Affected Vendors:
IBM

-- Affected Products:
IBM Tivoli Storage Manager

-- Tipp

[ more ] [ reply ]

ZDI-10-183: IBM TSM FastBack Server FXCLI_checkIndexDBLocation Remote Code Execution Vulnerability 2010-09-29
ZDI Disclosures (zdi-disclosures tippingpoint com)

ZDI-10-183: IBM TSM FastBack Server FXCLI_checkIndexDBLocation Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-183
September 29, 2010

-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)

-- Affected Vendors:
IBM

-- Affected Products:
IBM Tivoli Storage Manager FastBack

[ more ] [ reply ]

[SECURITY] [DSA-2115-1] New moodle packages fix several vulnerabilities 2010-09-29
Florian Weimer (fw deneb enyo de)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

Debian Security Advisory DSA-2115-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Florian Weimer
September 29, 2010

[ more ] [ reply ]

VMSA-2010-0015 VMware ESX third party updates for Service Console 2010-09-30
VMware Security team (security vmware com)

JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities 2010-09-30
Salvatore Fresta aka Drosophila (drosophilaxxx gmail com)

JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities

Name JE Guestbook
Vendor http://www.joomlaextensions.co.in
Versions Affected 1.0

Author Salvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact sal

[ more ] [ reply ]

ZDI-10-187: IBM TSM FastBack Server _DAS_ReadBlockReply Remote Denial of Service Vulnerability 2010-09-29
ZDI Disclosures (zdi-disclosures tippingpoint com)

ZDI-10-187: IBM TSM FastBack Server _DAS_ReadBlockReply Remote Denial of Service Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-187
September 29, 2010

-- Affected Vendors:
IBM

-- Affected Products:
IBM Tivoli Storage Manager FastBack

-- TippingPoint(TM) IPS Customer Protection:

[ more ] [ reply ]

[ GLSA 201009-09 ] fence: Multiple symlink vulnerabilites 2010-09-29
Stefan Behte (craig gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201009-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[security bulletin] HPSBMA02558 SSRT100158 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code 2010-09-30
security-alert hp com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02290344
Version: 3

HPSBMA02558 SSRT100158 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted

[ more ] [ reply ]

ZDI-10-184: IBM TSM FastBack Server USER_S_AddADGroup Remote Code Execution Vulnerability 2010-09-29
ZDI Disclosures (zdi-disclosures tippingpoint com)

ZDI-10-184: IBM TSM FastBack Server USER_S_AddADGroup Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-184
September 29, 2010

-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)

-- Affected Vendors:
IBM

-- Affected Products:
IBM Tivoli Storage Manager FastBack

-- Tipp

[ more ] [ reply ]

ZDI-10-182: IBM TSM FastBack Server FXCLI_OraBR_Exec_Command Remote Code Execution Vulnerabilities 2010-09-29
ZDI Disclosures (zdi-disclosures tippingpoint com)

ZDI-10-182: IBM TSM FastBack Server FXCLI_OraBR_Exec_Command Remote Code Execution Vulnerabilities
http://www.zerodayinitiative.com/advisories/ZDI-10-182
September 29, 2010

-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)

-- Affected Vendors:
IBM

-- Affected Products:
IBM Tivoli Storage Manager FastBack

[ more ] [ reply ]

XSS vulnerability in Pluck 2010-09-29
advisory htbridge ch

Vulnerability ID: HTB22610
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_pluck.html
Product: Pluck
Vendor: Pluck Team ( http://www.pluck-cms.org )
Vulnerable Version: 4.6.3 and probably prior versions
Vendor Notification: 15 September 2010
Vulnerability Type: XSS (Cross Site Scri

[ more ] [ reply ]

[security bulletin] HPSBUX02587 SSRT100215 rev.1 - HP-UX Directory Server and Red Hat Directory Server for HP-UX, Local Disclosure of Information, Privilege Escalation 2010-09-29
security-alert hp com

[Onapsis Security Advisory 2010-007] SAP Management Console Multiple Denial of Service 2010-09-29
Onapsis Research Labs (research onapsis com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Onapsis Security Advisory 2010-007: SAP Management Console Multiple Denial of Service

This advisory can be downloaded in PDF format from http://www.onapsis.com/research.html.
By downloading this advisory from the Onapsis Resource Center, you will gain

[ more ] [ reply ]

[USN-993-1] libgdiplus vulnerability 2010-09-29
Marc Deslauriers (marc deslauriers canonical com)

===========================================================
Ubuntu Security Notice USN-993-1 September 29, 2010
libgdiplus vulnerability
CVE-2010-1526
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu

[ more ] [ reply ]

[USN-994-1] libHX vulnerability 2010-09-29
Marc Deslauriers (marc deslauriers canonical com)

===========================================================
Ubuntu Security Notice USN-994-1 September 29, 2010
libhx vulnerability
CVE-2010-2947
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 9.04

[ more ] [ reply ]

[USN-996-1] Mako vulnerability 2010-09-29
Marc Deslauriers (marc deslauriers canonical com)

===========================================================
Ubuntu Security Notice USN-996-1 September 29, 2010
mako vulnerability
CVE-2010-2480
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 10.04 LTS

This adviso

[ more ] [ reply ]

XSS vulnerability in GetSimple CMS 2010-09-29
advisory htbridge ch

Vulnerability ID: HTB22609
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_getsimple_cms_1.htm
l
Product: GetSimple CMS
Vendor: Cagintranet Networks ( http://get-simple.info/ )
Vulnerable Version: 2.01 and Probably Prior Versions
Vendor Notification: 15 September 2010
Vulnerability

[ more ] [ reply ]