===========================================================
Ubuntu Security Notice USN-995-1 September 29, 2010
libmikmod vulnerabilities
CVE-2007-6720, CVE-2009-0179, CVE-2009-3995, CVE-2009-3996,
CVE-2010-2546, CVE-2010-2971
===========================================================

A se

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-992-1 September 29, 2010
avahi vulnerabilities
CVE-2009-0758, CVE-2010-2244
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04

[ more ]  [ reply ]

Vulnerability ID: HTB22605
Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_zimplit.html
Product: Zimplit
Vendor: Zimplit Ltd. ( http://www.zimplit.com/ )
Vulnerable Version: 3.0 and Probably Prior Versions
Vendor Notification: 15 September 2010
Vulnerability Type: CSRF (Cross-Site Request

[ more ]  [ reply ]

: Vulnerability ID: HTB22564
: Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_auto_cms.html
: Product: Auto CMS
: Vendor: Roberto Aleman ( http://ventics.com/autocms/ )
: Vulnerable Version: 1.6 and Probably Prior Versions

: Vulnerability Type: XSS (Cross Site Scripting)

As an F

[ more ]  [ reply ]

: Vulnerability ID: HTB22584
: Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_compucms.html
: Product: CompuCMS
: Vendor: CompuSoft A/S ( http://www.compusoft.dk/ )
: Vulnerable Version: Current at 06.08.2010 and Probably Prior Versions

Once again, you assign a "version" based

[ more ]  [ reply ]

Hi,

My name is Yam Mesicka, I'm from Israel and this is my first big
disclosure (so help needed is here :-)
I found XSS on phpMyFAQ system, versions 2.6.6 to 2.6.8.

Dork: intitle:"Powered By phpMyFAQ 2.6.8"
XSS: site-location/index.php/"><script>alert("XSS")</script>
Vul: 2.6.6 <= phpMyFAQ <= 2.6.

[ more ]  [ reply ]

#2010-004 FFmpeg/libavcodec arbitrary offset dereference

Description:

The libavcodec library, an open source video encoding/decoding library part of
the FFmpeg project, suffers from an arbitrary offset dereference vulnerability.

The vulnerability affects the flic file format parser, insufficient

[ more ]  [ reply ]

Hi,

Horde IMP v4.3.7 and lower are subject to a cross site scripting (XSS)
vulnerability:

The fetchmailprefs.php script fails to properly sanitize user supplied
input to the 'fm_id' URL parameter. If exploited, injected code will be
persistent (persistent XSS) and will execute once the user (manua

[ more ]  [ reply ]

Vulnerability ID: HTB22607
Reference: http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_entrans.h
tml
Product: Entrans
Vendor: Khader Abbeb N ( http://sourceforge.net/projects/entrans/ )
Vulnerable Version: 0.3.2 and Probably Prior Versions
Vendor Notification: 13 September 2010
Vulner

[ more ]  [ reply ]

Vulnerability ID: HTB22606
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_entrans.html
Product: Entrans
Vendor: Khader Abbeb N ( http://sourceforge.net/projects/entrans/ )
Vulnerable Version: 0.3.2 and Probably Prior Versions
Vendor Notification: 13 September 2010
Vulnerability Ty

[ more ]  [ reply ]

Vulnerability ID: HTB22604
Reference: http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_e107_2.ht
ml
Product: e107 Website System
Vendor: e107 ( http://www.e107.org/ )
Vulnerable Version: 0.7.23 and Probably Prior Versions
Vendor Notification: 13 September 2010
Vulnerability Type: SQL

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

Debian Security Advisory DSA-2114-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Stefan Fritsch
September 26, 2010

[ more ]  [ reply ]

Vulnerability ID: HTB22608
Reference: http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_entrans_1
.html
Product: Entrans
Vendor: Khader Abbeb N ( http://sourceforge.net/projects/entrans/ )
Vulnerable Version: 0.3.2 and Probably Prior Versions
Vendor Notification: 13 September 2010
Vuln

[ more ]  [ reply ]

Check Point Software Technologies - Vulnerability Discovery Team (VDT)
http://www.checkpoint.com/defense/

Web commands injection through FTP Login in Synology Disk Station
CVE-2010-2453

INTRODUCTION

Synology Inc develops high-performance, reliable, versatile, and environmentally-friendly Network

[ more ]  [ reply ]

As all of you already know the Exploit Next Generation® Compliance
Methodology is the only methodology able to apply the "Z-Day Attacks"
concepts.

Some examples demonstrated during its very first appearance are now
available at:
- http://code.google.com/p/exploit-ng/

To celebrate one year of its

[ more ]  [ reply ]

Hello Bugtraq!

I want to warn you about Full path disclosure, Cross-Site Scripting and SQL
Injection vulnerabilities in CMS MYsite. It's Ukrainian commercial CMS.

Full path disclosure (WASC-13):

http://site/portal/modules.php?name=Ads

XSS (WASC-08):

http://site/portal/modules.php?name=Web_Links

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:189-1
http://www.mandriva.com/security/
______________________________________________________________________

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:189
http://www.mandriva.com/security/
______________________________________________________________________

[ more ]  [ reply ]

Opera's variation of this vulnerability was fixed back in Opera 10.10. The information on this thread is incorrect. The issue shown here does not affect Opera, and this code would not have produced an exploit in Opera, even in pre-10.10 versions. All it will do is display a message showing that the

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

VMware Security Advisory

Advisory ID: VMSA-2010-0014
Synopsis: VMware Workstation, Player, and ACE address several
security

[ more ]  [ reply ]

Trustwave's SpiderLabs Security Advisory TWSL2010-005:
FreePBX recordings interface allows remote code execution

https://www.trustwave.com/spiderlabs/advisories/TWSL2010-005.txt

Published: 2010-09-23
Version: 1.0

Vendor: FreePBX (http://www.freepbx.org/)
Product: FreePBX and VOIP solutions (Aster

[ more ]  [ reply ]

Not to rain on your parade, but...

> Netscape v9.0.0.6

"AOL formally stopped development of Netscape Navigator on December
28, 2007, but continued supporting the web browser with security
updates until March 1, 2008, when AOL canceled technical support."

If you are using a browser abandoned by th

[ more ]  [ reply ]

Works on Opera 10.70. Build 9049 for Linux, too.

On Thu, 23 Sep 2010 04:23:47 -0600
info (at) securitylab (dot) ir [email concealed] wrote:

> Proof Of Concept:
>
> 1.html:
> <body>
> {}body{DOM:
> Cross Domain Vulnerability
>
>
> 2.html:
> <style>
> @import url("1.html");
> </style>
> <script>
> setTimeout(function(){
> va

[ more ]  [ reply ]

PoC:

1.html:
<body>
{}body{DOM:
Cross Domain Vulnerability

2.html:
<style>
@import url("1.html");
</style>
<script>
setTimeout(function(){
var s = document.body.currentStyle.DOM;
alert(s);
},0);
</script>

Vulnerable:
Netscape v9.0.0.6

By: Securitylab.ir
Original Advisory: http://Securitylab.ir/A

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02514929
Version: 1

HPSBMA02578 SSRT100069 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Information Disclosure

NOTICE: The information in this Security Bulletin shou

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02518794
Version: 1

HPSBMA02583 SSRT100070 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote URL Redirection

NOTICE: The information in this Security Bulletin should be a

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02514953
Version: 1

HPSBMA02584 SSRT100230 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote URL Redirection

NOTICE: The information in this Security Bulletin should be a

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02521481
Version: 1

HPSBMA02585 SSRT100256 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upo

[ more ]  [ reply ]

Proof Of Concept:

1.html:
<body>
{}body{DOM:
Cross Domain Vulnerability

2.html:
<style>
@import url("1.html");
</style>
<script>
setTimeout(function(){
var s = document.body.currentStyle.DOM;
alert(s);
},0);
</script>

Vulnerable:
Opera 10.62

By: Securitylab.ir
Original Advisory: http://Secur

[ more ]  [ reply ]

=============================================
INTERNET SECURITY AUDITORS ALERT 2010-005
- Original release date: March 30th, 2010
- Last revised: September 23th, 2010
- Discovered by: Mario Diaz Caldera
- Severity: 5.5/10 (CVSS Base Score)
=============================================

I. VULNERABIL

[ more ]  [ reply ]