-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco Unified Communications Manager CTL
Provider Heap Overflow

Document ID: 100345

Advisory ID: cisco-sa-20080116-cucmctl

http://www.cisco.com/warp/public/707/cisco-sa-20080116-cucmctl.shtml

Revision 1.0

For Public Release

[ more ]  [ reply ]

Aria-Security Team,

http://Aria-Security.net

-------------------------------

Shout Outs:

Vendor: http://www.site2nite.com/

Google Search: Website Development Provided By: Site2Nite

Username: anything' OR 'x'='x

Password: anything' OR 'x'='x

Regards,

The-0utl4w

Credits Goes To Aria

[ more ]  [ reply ]

TPTI-08-01: Apple Quicktime Image File IDSC Atom Memory Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/TPTI-08-01.html
January 15, 2008

-- CVE ID:
CVE-2008-0033

-- Affected Vendor:
Apple

-- Affected Products:
QuickTime Player 7.3
QuickTime PictureViewer 7.3

-- Vulnerabili

[ more ]  [ reply ]

rPath Security Advisory: 2008-0017-1
Published: 2008-01-15
Products:
rPath Appliance Platform Linux Service 1
rPath Linux 1

Rating: Minor
Exposure Level Classification:
Indirect Deterministic Denial of Service
Updated Versions:
libxml2=conary.rpath.com@rpl:1/2.6.22-1.2-1

rPath Issu

[ more ]  [ reply ]

rPath Security Advisory: 2008-0016-1
Published: 2008-01-15
Products:
rPath Linux 1

Rating: Minor
Exposure Level Classification:
Remote Deterministic Privilege Escalation
Updated Versions:
postgresql=conary.rpath.com@rpl:1/8.1.11-0.1-1
postgresql-server=conary.rpath.com@rpl:1/8.1.11-

[ more ]  [ reply ]

Digital Security Research Group [DSecRG] Advisory #DSECRG-08-002

Application: aria-0.99-6 (Web based ERP)
Versions Affected: aria-0.99-6
Vendor URL: http://www.tucows.net/
Bug: Local File Include
Exploits:

[ more ]  [ reply ]

rPath Security Advisory: 2008-0015-1
Published: 2008-01-15
Products:
rPath Linux 1

Rating: Major
Exposure Level Classification:
Indirect User Deterministic Unauthorized Access
Updated Versions:
cairo=conary.rpath.com@rpl:1/1.0.2-1.4-1

rPath Issue Tracking System:
https://issues.rpa

[ more ]  [ reply ]

Aria-Security Team

http://Aria-Security.Net

-----------------------------------

Vendor: http://cPanel.com

cPanel Hosting Manager (dohtaccess.html) Cross-Site SCripting

Vulnerable File: /cpanelpro/dohtaccess.html

Use the information Below:

Url to redirect leech users to: "><script>alert('Disco

[ more ]  [ reply ]

[+] Info:

[~] Software: RichStrong CMS

[~] HomePage: http://www.hzrich.cn

[~] Exploit: Remote Sql Injection [High]

[~] Where: showproduct.asp?cat=

[~] Bug Found By: Jose Luis Góngora Fernández|JosS

[~] Contact: sys-project[at]hotmail.com

[~] Web: http://www.spanish-hackers.com

[~] Dork: "P

[ more ]  [ reply ]

Digital Security Research Group [DSecRG] Advisory #DSECRG-08-003

Application: Blogcms
Versions Affected: Blogcms 4.2.1b
Vendor URL: http://blogcms.com/
Bugs: SQL Injestions, SiXSS, XSS
Exploits:

[ more ]  [ reply ]

8e6 Technologies R3000 Internet Filter Bypass by Request Split

Product:

8e6 Technologies R3000 Internet Filter

http://www.8e6.com/network-security/internet-filtering/internet-filterin
g.html

The HTTP URL filtering function provided by the 8e6 Technologies R3000 Internet Filter can be by

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

Debian Security Advisory DSA-1464-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
January 15, 2008

[ more ]  [ reply ]

iDefense Security Advisory 01.15.08
http://labs.idefense.com/intelligence/vulnerabilities/
Jan 15, 2008

I. BACKGROUND

Quicktime is Apple's media player product, and is used to render video
and other media. For more information visit the vendor's web site at
the following URL.

http://www.apple.com

[ more ]  [ reply ]

Just to add to what has already passed, Security Focus has put up this
article regarding this issue.
http://www.securityfocus.com/news/11501

ys

On 13/01/2008, crazy frog crazy frog <i.m.crazy.frog (at) gmail (dot) com [email concealed]> wrote:
> Hi,
>
> Recently on opening one of my site,my antivirus pops up saying that it
>

[ more ]  [ reply ]

Dear Jos?e M. Palazon Romero,

This approach is not new, it was demonstrated by ShAnKaR
<shankar_(at)_shankar.name> against Simple Machines Forum 1.1.2 in June,
2007.

See:
http://securityvulns.ru/Rdocument271.html (in Russian)
http://securityvulns.ru/files/capcha.pl (Exploit code)
h

[ more ]  [ reply ]

iDefense Security Advisory 01.15.08
http://labs.idefense.com/intelligence/vulnerabilities/
Jan 15, 2008

I. BACKGROUND

TIBCO SmartSockets is a message passing framework used to transport
messages over disparate channels. The RTserver is the server component
of the framework. More information can be

[ more ]  [ reply ]

iDefense Security Advisory 01.15.08
http://labs.idefense.com/intelligence/vulnerabilities/
Jan 15, 2008

I. BACKGROUND

TIBCO SmartSockets is a message passing framework used to transport
messages over disparate channels. The RTserver is the server component
of the framework. More information can be

[ more ]  [ reply ]

iDefense Security Advisory 01.15.08
http://labs.idefense.com/intelligence/vulnerabilities/
Jan 15, 2008

I. BACKGROUND

TIBCO SmartSockets is a message passing framework used to transport
messages over disparate channels. The RTserver is the server component
of the framework. More information can be

[ more ]  [ reply ]

iDefense Security Advisory 01.15.08
http://labs.idefense.com/intelligence/vulnerabilities/
Jan 15, 2008

I. BACKGROUND

TIBCO SmartSockets is a message passing framework used to transport
messages over disparate channels. The RTserver is the server component
of the framework. More information can be

[ more ]  [ reply ]

On Mon, 14 Jan 2008 12:58:17 CST, Jan Heisterkamp said:
> > A malicious link executing unnoticed by the administrator may open the firewall.
>
> The catch is that this exploit don't work unnoticed, because the admin
> get notification in the browser that there has occured an error with the
> ceri

[ more ]  [ reply ]

> The catch is that this exploit don't work unnoticed, because the admin
> get notification in the browser that there has occured an error with the
> cerificate ["Unable to verify the identity of Linksys as a trusted
> site"] and he has explicity allow it. In other words first he has to
> allow to

[ more ]  [ reply ]

---> figure out why my antivirus randomly popsup?i

The exploit is served first time you load an infected page and then very
infrequently after that (it was originally thought that it is delivered
only ONCE per visiting IP, but some people put this to the test (and
found that the exploit will appear

[ more ]  [ reply ]

nope i dont thnk it has to do with user agent.i have tried with
IE,Firefox but nothing.though when u change ip it shows the stuff.so i
think its ip based?

On Jan 15, 2008 10:52 PM, Gadi Evron <ge (at) linuxbox (dot) org [email concealed]> wrote:
> On Tue, 15 Jan 2008, crazy frog crazy frog wrote:
> > nick,
> > ur not getting m

[ more ]  [ reply ]

On Tue, 15 Jan 2008, crazy frog crazy frog wrote:
> nick,
> ur not getting my point,the url is techicorner.com/{random string
> here},i have already mentioned it in previous posts.
> i have read the link sent by denis,and i would have to conclude that:
> 1)The problem does not occurs always,instead

[ more ]  [ reply ]

On 15/01/2008, Denis <sp23 (at) internode.on (dot) net [email concealed]> wrote:
> This is a very serious new threat affecting Linux servers and thousands
> of boxes have been compromised since December 2007.
>
> Each box serving the nasty javascript has been rooted. One person has
> found a way to CLEAN the infection (ie. stop

[ more ]  [ reply ]

Pipe the output of a command to FOR in (), and you crash the Windows
Vista Windows Command Processor (CMD.exe) with a DEP violation. I expect
it works on Server 2008 as well.

Maybe this is exploitable for privilege escalation, at least on a
machine with DEP disabled. I did not do any dump analysis

[ more ]  [ reply ]

# MicroNews Authentication Bypass

# Homepage: http://phptoys.com/

# Download: http://www.phptoys.com/download.php?view.31

# Found by Xcross87 | xcross87.info | hcegroup.net

Simply access news input

http://[site]/[path]/admin.php

[^$^] Enjoy !

# - by Xcross - #

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

[SecurityReason - Apache (mod_status) Refresh Header - Open Redirector (XSS)]

Author: sp3x

Date:

- - Written: 15.12.2007

- - Public: 15.01.2008

SecurityReason Research

SecurityAlert Id: 50

CVE: CVE-2007-6388

SecurityRisk: Low

Affec

[ more ]  [ reply ]

Good point, it could be an unknown kernel hole.

However it could and be a privilege escalation scenario through the
application layer .. maybe PHP, knowing its history and the fact it's
present on all the infected machines.

Anyway, nobody really knows how the initial root compromise is achieved

[ more ]  [ reply ]

Jamie,

the servers are definately 'rooted' - as in, root access required for
what the exploit does ie. it's dug itself deep into the kernel and you
can't even compile a new kernel on the infected machine or even create
files or directories that start with a digit. So yeah, the servers are
rooted in

[ more ]  [ reply ]