-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

==========================================================
==
== Subject: Remote Command Injection Vulnerability
== CVE ID#: CVE-2007-2447
==
== Versions: Samba 3.0.0 - 3.0.25rc3 (inclusive)
==
== Summary: Unescaped user input parameters are

[ more ]  [ reply ]

netVigilance Security Advisory #17

MyBB version 1.2.4 Multiple Path Disclosure Vulnerabilities

Description:
MyBB is a powerful, efficient and free forum package developed in PHP and MySQL. Full control over your discussion system is presented right at the tip of your fingers, from multiple style

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

==========================================================
==
== Subject: Local SID/Name translation bug can result
== in user privilege elevation
== CVE ID#: CVE-2007-2444
==
== Versions: Samba 3.0.23d - 3.0.25pre2 (inclusive)
=

[ more ]  [ reply ]

Dear List,
I'd like to announce the immediate availability of BTcrack Heisec
Release. During the Heise Security Conference I released and demoed
this version of BTcrack, the Heisec Conference is held in Munich
THIS Tuesday 15th. http://www.heise.de/veranstaltungen/2007/heisec_konferenz/

BTcrack is

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200705-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

ifdate 2.* unauthorized administrative access bug

vendor : Liz0zim
web: www.biyosecurity.net www.expw0rm.com

Script Home Page : http://www.ifusionservices.co.uk/
vul. version : iFdate 2.*

vul code :

all admin folder files

///////////////////////////////////////
// Checks user is logged in

[ more ]  [ reply ]

hello,
Apple Safari on Macosx may reveal user's saved passwords. A local user with legitimate access to the system is able to steal keychained password by injecting javascripts into a loaded webpage via applescript.
It seems that safari fails to validate the source of injected code, however apple be

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

==========================================================
==
== Subject: Multiple Heap Overflows Allow Remote
== Code Execution
== CVE ID#: CVE-2007-2446
==
== Versions: Samba 3.0.0 - 3.0.25rc3 (inclusive)
==
== Summary: Var

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Document ID: c01034753
Version: 2

HPSBMI02210 SSRT071396 rev.2 - ProCurve Series 9300m Switches, Remote Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2007-05-09
Last

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1290-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
May 13th, 2007

[ more ]  [ reply ]

netVigilance Security Advisory #20

SonicBB version 1.0 XSS Attack Vulnerabilities

Description:
SonicBB is a user-friendly and fully customizable bulletin board package. SonicBB is compatible with any web server/operating system combo with PHP 4.x or higher installed.SonicBB is the ideal communit

[ more ]  [ reply ]

netVigilance Security Advisory #19

SonicBB version 1.0 Multiple SQL Injection Vulnerabilities

Description:
SonicBB is a user-friendly and fully customizable bulletin board package. SonicBB is compatible with any web server/operating system combo with PHP 4.x or higher installed.SonicBB is the id

[ more ]  [ reply ]

netVigilance Security Advisory #18

SonicBB version 1.0 Multiple Path Disclosure Vulnerabilities

Description:
SonicBB is a user-friendly and fully customizable bulletin board package. SonicBB is compatible with any web server/operating system combo with PHP 4.x or higher installed.SonicBB is the

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1289-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Dann Frazier
May 13th, 2007

[ more ]  [ reply ]

Tested on x86 and x64 editions of Windows Vista Ultimate, though this exploit should function correctly on all x86 and x64 editions of Windows Vista.

This exploit requires an attack vector such as a Trojan horse. However, in light of the enormous success of such types of attacks in the past, and t

[ more ]  [ reply ]

Uninformed is pleased to announce the release of its seventh volume. This
volume includes 3 articles on relating to exploitation technology and general
research:

- Exploitation Technology: Reducing the Effective Entropy of GS Cookies
Author: skape

- General Research: Memalyze: Dynamic Ana

[ more ]  [ reply ]

Exim in conjuction with spamd messup
By calcite (at) setec (dot) org [email concealed]

"Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail

[ more ]  [ reply ]

...i took a look at the new notepad++, and noticed this, i'm not sure how
long it has been there or if it was recently added to the code... either
way here is a POC for it.

original reference:
http://fakehalo.us/xnotepad++.c

/*[ notepad++[v4.1]: (win32) ruby file processing buffer overflow explo

[ more ]  [ reply ]

In this post I'd like to discuss the threat widely circulated insecure
broadband routers pose today. We have touched on it before.

Today, yet another public report of a vulnerable DSL modem type was posted
to bugtraq, this time about a potential WIRELESS flaw with broadband
routers being insecure a

[ more ]  [ reply ]

#Webspeed OpenEdge Dos exploit
#Bug Discovered By :Eelko Neven
#Exploit Coded By spyMASter
#Şeklimizide koyalım : ) www.ulpow.net The Eliminators of the Web
#First you have to find the messenger execution url. For example:
http://target/scripts/cgiip.exe/WService=wsbroker1
http://targe

[ more ]  [ reply ]

[vuln.sg] Vulnerability Research Advisory

yEnc32 Decoder Long Filename Buffer Overflow Vulnerability

by Tan Chew Keong
Release Date: 2007-05-12

Summary
-------
A vulnerability has been found in yEnc32. When exploited, the vulnerability allows execution of arbitrary code when the user decodes a sp

[ more ]  [ reply ]

Hi,
I'd like to inform you about a vulnerability in the Deutsche Telekom Speedport w700v DSL router. Currently it's the standard device that is shipped with new DSL contracts.

I - TITLE

Security advisory: Weaknesses in the login process of the web interface
of the Speedport w700v DSL Router a

[ more ]  [ reply ]

Hi,
I'd like to inform you about a XSS-vulnerability in Adobe RoboHelp 6, RoboHelp Server 6 and RoboHelp X5. See attached advisory below.

I - TITLE

Security advisory: Cross-Site Scripting in RoboHelp 6, RoboHelp Server 6
and RoboHelp X5

II - SUMMARY

Description: A Cross-Site Scripting Fl

[ more ]  [ reply ]

Discovered by: gsy & kerem125
Website: www.kerem125.com

script download:http://www.aspindir.com/indir2.asp?id=4891&sIslem=%DDndir

exploit:/W1L3D4_bolum.asp?forumid=-99+union+all+select+0,1,2,3,4,5,6,7,8
,9,password,username,12,13,14,15,16,17,18,19,20+from+users

example:http://philboard.somee.com/W

[ more ]  [ reply ]

Denial of Service attack against OpenEdge WebSpeed possible through dict.r. 11-5-2007
author: Eelko Neven
discovered: 9-5-2007

Because of poor security in dict.r it is possible to put all agents in busy mode.

First you have to find the messenger execution url. For example:
http://yourmachine.com/s

[ more ]  [ reply ]