|
|
Prev week |
Colapse all |
Post message
Re: Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger 2007-01-27 Outlaw aria-security net stompy the session stomper - tool availability 2007-01-27 Michal Zalewski (lcamtuf dione ids pl) Hi all, I'd like to announce the availability of 'stompy', a free tool to perform a fairly detailed black-box assessment of WWW session identifier generation algorithms. Session IDs are commonly used to track authenticated users, and as such, whenever they're predictable or simply vulnerable to bru [ more ] [ reply ] [USN-398-4] Firefox regression 2007-01-27 Kees Cook (kees ubuntu com) =========================================================== Ubuntu Security Notice USN-398-4 January 27, 2007 firefox regression https://launchpad.net/bugs/77859 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5. [ more ] [ reply ] Full Disclosure: Arbitrary Code Execution in LedgerSMB CVE-2006-5872 2007-01-27 Chris Travers (chris metatrontech com) CVE-2006-5872 (filed against SQL-Ledger) also affects LedgerSMB. This was first fixed in LedgerSMB 1.1.5 but due to a number of unrelated bugs, we recommend upgrading to 1.1.7. SQL-Ledger fixed the problem in 2.6.21. This occurs due to the improper handling of input handling in the redirect f [ more ] [ reply ] [ MDKSA-2007:029 ] - Updated libsoup packages fix DoS vulnerability 2007-01-27 security mandriva com [ MDKSA-2007:028 ] - Updated ulogd packaged to address buffer overflow vulnerability 2007-01-27 security mandriva com Re: [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed 2007-01-27 Matteo Beccati (php beccati com) WS_FTP 2007 Professional SCP handling format string vulnerability 2007-01-26 Michal Bucko (michal bucko hack pl) Dexia website security alert 2007-01-25 Jos Kirps (jos kirps com) A few days ago I sent a mail to the Dexia bank (www.dexia.lu) about their website. They have two logins, one is for the online banking account and one is for some kind of members' area. The problem with the "members' login" was that a) it was not SSL encrypted and b) it used to send bad usern [ more ] [ reply ] rPSA-2007-0020-1 rmake 2007-01-25 rPath Update Announcements (announce-noreply rpath com) rPath Security Advisory: 2007-0020-1 Published: 2007-01-25 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Local Root Deterministic Privilege Escalation Updated Versions: rmake=/conary.rpath.com@rpl:devel//1/1.0.3-2-0.1 References: https://issues.rpath.com/browse/R [ more ] [ reply ] rPSA-2007-0021-1 bind bind-utils 2007-01-25 rPath Update Announcements (announce-noreply rpath com) rPath Security Advisory: 2007-0021-1 Published: 2007-01-25 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: bind=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1 bind-utils=/conary.rpath.com@rpl:devel//1/9.3.4-0.1-1 [ more ] [ reply ] Re: Remove all admin->root authorization prompts from OSX 2007-01-25 John Smith (genericjohnsmith gmail com) haha, and I believe kev already had something to say on the topic when a n00b had previously posted that as a vuln in Mac OS X: "Explain to me how this is a MacOS specific bug? I can duplicate this behavior on my debian linux machine." http://www.securityfocus.com/archive/1/395142/30/0/threaded [ more ] [ reply ] Re: Remove all admin->root authorization prompts from OSX 2007-01-26 Ben Bucksch (news bucksch org) Marvin Simkin wrote: > I respectfully disagree with this proposal and maybe we should discuss it. > > Being a member of the admin group is NOT 100% equal to being root. Well, almost. Given that admins have write access to /Applications/, they can install trojans there, which will be run by all use [ more ] [ reply ] Re: Remove all admin->root authorization prompts from OSX 2007-01-26 Baptiste Malguy (baptiste malguy fr easynet net) Hello, About sudo in particular. * You can force for a prompt (5mn by default on Mac OSX,) adding a line such as the following in /etc/sudoers (using the visudo command): Defaults timestamp_timeout = 0 * By default users do not authenticate on a per-tty basis. You can enforce it with the [ more ] [ reply ] iDefense Security Advisory 01.26.07: Multiple Vendor libchm Page Block Length Memory Corruption Vulnerability 2007-01-26 iDefense Labs (labs-no-reply idefense com) Multiple Vendor libchm Page Block Length Memory Corruption Vulnerability iDefense Security Advisory 01.26.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 26, 2007 I. BACKGROUND CHMlib is an open source library used to read Microsoft CHM, compressed HTML, files. CHM files were origin [ more ] [ reply ] S21sec-034-en: Cisco VTP DoS vulnerability 2007-01-26 S21sec Labs (labs s21sec com) ############################################################### ID: S21SEC-034-en Title: Cisco VTP Denial Of Service Date: 26/01/2007 Status: Vendor contacted, bug fixed Severity: Medium - DoS - remote from the local subnet Scope: Cisco Catalyst Switch denial of service Platforms: IOS Author: Alfred [ more ] [ reply ] FdScript <= v1.3.2 Remote File Disclosure Vulnerability 2007-01-26 ajannhwt hotmail com ************************************************************************ ******* # Title : FdScript <= v1.3.2 Remote File Disclosure Vulnerability # Author : ajann # Contact : :( # Site : http://stud.usv.ro/~vlad_l/ # $$ : Free ******************************************************** [ more ] [ reply ] PHP Membership Manager Cross-Site Scripting Vulnerability 2007-01-26 DoZ HackersCenter com PHP Membership Manager Cross-Site Scripting Vulnerability PHP Membership Manager is a browser based tool which allows a site owner to easily manage an unlimited number of username / password accounts and groups which access secure, protected areas of a web site which require logging in before acc [ more ] [ reply ] Cross-site Scripting with Local Privilege Vulnerability in Yahoo Messenger 2007-01-26 hainamluke yahoo com DESCRIPTION: I?ve found a cross-site scripting vulnerability in Yahoo! Messenger, a popular advertisement-supported instant messaging client and protocol provided by Yahoo! Attacker can inject a malicious script with local privilege to Y!M notification message. The vulnerability is discovered in t [ more ] [ reply ] Re: SMF "index.php?action=pm" Cross Site-Scripting 2007-01-26 Lise Moorveld (lise_moorveld yahoo com) If you follow these steps: > #-Go to > http://target/smf/index.php?action=pm;sa=send > #-Inster your xss code for the recipient or BCC > #-Press send. The code will be injected in the page that is returned to the attacker. No Personal Message containing malicious code will be send to anybody, beca [ more ] [ reply ] [ GLSA 200701-23 ] Cacti: Command execution and SQL injection 2007-01-26 Matthias Geerdsen (vorlon gentoo org) [OPENADS-SA-2007-002] Max Media Manager v0.1.29 and v0.3.30 vulnerability fixed 2007-01-26 Matteo Beccati (php beccati com) Movable Type <= 3.33 XSS Exploit 2007-01-26 teracci2002 yahoo co jp [Description] MT (Movable Type) is a Blog software. MT has a XSS filter to remove scripts from user inputs, but there are ways to evade the filter using malformed input. [Affected] Movable Type <= 3.33 [Exploit] By the default, Blog readers are allowed to post comments containing html tags. Attac [ more ] [ reply ] [ GLSA 200701-24 ] VLC media player: Format string vulnerability 2007-01-26 Matthias Geerdsen (vorlon gentoo org) Re: Re: Re: Re: SMF "index.php?action=pm" Cross Site-Scripting 2007-01-26 sirdarckcat gmail com Any way, this vulnerability is not dangerous.. because for sending a successful PM request, you need to match the "sid" variable, that is impossible to get unless you already have control of the session. The correct patch must be added in the theme file "PersonalMessage.template.php" at the beginin [ more ] [ reply ] [USN-410-2] teTeX vulnerability 2007-01-26 Kees Cook (kees ubuntu com) =========================================================== Ubuntu Security Notice USN-410-2 January 25, 2007 tetex-bin vulnerability CVE-2007-0104 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 This advis [ more ] [ reply ] Medium Risk Vulnerability in PGP Desktop 2007-01-25 NGSSoftware Insight Security Research (nisr ngssoftware com) Peter Winter-Smith of NGSSoftware has discovered a medium risk vulnerability in PGP Desktop which can allow a remote authenticated attacker to execute arbitrary code on a system on which PGP Desktop is installed. The vulnerability resides within the Windows Service which PGP Desktop installs (which [ more ] [ reply ] Re: ZixForum <= 1.14 (Zixforum.mdb) Remote Password Disclosure Vulnerability 2007-01-24 anonym anonym com |
|
Privacy Statement |
[ more ] [ reply ]