|
|
Colapse all |
Post message
FreeBSD Security Advisory FreeBSD-SA-07:01.jail 2007-01-11 FreeBSD Security Advisories (security-advisories freebsd org) Calyptix Security Advisory CX-2007-001 - Snort 2.6.1.2 Integer Underflow Vulnerability 2007-01-11 Calyptix Advisories (advisories2007 calyptix com) Calyptix Security Advisory CX-2007-001 Date: 01/11/2007 http://www.calyptix.com/ http://labs.calyptix.com/advisories/CX-2007-01.txt [ Overview ] Snort 2.6.1.2 is vulnerable to an integer underflow that allows a remote attacker to cause Snort to read beyond a specified length of memory, potentially [ more ] [ reply ] Computer Terrorism (UK) :: Incident Response Centre - Microsoft Outlook Vulnerability 2007-01-11 advisories computerterrorism com Computer Terrorism (UK) :: Incident Response Centre www.computerterrorism.com Security Advisory: CT09-01-2007 ======================================================= Microsoft Outlook Advanced Find - Remote Code Execution ======================================================= Advisory Date: [ more ] [ reply ] [ MDKSA-2007:009 ] - Updated kdenetwork packages fix ksirc vulnerability 2007-01-11 security mandriva com WMF CreateBrushIndirect vulnerability (DoS) 2007-01-11 Alexander Sotirov (asotirov determina com) The following WMF exploit appeared on milw0rm today: http://www.milw0rm.com/exploits/3111 The vulnerability is a result of the WMF parser passing a value from the file as a pointer argument to the CreateBrushIndirect function. The function dereferences the pointer and dies with an access violation. [ more ] [ reply ] [ MDKSA-2007:007 ] - Updated nvidia driver packages fix vulnerability 2007-01-11 security mandriva com Re: Vendor guidelines regarding security contacts 2007-01-11 Juha-Matti Laurio (juha-matti laurio netti fi) Another source is Secunia Vendor Database at http://secunia.com/vendor/ including links to specific vendor product pages. (example: http://secunia.com/vendor/4/ Adobe Systems) which helps to find the official Web pages of the vendor and the product. - Juha-Matti Chris Wysopal <weld (at) vulnwatch (dot) or [email concealed] [ more ] [ reply ] phpBB (privmsg.php) XSS Exploit 2007-01-11 info burnhead it phpBB (privmsg.php) XSS Exploit By: Demential Web: http://headburn.altervista.org E-mail: info (at) burnhead (dot) it [email concealed] PhpBB website: http://phpbb.com Exploit tested on phpBB 2.0.21 Secunia.com said: Input passed to the form field "Message body" in privmsg.php is not properly sanitised before it is returned [ more ] [ reply ] DMA[2007-0107a] OmniWeb Javascript Alert Format String Vulnerabiity and DMA[2007-0109a] Apple Finder Disk Image Volume Label Overflow / DoS 2007-01-11 K F (lists) (kf_lists digitalmunition com) I've been subject to a few DoS attacks as of late so these did not quite make it out. Enjoy the typos as usual. =P -KF DMA[2007-0109a] - 'Apple Finder Disk Image Volume Label Overflow / DoS' Author: Kevin Finisterre Vendor(s): http://www.apple.com Product: '<= OSX 10.4 (?)' References: http://www [ more ] [ reply ] Re: Circumventing CSFR Form Token Defense 2007-01-10 bugtraq phihag de (1 replies) If there is a method which enables JavaScript to set up arbitrary HTTP requests and read the server's answers, you could implement an "autonomic browser" which requests any pages (using the user's cookies to authenticate) and saves them somehow to an internal string. From then, there's no barrier fo [ more ] [ reply ] sazcart v1.5 (cart.php) Remote File include 2007-01-09 emel_gw_ini yahoo com *********************---Hitamputih crew---******************************** * Bug Found By : IbnuSina * vendor : http://sazcart.com/site *Risk : High * Greetz : *Solpot,permenhack,barbarosa,cah|gemblunkz,fung_men,setiawan,irvian,mete oroid * and all member hitamputih crew community *************** [ more ] [ reply ] A Major design Bug in Camouflage 1.2.1 (latest) 2007-01-07 thesinoda hotmail com A Major design Bug in Camouflage 1.2.1 (latest) Direct Link: http://homepage.mac.com/adonismac/Advisory/steg/camouflage.html Disclaimer ========== This material is presented for informational purposes ONLY. I do not condone or encourage vandalism or theft. I do not accept any liability for anythi [ more ] [ reply ] Re: SAP Security Contact 2007-01-09 Thor (Hammer of God) (thor hammerofgod com) On 1/6/07 4:14 PM, "Nicob" <nicob (at) nicob (dot) net [email concealed]> spoketh to all: > Le vendredi 05 janvier 2007, Thor (Hammer of God) a écrit : > >> Something like security (at) sap (dot) com [email concealed] may seem obvious, but it's better if you >> list specific contact info so it can be easily found. > > I don't want to be rude but : > - [ more ] [ reply ] Re: slocate leaks filenames of protected directories 2007-01-10 Dennis Jackson (dennis jackson ndirect co uk) (1 replies) Curious. This problem doesn't happen for me with version 2.7. As root # cd /root # mkdir dir # chmod 711 dir # cd dir # touch hiddenfile # cd .. # /usr/bin/slocate -c -u As an ordinary user $ ls -l /root/dir /usr/bin/ls: /root/dir: Permission denied $ slocate hiddenfile $ slocate -V Secure Loca [ more ] [ reply ] CS-Cart 1.3.3 (install.php) Remote File Include Vulnerability 2007-01-09 ahmed_labib_hilmy yahoo com $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$ $$ $$ CS-Cart 1.3.3 (install.php) Remote File Include Vulnerability $$ Script site: http://www.cs-cart.com $$ Dork: Powered by CS-Cart - Shopping Cart Software $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ [ more ] [ reply ] VLC Format String Vulnerability also in XINE 2007-01-10 Sven Czaja gmx de Hi, I have read about Bugtraq ID: 21852 I tried the demo-exploit from http://www.securityfocus.com/data/vulnerabilities/exploits/VLCMediaSlaye r-x86.pl Then I tried to play the file in xine and got ... This is xine (X11 gui) - a free video player v0.99.4. (c) 2000-2004 The xine Team. xiTK receive [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
========================================================================
=====
FreeBSD-SA-07:01.jail Security Advisory
The FreeBSD Project
Topic: Ja
[ more ] [ reply ]