A fix for this issue is available on the vendor website.

www.paessler.com

[ more ]  [ reply ]

Thanks to Opsware's great support, this security issue has been taken care of in their latest release NAS 6.1.2 and a work-around has been provided for customers who are not planning to upgrade, just change the permission on the init file.

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1155-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
August 24th, 2006

[ more ]  [ reply ]

--Security Report--
Advisory: Integramod Portal <= 2.x File Inclusion Vulnerability
---
Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI
---
Date: 24/08/06 03:00 AM
---
Contacts:{
ICQ: 10072
MSN/Email: nukedx (at) nukedx (dot) com [email concealed]
Web: http://www.nukedx.com
}
---
Vendor: Integramod (http://www.integramo

[ more ]  [ reply ]

--Security Report--
Advisory: VistaBB <= 2.x Multiple File Inclusion Vulnerabilities
---
Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI
---
Date: 24/08/06 03:00 AM
---
Contacts:{
ICQ: 10072
MSN/Email: nukedx (at) nukedx (dot) com [email concealed]
Web: http://www.nukedx.com
}
---
Vendor: VistaBB (http://www.vistabb.net

[ more ]  [ reply ]

############################################################

pSlash v0.7 (lvc_include_dir) Remote Include Vulnerability

############################################################

#Author: XORON

############################################################

#Class: Remote

##########

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

========================================================================
=====
FreeBSD-SA-06:08.ppp Security Advisory
The FreeBSD Project

Topic: Bu

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - -

[ more ]  [ reply ]

Several names of related Trojan and dropper have been added to "Microsoft PowerPoint Vulnerability FAQ - August 2006, CVE-2006-4274" document today.

Changes to the document have been done too:
It is known that the Trojan
-generates a hidden iexplore.exe process,
-executes as a thread of this proces

[ more ]  [ reply ]

Hello,
 
All issues concerning this script and others at cescripts.com have been
addressed and fixed. Files have been re-distributed to customers. A patch is
available for download for members. All current versions have been updated.

Please update/delete your listing.

http://www.securityfocus.com/

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory:
Unintentional Password Modification in Cisco Firewall Products

Document ID: 70811

Advisory ID: cisco-sa-20060823-firewall

http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml

Revision 1.0

For Public Relea

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory:
Cisco VPN 3000 Concentrator FTP Management Vulnerabilities

Document ID: 71141

Advisory ID: cisco-sa-20060823-vpn3k

http://www.cisco.com/warp/public/707/cisco-sa-20060823-vpn3k.shtml

Revision 1.0

For Public Release 2006 Au

[ more ]  [ reply ]

FYI-

This XSS was discovered in Blackboard 6.2.x (compare to Windows 95 in today?s language). The current version of Blackboard in GA is 7.1.x

As for Pr0t0n; last I heard, he got expelled from Brevard Community College for messing around with their Blackboard system.

[ more ]  [ reply ]

I. THE SYSTEM
Symantec Gateway Security (SGS) is an enterprise-class appliance with a
linux-based stateful inspection firewall and application proxy
capabilities (http/https, ftp, smtp, dns, and so on).
Using the default installation the system keeps listening on the WAN
interface for all its proxie

[ more ]  [ reply ]

########################################################################

# Content management module for PHProjekt v0.6.1 Remote File Inclusion Vulnerability (2)

#

#

# Found By: D3nGeR

# E-Mail: D3nGeR (at) Gmail (dot) CoM [email concealed]

########################################################################

# ex

[ more ]  [ reply ]

McAfee, Inc.

McAfee® Avert® Labs Security Advisory

Public Release Date: 2006-08-22

Symantec Enterprise Security Manager Denial-of-Service Vulnerability

CVE Number Pending

________________________________________________________________________
_______

? Synopsis

The Symantec Enterprise

[ more ]  [ reply ]

________________________________________________________________________
_______

McAfee, Inc.

McAfee® Avert® Labs Security Advisory

Public Release Date: 2006-08-22

Linux Kernel SCTP Privilege Elevation Vulnerability

CVE-2006-3745

___________________________________________________________

[ more ]  [ reply ]

Hi list.

There are lots of SQL injections and XSS in the 'Eichhorn Portal' by
'Guder und Koch Netzwerktechnik' and their own website.

Input passed to multiple parameters in different PHP-files isn't
properly sanitised before being returned to the user.

This can be exploited to execute arbitrary H

[ more ]  [ reply ]

#!/usr/bin/perl
#author: tomas kempinsky

use strict;
use Socket;

my $port = shift || 2121;
my $proto = getprotobyname('tcp');
my $payload =
"\x32\x32\x30\x20\x5a\x0d\x0a\x33".
"\x33\x31\x20\x5a\x0d\x0a\x35\x30".
"\x30\x20\x44\x6f\x53\x0d\x0a\x35\".
"x30\x30\x20\x5a\x0d\x0a";

socket(SERVER, PF_IN

[ more ]  [ reply ]