SecurityFocus

[XSec-06-08]: Windows 2000 Multiple COM Object Instantiation Vulnerability 2006-08-21
nop (nop xsec org)

Advisory ID:
XSec-06-08

Advisory Name:
Windows 2000 Multiple COM Object Instantiation Vulnerability

Release Date:
08/21/2006

Tested on:
Windows 2000/Internet Explorer 6.0 SP1

Affected version:
Windows 2000

Author:
nop <nop#xsec.org>
http://www.xsec.org

Overview:
Multiple vulnerability has been

[ more ] [ reply ]

Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln 2006-08-20
Outlaw aria-security net

########################################################################
###################

# Aria-Security.net Advisory #

# Discovered by: O.U.T.L.A.W #

# < www.Aria-security.net >

[ more ] [ reply ]

New PowerPoint 0-day and Trojan - FAQ document ready 2006-08-20
Juha-Matti Laurio (juha-matti laurio netti fi)

I have constructed a FAQ document about the recent 0-day vulnerability in Microsoft PowerPoint disclosed on Saturday.

This vulnerability is being exploited by Trojan horse TROJ_SMALL.CMZ.

The document entitled as Microsoft PowerPoint 0-day Vulnerability FAQ - August 2006, CVE-2006-nnnn (CVE name

[ more ] [ reply ]

[SECURITY] [DSA 1154-1] New squirrelmail packages fix information disclosure 2006-08-20
Moritz Muehlenhoff (jmm debian org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1154-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
August 20th, 2006

[ more ] [ reply ]

WoltLab Burning Board 2.3.5(WBB) in XSS 2006-08-20
ZeberuS ZeberuS Com

Hi

################################################

WBB in XSS We aren't able to bite from the Avatar ,But attachment.php With xss code are able to bite.

################################################

HEX editor With GIF picture Open , JS code are writing.

~~~~~~ GIF89ajscode ~~~~~~

[ more ] [ reply ]

LBlog <= "comments.asp" SQL Injection Exploit 2006-08-20
ChironeX FleckeriX Gmail Com

########################################################################
########

## ##

## LBlog <= "comments.asp" SQL Injection Exploit ##

## - - - - - - - - - - - - - - - - - - - - - - -

[ more ] [ reply ]

POC & exploit for Apache mod_rewrite off-by-one 2006-08-20
Jacobo Avariento (jack-sec gulcas org)

Public release date of POC/Exploit: 2006-08-20
Author: Jacobo Avariento Gimeno
CVE id: CVE-2006-3747
Bugtraq id: 19204
CERT advisory: VU#395412
Severity: high

Introduction
----
On July 28 2006 Mark Dowd (McAfee Avert Labs) reported a vulnerability
found in mod_rewrite apache module to the bugtraq

[ more ] [ reply ]

XennoBB <= 2.2.1 "icon_topic" SQL Injection 2006-08-19
c boulton mybboard com

--------------------- SUMMARY ---------------------

Name:

XennoBB "icon_topic" SQL Injection (19/8/2006)

Vendor / Product:

XennoBB Group

http://www.xennobb.com/

Description:

The world's most revolutionary and easy to use bulletin board.

Revolutionary because it redefines the b

[ more ] [ reply ]

Mambo com_cropimage 1.0 Component Remote Include Vulnerability 2006-08-19
x0r0n hotmail com

############################################################

############################################################

############# C Y B E R - W A R R I O R T I M #############

############################################################

####################################################

[ more ] [ reply ]

Mambo CatalogShop Remote File Inclusion 2006-08-19
Outlaw aria-security net

########################################################################
###################

# Aria-Security.net Advisory #

# Discovered by: O.U.T.L.A.W # # < www.Aria-security.net >

[ more ] [ reply ]

[Kurdish Security # 23] Spaw Editor Remote Include Vulnerability 2006-08-19
botan linuxmail org

* Kurdish Security Advisory

* Spaw Editor Remote Include Vulnerability

* Our Party is PKK, Our Army HPG, We will Earn

* contact ? : irc.gigachat.net #kurdhack & botan (at) linuxmail (dot) org [email concealed]

* Risk : High

* Class : Remote

* Script : Spaw Editor

* Version : v1.6 and v1.7

* Site : www.solmetra.com

[ more ] [ reply ]

Ako Comments (mod) Remote File Inclusion 2006-08-19
Outlaw aria-security net

########################################################################
###################

# Aria-Security.net Advisory #

# Discovered by: O.U.T.L.A.W #

# < www.Aria-security.net >

[ more ] [ reply ]

Modification For OpenSEF Remote file Inclusion 2006-08-19
Outlaw aria-security net

########################################################################
###################

# Aria-Security.net Advisory #

# Discovered by: O.U.T.L.A.W # # < www.Aria-security.net >

[ more ] [ reply ]

Re: Re: discloser 0.0.4 Remote File Inclusion (with Exploit) 2006-08-17
dr t3rr0r1st yahoo com

ok , here we go

foreach ($avail_types as $type) {

include($type . ".plugin.php");

here's the source

so what's the problem ? your source is correct but the source that i found the vuln. in it , shows that there is a Remote File Inclusion Vulnerabilite in your script

Regards

T3rr0rist

[ more ] [ reply ]

Joomla MamboWiki Component <= 0.9.4 (MamboLogin.php) Remote File Inclusion Vulnerability 2006-08-18
camino sexmagnet com

.:[ insecurity research team ]:.

.__..____.:.______.____.:.____ .

.:. | |/ \:/ ___// __ \:/ _\.:.

: | | | \\____\\ ___/\ /__ :. .

..: |__|___| /____ >\___ >\___ >.:

.:.. .. .\/ .:\/:. .\/. .:\/:

. ...:. .advisory. .:...

:...........

[ more ] [ reply ]

Joomla Kochsuite Component <= 0.9.4 (config.kochsuite.php) Remote File Inclusion Vulnerability 2006-08-18
camino sexmagnet com

.:[ insecurity research team ]:.

.__..____.:.______.____.:.____ .

.:. | |/ \:/ ___// __ \:/ _\.:.

: | | | \\____\\ ___/\ /__ :. .

..: |__|___| /____ >\___ >\___ >.:

.:.. .. .\/ .:\/:. .\/. .:\/:

. ...:. .advisory. .:...

:...........

[ more ] [ reply ]

[KAPDA::#55] - Joomla poll component vulnerability 2006-08-18
alireza hassani (trueend5 yahoo com)

KAPDA New advisory

Vendor: http://www.joomla.org
Vulnerable: 1.0.10 (prior versions also maybe
Affected)
Bug: user session validation weakness
Exploitation: Remote with browser
Poc: available

Description:
--------------------
From vendorâ??s website.
Joomla! is an award-winning Content Manageme

[ more ] [ reply ]

Sonium Enterprise Adressbook Version 0.2 (folder) RFI 2006-08-18
philipp niedziela gmx de

+--------------------------------------------------------------------

+

+ Sonium Enterprise Adressbook Version 0.2 (folder) RFI

+

+ Original advisory:

+ http://www.bb-pcsecurity.de/Websecurity/342/org/Sonium_Enterprise_Adress
book_Version_0.2_(folder)_RFI.htm

+

+-------------------------------

[ more ] [ reply ]

Re: UPDATE vBulletin Version 3.5.4 exploit 2006-08-18
scott vbulletin com

If you have the CAPTCHA enabled then the registrations won?t even go through. This can be enabled via the Admin Control Panel. It's not enabled by default due to extra module requirements in PHP.

The option for CAPTCHA exists in all versions of vBulletin and the majority of customers enable it al

[ more ] [ reply ]

[SECURITY] [DSA 1153-1] New ClamAV packages fix arbitrary code execution 2006-08-18
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1153-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
August 18th, 2006

[ more ] [ reply ]

Re: JavaScript Lazy Authorization Forcer and Visited Link Scaner 2006-08-16
mikeiscool (michaelslists gmail com)

i discovered this first!

well, maybe. but the site where i talked about it is now gone :)

anyway, it really doesn't need to be so complicated with creating a
new 'style' section; just use the a:visited selector.

<style>
a { margin-left: 1px; }
a:visited { margin-left: 2px; }
</style>

then chec

[ more ] [ reply ]

Joomla RFİ ( ERNE ) 2006-08-17
erne ernealizm com

#### #### ## # ####

# # # # # # #

### #### # # # ###

# # # # ## #

#### # # # # ####

# ERNE ---- ERNEALİZM ---- BU ASK BiTMEZ----

# Mambo jim Component - Remote File Include Vulnerabilities

# Credits : ERNE

# Risk : High

# Class: Remote

#

[ more ] [ reply ]

Mambo mambelfish Component <= 1.1 Remote File Include Vulnerability 2006-08-17
bilkopat hotmail com

####################################################

# #

# C Y BE R - W A R R i O R T I M #

# #

####################################################

mambo com_mambelfish Compo

[ more ] [ reply ]

Re: Concurrency-related vulnerabilities in browsers - expect problems 2006-08-17
mannion snet net (1 replies)

I tried the link that was supposed to crash Firefox, but it didn't, probably because I'm using the "NoScript" extension plug-in.

[ more ] [ reply ]

Re: Concurrency-related vulnerabilities in browsers - expect problems 2006-08-18
Michal Zalewski (lcamtuf dione ids pl)

JavaScript Lazy Authorization Forcer and Visited Link Scaner 2006-08-15
pdp (architect) (pdp gnucitizen googlemail com)

Lazy Authorization Forcer
http://www.gnucitizen.org/projects/javascript-authorization-forcer/

This is an idea I am still developing but here you go POC is available
and it works. The malicious JavaScript presented here will try to
guess URLs that contain credentials. It is sort of Basic
Authenticat

[ more ] [ reply ]