BugTraq Mode:
(Page 1085 of 1748)  < Prev  1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090  Next >
SAPID CMS remote File Inclusion vulnerabilities 2006-08-07
simo64 morx org
########################################################################
#

# Title: SAPID CMS remote File Inclusion Vulnerabilities

#

# Author: Simo64 <simo64_at_morx_org>

#

# Discovered: 06 Aout 2006

#

# MorX Security Research Team

#

# http://www.morx.org

#

# Vendor : SAPID CMS

#

#

[ more ]  [ reply ]
when will AV vendors fix this??? 2006-08-05
Bipin Gautam (gautam bipin gmail com)
hello list,

This is actually a DESIGN BUG OF MOST(ALL?) Antivirus & trojan
scanners. ( ROOTKIT SCANNERS already DO THIS ) This issue is a MORE
THAN 1 YEAR OLD stuff but i see no fix till now!!!!

lately i've ONLY tested it on the following AV & few other spyware
scanner & saw its still NOT fixed!

[ more ]  [ reply ]
XennoBB <= 2.1.0 "birthday" SQL injection 2006-08-06
c boulton mybboard com
--------------------- SUMMARY ---------------------

Name:

XennoBB "birthday" SQL Injection (6/8/2006)

Vendor / Product:

XennoBB Group

http://www.xennobb.com/

Description:

The world's most revolutionary and easy to use bulletin board.

Revolutionary because it redefines the boun

[ more ]  [ reply ]
[ECHO_ADV_44$2006] PHP Simple Shop <= 2.0 (abs_path) Remote File Inclusion 2006-08-07
erdc echo or id
ECHO_ADV_44$2006

------------------------------------------------------------------------
------

[ECHO_ADV_44$2006] PHP Simple Shop <= 2.0 (abs_path) Remote File Inclusion

------------------------------------------------------------------------
------

Author : Ahmad Maulana a.k.a Matdhule

Da

[ more ]  [ reply ]
Re: flatnuke <= 2.5.7 arbitrary php file upload 2006-08-07
segatom yahoo it
Fixed in the cvs, will be available in 2.5.8 soon.

[ more ]  [ reply ]
0-day XP SP2 wmf exploit (some details) 2006-08-07
cyanid-E (biz4rre gmail com)

There is some technical details.

1. 'Bad' wmf record:

07 00 00 00

length of record (in words)

FC 02

type (CreateBrushIndirect)

08 00 00 00 00 00 00 80

'packed' (good old Win16 days) LOGBRUSH data:

08 00 - 'packed' lbStyle (may be BS_DIBPATTERNPT [6] or BS_DIBPATTERN8X8 [8])
00 00 00 00 - CO

[ more ]  [ reply ]
XSS Vulnerability in FTD v3.7.3 2006-08-05
try_og hotmail com
There are some XSS Vulnerabilities in FTD v3.7.3 and prior.

XSS attacks (HTML / Javascript codes) will launch if they are submitted as a search in the search bar.

They will also be launched when sent as a mail to yourself or a victim.

Proof of Concept:

To make sure it launches, you just

[ more ]  [ reply ]
MyBloggie <= 2.1.4 trackback.php SQL injection / admin credentials disclosure 2006-08-05
rgod autistici org
#!/usr/bin/php -q -d short_open_tag=on

<?

echo "MyBloggie <= 2.1.4 trackback.php multiple SQL injections vulnerability /\n";

echo "administrative credentials disclosure exploit\n";

echo "by rgod rgod (at) autistici (dot) org [email concealed]\n";

echo "site: http://retrogod.altervista.org\n\n";

/*

works regardless of p

[ more ]  [ reply ]
[ GLSA 200608-08 ] GnuPG: Integer overflow vulnerability 2006-08-05
Sune Kloppenborg Jeppesen (jaervosz gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
Tinyportal Shoutbox 2006-08-05
exploitex hotmail com
tinyportal has a security problem and we can defaced this site.this problem is shoutbox problem.if you find tinyportal site with shoutbox with not installed neccesary patch; we could defaced tihs site

We are save to page. (File then save as)

then we are open it file

we look the sou

[ more ]  [ reply ]
vBulletin 3.0.14 ~ init.php~ registerring global arbitary variable~ XSS exploit 2006-08-05
addmimistrator gmail com
ORIGINAL ADVISORY:

http://myimei.com/security/2006-07-24/vbulletin-3014-initphp-XSS-exploit
.html

http://www.kapda.ir/advisory-397.html

VENDOR CREDIT:

http://www.vbulletin.com/forum/showthread.php?t=194062

???Summary???

Software: vBulletin

Sowtware?s Web Site: http://www.vBulletin.com

Ver

[ more ]  [ reply ]
[ GLSA 200608-07 ] libTIFF: Multiple vulnerabilities 2006-08-04
Sune Kloppenborg Jeppesen (jaervosz gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
Barracuda Spam Firewall: Administrator Level Remote Command Execution [ID-20060804-01] 2006-08-04
Matthew Hall (lists ecsc co uk)
Severity: High - Full system compromise possible
Date: 04 August 2006
Discovered by: Matthew Hall (matt (at) ecsc.co (dot) uk [email concealed]) (Credits for original
discovery to Greg Sinclair)
Discovered on: 03 Aug 2006

Summary:

Lack of input sanitisation in the Linux based Barracuda

[ more ]  [ reply ]
CAID 34509 - CA eTrust Antivirus WebScan vulnerabilities 2006-08-04
Williams, James K (James Williams ca com)

Title: CA eTrust Antivirus WebScan vulnerabilities

CA Vulnerability ID (CAID): 34509

CA Advisory Date: 2006-08-03

Discovered By:
Matt Murphy of the TippingPoint Security Research Team

Impact: Remote attacker can execute arbitrary code.

Summary: Ca eTrust Antivirus WebScan is a free, web-based

[ more ]  [ reply ]
phpAutoMembersArea 3.2.5 ($installed_config_file) Remote File Inclusion 2006-08-04
philipp niedziela gmx de
+--------------------------------------------------------------------

+

+ phpAutoMembersArea 3.2.5 ($installed_config_file) Remote File Inclusion

+

+--------------------------------------------------------------------

+

+ Affected Software .: phpAutoMembersArea 3.2.5

+ Venedor ...........: ht

[ more ]  [ reply ]
TSLSA-2006-0044 - multi 2006-08-04
Trustix Security Advisor (tsl trustix org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Trustix Secure Linux Security Advisory #2006-0044

Package names: apache, gnupg, libtiff
Summary: Multiple vulnerabilities
Date: 2006-08-04
Affected

[ more ]  [ reply ]
[SECURITY] [DSA 1143-1] New dhcp packages fix denial of service 2006-08-04
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1143-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
August 4th, 2006

[ more ]  [ reply ]
[SECURITY] [DSA 1142-1] New freeciv packages fix arbitrary code execution 2006-08-04
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1142-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
August 4th, 2006

[ more ]  [ reply ]
[ECHO_ADV_42$2006] BufferOverflow in Eremove Client 2006-08-04
erdc echo or id
\_ _____/\_ ___ \ / | \\_____ | __)_ / \ \// ~ \/ | | \\ \___\ Y / | /_______ / \______ /\___|_ /\_______ /

\/ \/ \/ \/

.OR.ID

ECHO_ADV_42$2006

--------------

[ more ]  [ reply ]
[ECHO_ADV_42$2006] PHP Live Helper <= 2.0 (abs_path) Remote File Inclusion 2006-08-04
matdhule gmail com
____________________ ___ ___ ________

\_ _____/\_ ___ \ / | \\_____ | __)_ / \ \// ~ \/ | | \\ \___\ Y / | /_______ / \______ /\___|_ /\_______ /

\/ \/ \/ \/ .OR.ID

ECHO_AD

[ more ]  [ reply ]
[ GLSA 200608-06 ] Courier MTA: Denial of Service vulnerability 2006-08-04
Sune Kloppenborg Jeppesen (jaervosz gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
[ GLSA 200608-05 ] LibVNCServer: Authentication bypass 2006-08-04
Sune Kloppenborg Jeppesen (jaervosz gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
[SECURITY] [DSA 1141-1] New GnuPG2 packages fix denial of service 2006-08-04
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1141-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
August 4th, 2006

[ more ]  [ reply ]
XSS in Vbulletin 3.6.0 in IE 0nly 2006-08-03
Stefan dakotacom net
---------------------------------

XSS in Vbulletin 3.6.0 in IE 0nly

---------------------------------

Author: Stefan

Email: stefan (at) dakotacom (dot) net [email concealed]

Group: EnigmaGroup

---------------------------------

Vulnerable: vbulletin 3.5.4 in IE

Vulnerable: vbulletin 3.6.0 in IE

------------------------

[ more ]  [ reply ]
GeheimChaos <= 0.5 Multiple SQL Injection Vulnerabilities 2006-08-03
Tamriel (tamriel gmx net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Advisory: GeheimChaos <= 0.5 Multiple SQL Injection Vulnerabilities
Release Date: 2006/08/04
Last Modified: 2006/08/03
Author: Tamriel [tamriel at gmx dot net]
Application: GeheimChaos <= 0.5
Risk: Moderate
Vendor Status:

[ more ]  [ reply ]
CounterChaos <= 0.48c SQL Injection Vulnerability 2006-08-03
Tamriel (tamriel gmx net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Advisory: CounterChaos <= 0.48c SQL Injection Vulnerability
Release Date: 2006/08/04
Last Modified: 2006/08/03
Author: Tamriel [tamriel at gmx dot net]
Application: CounterChaos <= 0.48c
Risk: Moderate
Vendor Status: not

[ more ]  [ reply ]
GaesteChaos <= 0.2 Multiple Vulnerabilities 2006-08-03
Tamriel (tamriel gmx net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Advisory: GaesteChaos <= 0.2 Multiple Vulnerabilities
Release Date: 2006/08/04
Last Modified: 2006/08/03
Author: Tamriel [tamriel at gmx dot net]
Application: GaesteChaos <= 0.2
Risk: Moderate
Vendor Status: not contacted

[ more ]  [ reply ]
[security bulletin] HPSBUX02137 SSRT051024 rev.1 - HP-UX Running Xserver Local Execution of Arbitrary Code, Privilege Elevation 2006-08-03
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00732238
Version: 1

HPSBUX02137 SSRT051024 rev.1 - HP-UX Running Xserver
Local Execution of Arbitrary Code, Privilege Elevation

NOTICE: The information in this Security Bulletin should be acted

[ more ]  [ reply ]
ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability 2006-08-03
x0r0n hotmail com
///////////////////CYBER-WARRiOR.ORG\\\\\\\\\\\\\\\\\\\\

#ZoneX 1.0.3 - Publishers Gold Edition Remote File Inclusion Vulnerability

-

#Author: xoron

-

#script: ZoneX 1.0.3 - Publishers Gold Edition

-

#Class : Remote

-

#cont@ct: x0r0n[at]hotmail[dot]com

-

#CO

[ more ]  [ reply ]
[ GLSA 200608-04 ] Mozilla Thunderbird: Multiple vulnerabilities 2006-08-03
Thierry Carrez (koon gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200608-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
(Page 1085 of 1748)  < Prev  1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus