BugTraq Mode:
(Page 1091 of 1748)  < Prev  1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096  Next >
Secunia Research: Mozilla Firefox XPCOM Event Handling MemoryCorruption 2006-07-27
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 27/07/2006

- Mozilla Firefox XPCOM Event Handling Memory Corruption -

======================================================================
Table of Contents

Affected Software....

[ more ]  [ reply ]
[USN-326-1] heartbeat vulnerability 2006-07-27
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-326-1 July 27, 2006
heartbeat vulnerability
CVE-2006-3815
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10

[ more ]  [ reply ]
[SECURITY] [DSA 1125-2] New drupal packages fix execution of arbitrary web script code (revised packages) 2006-07-27
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1125-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 27th, 2006

[ more ]  [ reply ]
[USN-325-1] ruby1.8 vulnerability 2006-07-27
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-325-1 July 27, 2006
ruby1.8 vulnerability
CVE-2006-3694
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
U

[ more ]  [ reply ]
[USN-324-1] freetype vulnerability 2006-07-27
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-324-1 July 27, 2006
freetype vulnerability
CVE-2006-3467
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10

[ more ]  [ reply ]
Re: Low security hole affecting IPCalc's CGI wrapper 2006-07-27
krischan jodies de
Thank you, Tim.

I published a fixed version:

http://jodies.de/ipcalc-archive/ipcalc-0.41.tar.gz

> I contacted the author (Krischan Jodies -

> <http://www.jodies.de/>) on the 7th,

> offering them 14 days to respond but have had no > reply to acknowledge that

> the problem even exists, I'

[ more ]  [ reply ]
Buffer Overflow Vulnerability in Winlpd 2006-07-27
Meftun MeftunNet Com
Pablo Isola has discovered a vulnerability in Winlpd, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error when handling received requests. This can be exploited to cause a stack-based buffer overflow by passing an ov

[ more ]  [ reply ]
Cross-Site Scripting and Local File Inclusion in Phorum 2006-07-27
Meftun MeftunNet Com
Some vulnerabilities have been discovered in Phorum, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and potentially compromise a vulnerable system.

1) Input passed to the "template" parameter in pm.php isn't properly verified

[ more ]  [ reply ]
[SECURITY] [DSA 1126-1] New Asterisk packages fix denial of service 2006-07-27
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1126-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
July 27th, 2006

[ more ]  [ reply ]
Re: Opsware NAS 6.0 reveals MySQL 'root' password 2006-07-27
security-alert opsware com
DETAILS:

--------

The /etc/init.d/mysql script lists the root password of MySQL database:

-"INPUT_DB_PASSWORD=mysql123"

-"bin/mysqladmin -uroot -pmysql123 shutdown"

The file permission of file /etc/init.d/mysql will allow all users with a login to the NAS server to view the root passwor

[ more ]  [ reply ]
GeoClassifieds Enterprise <= 2.0.5.2 Cross Site Scripting 2006-07-27
securityconnection gmail com
GeoClassifieds Enterprise 2.0.5.2

http://geodesicsolutions.com/products/classifieds/classifieds_enterprise
.htm

--------------------------

Cross Site Scripting (XSS)

--------------------------

POST http://target.xx:80/index.php?a=10 HTTP/1.0

Host: target.xx

Content-Type: application/x-www-form

[ more ]  [ reply ]
a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability 2006-07-27
Dr Jr7 hotmail com
a6mambohelpdesk Mambo Component <= 18RC1 Remote Include Vulnerability

# Rish : High

# Class : Remote

# Script : a6mambohelpdesk

# Thanx : www.lezr.com/vb

# codes

<?

include( "$mosConfig_live_site/components/com_a6mambohelpdesk/about.html" );

?>

# d0rkiz : allinurl:

[ more ]  [ reply ]
NSFOCUS SA2006-07 : ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability 2006-07-27
NSFOCUS Security Team (security nsfocus com)
NSFOCUS Security Advisory (SA2006-07)

ISS RealSecure/BlackICE MailSlot Heap Overflow Detection Remote DoS Vulnerability

Release Date: 2006-07-27

CVE ID: CVE-2006-3840

http://www.nsfocus.com/english/homepage/research/0607.htm

Affected systems & software
===================

RealSecure Network Se

[ more ]  [ reply ]
Re: new shell bypass safe mode 2006-07-23
cxib securityreason com
This is old safe_mode bypass. But you can only bypass safe mode in php 4.4.2 and 5.1.2 and prior. Your exploit code is just copy with little changes of http://securityreason.com/achievement_exploitalert/8 based on SecurityReason Advisory http://securityreason.com/achievement_securityalert/37

CVE:

[ more ]  [ reply ]
Phpprobid <= 5.24 XSS SQL injection Vulnerability 2006-07-25
securityconnection gmail com
Phpprobid 5.24

http://www.phpprobid.com

--------------------------

Cross Site Scripting (XSS)

--------------------------

http://target.xx/auctionsearch.php?advsrc="<script>alert(/EllipsisSecuri
tyTest/)</script>

http://target.xx/auctionsearch.php?start=1&advsrc="><script>alert(/Ellip
sisSecurity

[ more ]  [ reply ]
Secunia Research: FileCOPA Directory Argument Handling BufferOverflow 2006-07-25
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 25/07/2006

- FileCOPA Directory Argument Handling Buffer Overflow -

======================================================================
Table of Contents

Affected Software.....

[ more ]  [ reply ]
[OpenPKG-SA-2006.014] OpenPKG Security Advisory (shiela) 2006-07-25
OpenPKG (openpkg openpkg org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security/ http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]
[vuln.sg] PowerArchiver DZIPS32.DLL Buffer Overflow Vulnerability 2006-07-25
vulnpost-remove vuln sg
[vuln.sg] Vulnerability Research Advisory

PowerArchiver DZIPS32.DLL Buffer Overflow Vulnerability

by Tan Chew Keong

Release Date: 2006-07-25

Summary

-------

A vulnerability has been found in PowerArchiver. When exploited, the vulnerability allows execution of arbitrary code when the user

[ more ]  [ reply ]
[ECHO_ADV_41$2006] BufferOverflow in Midirecord2 2006-07-25
the_day echo or id
ECHO_ADV_41$2006

------------------------------------------------------------------------
---

[ECHO_ADV_41$2006] BufferOverflow in Midirecord2

------------------------------------------------------------------------
---

Author : Dedi Dwianto

Date : July, 25th 2006

Location

[ more ]  [ reply ]
Cisco VPN Concentrator IKE resource exhaustion DoS Advisory 2006-07-26
Roy Hills (Roy Hills nta-monitor com)
Cisco VPN Concentrator IKE resource exhaustion DoS Advisory

1. Overview

NTA Monitor discovered a denial of service vulnerability in the Cisco
VPN 3000 series concentrator products while performing a VPN security
test for a customer in July 2005.

The vulnerability affects Phase-1 of the IKE prot

[ more ]  [ reply ]
Etomite CMS <= 0.6.1 'rfiles.php' remote command execution 2006-07-25
rgod autistici org
#!/usr/bin/php -q -d short_open_tag=on

<?

echo "Etomite CMS <= 0.6.1 'rfiles.php' remote command execution\r\n";

echo "by rgod rgod (at) autistici (dot) org [email concealed]\r\n";

echo "site: http://retrogod.altervista.org\r\n";

echo "google dork: \"Content managed by the Etomite Content Management System\"\r\n\r\n";

/

[ more ]  [ reply ]
[SECURITY] [DSA 1125-1] New drupal packages fix execution of arbitrary web script code 2006-07-26
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1125-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
July 26th, 2006

[ more ]  [ reply ]
TSRT-06-03: eIQnetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerabilities 2006-07-25
TSRT 3com com
TSRT-06-03: eIQnetworks Enterprise Security Analyzer Syslog Server
Buffer Overflow Vulnerabilities

http://www.zerodayinitiative.com/advisories/TSRT-06-03.html
July 25, 2006

-- CVE ID:
CVE-2006-3838

-- Affected Vendor:
eIQnetworks

-- Affected Products:
eIQnetworks Enterprise Security

[ more ]  [ reply ]
[USN-323-1] mozilla vulnerabilities 2006-07-25
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-323-1 July 25, 2006
mozilla vulnerabilities
CVE-2006-2775, CVE-2006-2776, CVE-2006-2777, CVE-2006-2778,
CVE-2006-2779, CVE-2006-2780, CVE-2006-2781, CVE-2006-2782,
CVE-2006-2783, CVE-2006-2784, CVE-2

[ more ]  [ reply ]
TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability 2006-07-25
TSRT 3com com
TSRT-06-04: eIQnetworks Enterprise Security Analyzer Topology Server
Buffer Overflow Vulnerability

http://www.zerodayinitiative.com/advisories/TSRT-06-04.html
July 25, 2006

-- CVE ID:
CVE-2006-3838

-- Affected Vendor:
eIQnetworks

-- Affected Products:
eIQnetworks Enterprise Security

[ more ]  [ reply ]
ZDI-06-023: eIQNetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerability 2006-07-25
zdi-disclosures 3com com
ZDI-06-023: eIQnetworks Enterprise Security Analyzer Syslog Server Buffer
Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-06-023.html
July 25, 2006

-- CVE ID:
CVE-2006-3838

-- Affected Vendor:
eIQnetworks

-- Affected Products:
eIQnetworks Enterprise Security Analyzer
Astar

[ more ]  [ reply ]
ZDI-06-024: eIQNetworks Enterprise Security Analyzer License Manager Buffer Overflow Vulnerability 2006-07-25
zdi-disclosures 3com com
ZDI-06-024: eIQnetworks Enterprise Security Analyzer License Manager
Buffer Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-06-024.html
July 25, 2006

-- CVE ID:
CVE-2006-3838

-- Affected Vendor:
eIQnetworks

-- Affected Products:
eIQnetworks Enterprise Security Analyzer
Ast

[ more ]  [ reply ]
Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities 2006-07-25
tamriel gmx net
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Advisory: Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities

Release Date: 2006/07/25

Last Modified: 2006/07/25

Author: Tamriel [tamriel at gmx dot net]

Application: Professional Home Page Tools Log

[ more ]  [ reply ]
(Page 1091 of 1748)  < Prev  1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus