BugTraq Mode:
(Page 1096 of 1748)  < Prev  1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101  Next >
AFCommerce Shopping Cart 2006-07-19
sledge paradise net nz
The 'Demo Store' version of the AFCommerce Shopping Cart (www.afcommerce.com) is vulnerable to both SQL Injection and Cross Site Scripting (XSS).

SQL Injection can be tested by inserting the classic 'or 1=1-- into the search field. The result is that the first record is returned. We can also pe

[ more ]  [ reply ]
Re: imageVue16.1 upload vulnerability 2006-07-19
info imagevuex com
This was fixed in April with the release of imagevue 16.2. You still will be able to see XML relative folder tree, but that is pretty futile aslong as there is no upload vulnerability.

[ more ]  [ reply ]
[ GLSA 200607-06 ] libpng: Buffer overflow 2006-07-19
Thierry Carrez (koon gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200607-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
[USN-313-2] OpenOffice.org vulnerabilities 2006-07-19
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-313-2 July 19, 2006
openoffice.org2-amd64, openoffice.org2 vulnerabilities
CVE-2006-2198, CVE-2006-2199, CVE-2006-3117
===========================================================

A security issue affects th

[ more ]  [ reply ]
VMSA-2006-0003 VMware possible incorrect permissions on SSL key files 2006-07-18
VMware Security Team (security vmware com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------
VMware Security Advisory

Advisory ID: VMSA-2006-0003
Synopsis: VMware possible incorrect permissions on SSL key files
VMware Player for Linux

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Monitoring, Analysis and Response System (CS-MARS) 2006-07-19
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory:
Multiple Vulnerabilities in Cisco Security Monitoring, Analysis and
Response System (CS-MARS)

Document ID: 70728

Advisory ID: cisco-sa-20060719-mars

http://www.cisco.com/warp/public/707/cisco-sa-20060719-mars.shtml

Revisi

[ more ]  [ reply ]
rPSA-2006-0132-1 tshark wireshark 2006-07-19
Justin M. Forbes (jmforbes rpath com)
rPath Security Advisory: 2006-0132-1
Published: 2006-07-19
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Remote Root Deterministic Unauthorized Access
Updated Versions:
wireshark=/conary.rpath.com@rpl:devel//1/0.99.2-2.2-1
tshark=/conary.rpath.com@rpl:devel//1/0.9

[ more ]  [ reply ]
[ MDKSA-2006:128 ] - Updated wireshark packages fix numerous vulnerabilities 2006-07-19
security mandriva com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:128
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]
[ MDKSA-2006:126 ] - Updated libtunepimp packages fixes buffer overflow vulnerabilities. 2006-07-19
security mandriva com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:126
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]
[ MDKSA-2006:127 ] - Updated gimp packages fix buffer overflow vulnerability. 2006-07-19
security mandriva com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:127
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]
[USN-320-1] PHP vulnerabilities 2006-07-19
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-320-1 July 19, 2006
php4, php5 vulnerabilities
CVE-2006-0996, CVE-2006-1490, CVE-2006-1494, CVE-2006-1608,
CVE-2006-1990, CVE-2006-1991, CVE-2006-2563, CVE-2006-2660,
CVE-2006-3011, CVE-2006-3016, CV

[ more ]  [ reply ]
[USN-319-2] Linux kernel vulnerability 2006-07-19
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-319-2 July 19, 2006
linux-source-2.6.10, linux-source-2.6.12 vulnerability
CVE-2006-3626
===========================================================

A security issue affects the following Ubuntu rel

[ more ]  [ reply ]
[ MDKSA-2006:125 ] - Updated webmin packages fix arbitray file read vulnerability. 2006-07-19
security mandriva com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:125
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]
New PowerPoint Trojan installs itself as LSP 2006-07-18
Juha-Matti Laurio (juha-matti laurio netti fi)
It appears that there is a new type of PowerPoint 0-day Trojan spreading,
more details at this write-up:
http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2

006-071812-3213-99

What the technical details section says is:
"Installs the file SNootern.dll as a layered service provi

[ more ]  [ reply ]
Re: crashing firefox <= 1.5.0.4 2006-07-15
bugtraq radev net
I cannot reproduce it with "Mozilla/5.0 (Windows; U; Windows NT 5.1; bg; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4".

Are you sure you tested it on a clean install? Because I observed the same behaviour several weeks ago and I found it vanished after deactivating the "LiveHTTPHeaders" extension.

[ more ]  [ reply ]
Webmin / Usermin Arbitrary File Disclosure Vulnerability Perl 2006-07-15
Alexander Hristov (joffer gmail com)
This time coded on perl
Name : Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit
Link : http://securitydot.net/xpl/exploits/vulnerabilities/articles/1152/exploi
t.html
Date : 2006-06-30
Patch : update to version 1.290
Advisory : http://securitydot.net/xpl/exploits/vulnerabilities/arti

[ more ]  [ reply ]
osDate 1.1.7 multiple vulnerabilities 2006-07-17
binary loc gmail com
/*\ osDate 1.1.7 advisory /*

Date of written Advisory:

-------------------------

July, 18 2006

Product:

--------

OSdate <= 1.1.7

Vendor:

-------

http://tufat.com/

Description:

------------

osDate is a full fledged dating script which can be eaily integrated with phpBB and

[ more ]  [ reply ]
ASP.DLL Include File Buffer Overflow 2006-07-18
Brett Moore (brett moore security-assessment com)
========================================================================

= ASP.DLL Include File Buffer Overflow
=
= MS Bulletin posted:
= http://www.microsoft.com/technet/security/Bulletin/MS06-034.mspx
=
= Affected Software:
= IIS 5.0
= IIS 5.1
= IIS 6.0
=
= Public disclosure on July 19,

[ more ]  [ reply ]
hdweGUEST <= 2.1.1 Cross Site Scripting Vulnerabilities 2006-07-18
tamriel gmx net
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Advisory: hdweGUEST <= 2.1.1 Cross Site Scripting Vulnerabilities

Release Date: 2006/07/18

Last Modified: 2006/07/18

Author: Tamriel [tamriel at gmx dot net]

Application: hdweGUEST 2.1.1

Risk: Low

Vendor Status: c

[ more ]  [ reply ]
[security bulletin] HPSBTU02132 SSRT061154 rev.1 - HP Tru64 UNIX running NIS ypserv, Remote Denial of Service (DoS) 2006-07-18
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00724992
Version: 1

HPSBTU02132 SSRT061154 rev.1 - HP Tru64 UNIX running NIS ypserv,
Remote Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be
acted upon as soon

[ more ]  [ reply ]
Oracle Database - SQL Injection in SYS.DBMS_STATS [DB21] 2006-07-18
ak red-database-security com
Name SQL Injection in package SYS.DBMS_STATS (6980751) [DB21]

Systems Oracle 10g Release 1

Severity High Risk

Category SQL Injection

Vendor URL http://www.oracle.com/

Author Alexander Kornbrust (ak at red-database-security.com)

Advisory 18 Jul 2006 (V 1.00)

Advisory

#####

[ more ]  [ reply ]
Invision Power Board v2.1 <= 2.1.6 sql injection exploit 2006-07-18
paul14075 gmail com
exploit: http://www.milw0rm.com/exploits/2010

bug report: http://forums.invisionpower.com/index.php?autocom=bugtracker&code=show_b
ug&bug_title_id=2043&bug_cat_id=3

exploit allows:

* Create new admin accounts

* Read existing account info, including session ID's.

* Read password hashes.

*

[ more ]  [ reply ]
ExtCalendar Mambo Module <= v2( extcalendar.php ) Remote File Include Vulnerabilities 2006-07-18
saudi unix hotmail com
------------------------------------------------------------------------
--------

Title : ExtCalendar Mambo Module <= v2 Remote File Include Vulnerabilities

########################################################################
#######

Discovered By saudihackrz

--------------------------------

[ more ]  [ reply ]
Consumers of Broadband Providers (ISP) may be open to hijack attacks 2006-07-16
peter_philipp freenet de
For this risk advisory in german please search down to "D> Deutsche Version".

>Originator: Peter Philipp
>Organization: Daemonic Networks
>Synopsis: Consumer of Broadband Providers (ISP) may be open to hijack attacks
>Severity: serious
>Priority: medium
>Category: network security
>Class: systemi

[ more ]  [ reply ]
Re: Bybass HTTP ( extension files ) in ISA 2004 2006-07-16
medozero yahoo com
the funny thing about this again if you prevent the with preventing zip# u still can use another # to bybass like this zip## Lol

i hope if you have any comment plz rely

[ more ]  [ reply ]
(Page 1096 of 1748)  < Prev  1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus