The critical bug Shockwave videos allows to embebded code execution... This code can be XSS or activex mechanism. The victim cant understand because it ll executed background of real video without any redirection or url spoofing..

======================================

Source Code:

There is th

[ more ]  [ reply ]

===========================================

Discovered By: C.B.B.L

CrAzY CrAcKeR ,Breeeeh ,BoNy-m ,LiNuX_rOOt

===========================================

Search:-

powered by: saphp

Example:-

story/add.php?forumid=[SQL Injection]

===========================================

[ more ]  [ reply ]

hi,

We send any file by the form with ENCTYPE="multipart/form-data"
and method="POST" when file upload successful try refresh page (F5 or
refresh button).

steps:
1) upload file by form
2) refresh page
3) firefox crash

example code:

<form action="" ENCTYPE="multipart/form-data" method="POST">

[ more ]  [ reply ]

Hello,

Recently a critical vulnerability/behavioural flaw has been discovered
in sys_prctl() in kernel/sys.c in Linux kernel.

Exploitation of this bug may lead a local attacker to gain root
privileges on systems running a vulnerable version of the linux kernel.

Original advisory from RedHat Secur

[ more ]  [ reply ]

On Thu, Jul 13, 2006 at 01:23:10AM +0300, Ariel Biener wrote:
> On Wednesday 12 July 2006 03:15, Roman Medina-Heigl Hernandez wrote:
>
> Ignore my previous post, it does create a setuid bash version in /tmp/sh, the
> reason it doesn't work is due to SELinux contexts.

This is an important note, IM

[ more ]  [ reply ]

In some mail from Bob Beck, sie said:
>
>
> > And I think vulnerabilities disclosed are a much better indicator
> > of the changes to QA/development of products than any hyperbole
> > from those responsible (be it management or developers.)
>
> No, I think vulnerabilities disclosed is simply a m

[ more ]  [ reply ]

=======================================

Discovered By: C.B.B.L

CrAzY CrAcKeR,Breeeeh,BoNy-m,LiNuX rOOt

=======================================

Search:

POWERED BY VBZooM V1.11

Example:-

/sub-join.php?UserID=[SQL Injection]

[ more ]  [ reply ]

Hello,

I would like to inform you about a vulnerability in Sunbelt Kerio Personal Firewall found by
Matousec - Transparent security. Detailed information is available here
http://www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-usi
ng-internal-runtime-error.php

--
David Matousek

Foun

[ more ]  [ reply ]

Hello,

I would like to inform you about a vulnerability in the driver of Norton Personal Firewall component
found by Matousec - Transparent security. Detailed information is available here
http://www.matousec.com/info/advisories/Norton-Insufficient-protection-o
f-Norton-service-registry-keys.php

--

[ more ]  [ reply ]

/*----------------------------------------------------------------------
-------------------
* MS Power Point mem. corruption POC
* try to close this file .....
* modifying some personal bytes :P :P :P
* thanks to "psycho"
* Tested against Power Point ' 03
* -- naveed afzal
*-------------------------

[ more ]  [ reply ]

/*----------------------------------------------------------------------
-------------------
* MS Power Point mso.dll vulnerability
* similar to the first one but no : we land in mso.dll
* with a different situation :D :D
* some greetz goes to zeeshan , salman:)
* Tested against Power Point ' 03
* --

[ more ]  [ reply ]

/*----------------------------------------------------------------------
-------------------
* MS Power Point Unspecified vulnerability POC
* nice SYS 49152 what about rar ?
* sorry no more comments :( figure it yourself
* some greetz goes to waqas :)
* Tested against Power Point ' 03
* -- naveed af

[ more ]  [ reply ]

hi ppl i just discover a bug in Microsoft Internet Security and Acceleration (ISA) Server which make you able to Bybass HTTP ( extension files ) just add # to the end of the file extension

ex: www.site.com/file.zip#

that will make you bybass the filter rule if the admin prevent you from downlaodin

[ more ]  [ reply ]

Patched within a couple hours of discovery. Download version 1.1.

<a href="http://adambrown.info/p/tools/photocycle">Photocycle homepage</a>

[ more ]  [ reply ]

McAfee ePolicy Orchestrator Remote Compromise

Release Date:
July 13, 2006

Severity:
High (Remote Code Execution)

Vendor:
McAfee

Systems Affected:
McAfee Common Management (EPO) Agent versions below version 3.5.5.438

Overview:
McAfee ePolicy Orchestrator is the remote security management softwar

[ more ]  [ reply ]

Microsoft Works - Buffer Overflows / Denial of Service (DoS)-Vulnerabilities
... discovered by Benjamin Tobias Franz

Affected Vendor:
Microsoft

Affected Product:
Microsoft Works

Description:
Microsoft Works Spreadsheet (wksss.exe) fails to handle specially crafted
files. All supported file format

[ more ]  [ reply ]

Today, Phorum 5.1.15 was released. This version of Phorum addresses a
couple of security related issues:

* Some minor input validation issues were fixed. These were incorrectly
flagged as SQL injection vulnerabilities by some websites, probably
due to automatic vulnerability checking without

[ more ]  [ reply ]

<!--

# Internet Explorer <= 6 DoS vulnerability

#

# tested IE6 on XPx64 and IE 5.1, 5.5 and 6 on XP SP2 (eng)

# all versions are vulnerable

# ie 7 (beta 2 and 3) are not affected

#

# this malicious css code freezes/ dos the internet explorer

# prior version 7 and stops any user interaction

[ more ]  [ reply ]

rPath Security Advisory: 2006-0122-2
Published: 2006-07-07
Updated:
2006-07-13 Upgraded to Critical status with additional information
Products: rPath Linux 1
Rating: Critical
Exposure Level Classification:
Local Root Deterministic Privilege Escalation
Updated Versions:
kernel=/conary.rp

[ more ]  [ reply ]

------------------------------------------------------------------------
---

perForms <= 1.0 ([mosConfig_absolute_path]) Remote File Inclusion

------------------------------------------------------------------------
---

Remote : Yes

Critical Level : High

Vuln founded in a log file: lazy

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00676467
Version: 2

HPSBUX02120 SSRT051057 rev.2 - HP-UX Local Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted
upon as soon as possible.

Release Date:

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:123
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]

#!/usr/bin/php -q -d short_open_tag=on

<?

echo "PhpBB 3 memberlist.php/'ip' argument SQL injection / admin credentials disclosure\n";

echo "by rgod rgod (at) autistici (dot) org [email concealed]\n";

echo "site: http://retrogod.altervista.org\n";

echo "dork, version specific: \"Powered by phpBB * 2002, 2006 phpBB Group\"\n

[ more ]  [ reply ]

#!/usr/bin/php -q -d short_open_tag=on

<?

echo "PHORUM 5 arbitrary local inclusion exploit\n";

echo "by rgod rgod (at) autistici (dot) org [email concealed]\n";

echo "site: http://retrogod.altervista.org\n";

echo "dork: \"This forum powered by Phorum.\"\n\n";

/*

works with:

register_globals=On

magic_quotes_gpc=Off

*/

[ more ]  [ reply ]