|
|
Colapse all |
Post message
Call For Papers - No cON Name 2006 Edition Spain 2006-07-03 deese spezialk net Hello, This is for you... Thanks for reading... ************************************************* * No cON Name 2006 Congress === Call For Papers * ************************************************* <> http://www.noconname.org/congreso2006.php <> <> September: 28th, 29th and 30th. <> ** What is [ more ] [ reply ] 5 php scripts remote database password disclosure 2006-07-03 gmdarkfig gmail com # # Title: 5 php scripts remote database password disclosure # Date: Sun July 02 21:04 2006 # Credits: Security hole discovered by DarkFig (gmdarkfig (at) gmail (dot) com [email concealed]) # Problem: Database configuration is located in a .inc file(no protected by .htaccess file) # Web: http://acid-root [ more ] [ reply ] Excel 2000/XP/2003 Style 0day POC 2006-07-03 nanika chroot org Excel 2000/XP/2003 Style 0day POC POC http://www.hitcon.org/Nanika.xls Description: A vulnerability has been discovered in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. Excel 2003 & XP EIP-> 00xx00xx Click Repair Mode .......Exploit....: [ more ] [ reply ] Contact for nhl.com 2006-07-03 C. Hamby (fixer gci net) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Does anyone have a good contact (e-mail type) for the security folks that handle the NHL website? - -cdh -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRKizMwt0Y4479 [ more ] [ reply ] QTOFileManager 1.0 2006-07-02 securityconnection gmail com -------------------------- Cross Site Scripting (XSS) -------------------------- http://target.xx/qtofm.php?delete=%3Cscript%3Ealert(%22Ellipsis%20Securi ty%20Test%22)%3C/script%3E&u=[username]&pathext=1 http://target.xx/qtofm.php?delete=COPYING&u=[username]&pathext=%3Cscript %3Ealert(%22Ellipsis% [ more ] [ reply ] Multiple vulnerabilities in TK8 Safe v.3.0.5 2006-07-02 clappymonkey gmail com Multiple vulnerabilities in TK8 Safe v.3.0.5 July 3, 2006 ---- Summary: TK8 Safe (www.tk8.com) is a password management application, which stores authentication details (and other sensitive data) in encrypted local folders. A number of issues have been discovered in version 3.0.5 of the ap [ more ] [ reply ] Re: [Full Disclosure] [Kil13r-SA-20060701-2] MoniWiki 1.1.1 Cross-Site Scripting Vulnerability 2006-07-02 mac68k gmail com Title: [Kil13r-SA-20060701-2] MoniWiki 1.1.1 Cross-Site Scripting Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/06/28 - Discovery 2006/06/28 - Vendor notification 2006/06/30 - Vendor notification 2006/07/01 - Release 2006/07/03 - Update [ more ] [ reply ] free QBoard v1.1 Multiple Remote File include 2006-07-02 KARKOR23 hotmail com free QBoard v1.1 Multiple Remote File include ------------------------------------------------- Discovered By CrAsh_oVeR_rIdE Arabian Security Team ------------------------------------------------- site of script:http://sourceforge.net/projects/freeqboard/ ----------------------------------- [ more ] [ reply ] plume-cms v1.0.4 Multiple Remote File include 2006-07-02 KARKOR23 hotmail com plume cms v1.0.4 Multiple Remote File include ------------------------------------------------- Discovered By CrAsh_oVeR_rIdE Arabian Security Team ------------------------------------------------- site of script:http://www.plume-cms.net/ ------------------------------------------------- Vul [ more ] [ reply ] [MajorSecurity #19] AutoRank <= 5.01 - Multiple XSS and cookie disclosure 2006-07-02 admin majorsecurity de call for papers - IT Underground, Italy 2006 2006-07-02 it_underground gazeta pl I'd like to announce the call for papers for the IT Underground 2006, a two-day conference organized by Software Conferences in Italy, Rome 21st-22nd September 2006. IT Underground 2006 is a sixth edition of a conference dedicated to IT security issues, where remarkable authorities will share th [ more ] [ reply ] Php-Fusion (Xss) With Avatar Upload 2006-07-01 zeberus_ hotmail com Hi; ================== http://php-fusion.co.uk/ ================== Php-Fusion (Xss) With Avatar Upload... With This Vulnerability, You Are able To Become Any User Who Uses a Browser That "internet Explorer"(Support Cross Site Scripting), So it is Possible To Become Admin. Firefox Can't [ more ] [ reply ] Whitepaper: IT (in)security implementation in a real world example 2006-06-30 Denis Jedig (seclists syneticon de) Repost Greetings to the list, I have written a short paper on principles and failures of IT security based on a real-world example of a (yet unpublished) issue with DB CarSharing - a German car rental company. It discusses how security does fail in a flawed implementation. Extract: Preface Thi [ more ] [ reply ] Sql injection in Diesel joke site script 2006-07-01 black code (black-cod3 hotmail com) Sql injection in Diesel joke site forum type : Diesel joke site bug found by : black-code team : site-down type : Sql injection #################################################### Sql injection in Diesel joke site page : category.php variable : id ############################################## [ more ] [ reply ] OPERA Web Browser 9 Denial OF Service 2006-07-01 y3dips echo or id ECHO_ADV_35$2006 ------------------------------------------------------------------------ ------------ [ECHO_ADV_35$2006] OPERA Web Browser 9 Denial OF Service ------------------------------------------------------------------------ ------------ Author : Ahmad Muammar W.K (a.k.a) y3dips Date [ more ] [ reply ] DEF CON 14: Speakers Selected and more. 2006-07-01 The Dark Tangent (dtangent defcon org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey everyone, I want to make some announcements surrounding DEF CON 14. It's about that time to briefly lay down the inf0z, so here it goes. - - Speakers have been selected, and are now listed on-line: http://www.defcon.org/html/defcon-14/dc-14-sched [ more ] [ reply ] phpMyAdmin : Cross-Site Scripting Vulnerability 2006-06-30 bug (at) securitynews (dot) ir [email concealed] (bug securitynews ir) ------------------------------------------------------------------- [#] Security Advisory #3 [^] http://securitynews.ir/ [>] Advisory Title: phpMyAdmin : Cross-Site Scripting Vulnerability [@] Author : bug [@] securitynews.ir [$] Product Vendor : http://www.phpmyadmin.net/ [.] Affected Versions : 2 [ more ] [ reply ] [security bulletin] HPSBUX02103 SSRT5953 rev.3 - HP-UX passwd(1) Local Denial of Service (DoS) 2006-06-30 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00619550 Version: 2 HPSBUX02103 SSRT5953 rev.2 - HP-UX passwd(1) Local Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Releas [ more ] [ reply ] [security bulletin] HPSBUX02128 SSRT5996 - rev.1 HP-UX mkdir(1) Local Unauthorized Access 2006-06-30 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00705390 Version: 1 HPSBUX02128 SSRT5996 - rev.1 HP-UX mkdir(1) Local Unauthorized Access NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Dat [ more ] [ reply ] |
|
Privacy Statement |
Gentoo Linux Security Advisory GLSA 200607-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
[ more ] [ reply ]