BugTraq Mode:
(Page 1111 of 1748)  < Prev  1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116  Next >
Re: Linux VNC evil client patch - BID 17978 2006-06-24
embyte madlab it
Moreover the vulnerability seems to be exploitable only by client RFB-3.8 [1] compliant, which means VNC4 (i.e. vnc4-4.1.1+X4.3.0 for linux). VNC3 for Linux and Windows are RFB-3.3.

This is because the new protocol version implements a different authentication handshake procedure. In fact attack do

[ more ]  [ reply ]
[ MDKSA-2006:111 ] - Updated MySQL packages fixes authorized user DoS(crash) vulnerability. 2006-06-23
security mandriva com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:111
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]
Re: vBulletin<<--v3.5.X "member.php" Cross Site Scripting 2006-06-23
scott vbulletin com
We are unable to reproduce this on any of the 3.5.x series or 3.6.x development branch. The userid parameter is run through our filtering system as an unsigned integer.

'userid' => TYPE_UINT

[ more ]  [ reply ]
[ GLSA 200606-26 ] EnergyMech: Denial of Service 2006-06-26
Thierry Carrez (koon gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-26
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
[ GLSA 200606-25 ] Hashcash: Possible heap overflow 2006-06-26
Thierry Carrez (koon gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
XSS in Cpanel 10 2006-06-26
preth00nker gmail com
A new vulnerability was found in Cpanel V.10;

It happen cause the variable *&File* of the *select.html* file (in the edit-zone) just filter the <script>'s labels and the possibility can by open to other labels like

*Server Side Include,

*HMTL labels...

*includi

[ more ]  [ reply ]
[SECURITY] [DSA 1102-1] New pinball packages fix privilege escalation 2006-06-26
skx debian org (Steve Kemp)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1102-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Steve Kemp
June 26th, 2006

[ more ]  [ reply ]
Planetnews Authecnication Admin ByPass 2006-06-26
alp_eren ayyildiz org
SOFTWARE:

===========

again Planetc :)

Planetnews

http://www.planetc.de

DESCRIPTION:

============

google dork = planetnews filetype:php

last path add to "admin/planetnews.php" edit or add to news, and upload your shell

example;

http://www.site.com/news/admin/planetnews.php

#####

[ more ]  [ reply ]
Claroline Cross-Site Scripting Vulnerabilities 2006-06-26
bug (at) securitynews (dot) ir [email concealed] (bug securitynews ir)
------------------------------------------------------------------
[#] Security Advisory
[^] http://securitynews.ir/

[>] Advisory Title: Claroline Cross-Site Scripting Vulnerabilities
[@] Author : bug [@] securitynews.ir
[$] Product Vendor : http://www.claroline.net/
[.] Affected Versions : 1.7.7 (

[ more ]  [ reply ]
DeluxeBB 1.07 Create admin Exploit 2006-06-25
Hessamx hessamx net
DeluxeBB 1.07 Create admin Exploit

----------------------------------------

+ Summary :

Name : DeluxeBB 1.07

Class : Remote

Risk : High

+ Description:

DeluxeBB (1.07) Have a high Security Bug in

user control panel (cp.php) .

this bug allows to users change access level

w

[ more ]  [ reply ]
[USN-304-1] gnupg vulnerability 2006-06-26
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-304-1 June 26, 2006
gnupg vulnerability
CVE-2006-3082
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubu

[ more ]  [ reply ]
[Kurdish Security # 9] MyMail Directory Traversal And XSS Attacking Vulnerability 2006-06-26
botan linuxmail org
# Kurdish Security Advisory

# irc.gigachat.net #kurdhack

# Discovered by Botan

# http://scripts.codingclick.com/MyMail/

http://kurdishsecurity.blogspot.com/2006/06/kurdish-security-9-mymail-di
rectory.html

CodingClick.com MyMail Script is useing for scripts.The passing can do between direct

[ more ]  [ reply ]
ERNW Security Advisory 01/2006 2006-06-26
mozilla ids-guide de
ERNW Security Advisory 01-2006

Buffer Overflow in Algorithmic Researchs PrivateWire Online Registration Facility

Author:
Michael Thumann <mthumann[at]ernw.de>
Homepage: http://www.ernw.de

1. Summary:
The Online Registration Facility of Algorithmic Research PrivateWire VPN Software
doesn't do pro

[ more ]  [ reply ]
WBB<<---v2.0 RC2 "newthread.php" SQL Injection 2006-06-22
CrAzY CrAcKeR hotmail com
========================================

Discovered By: CrAzY CrAcKeR

Site:www.alshmokh.com

I want to thank my friend:-

nono225-mHOn-rageh-Lover Hacker-Breeeeh

BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r

========================================

Example:-

/newthread.php?boardid=[SQL]

====

[ more ]  [ reply ]
Softbiz Dating 1.0 SQL injection 2006-06-22
securityconnection gmail com
Softbiz Dating 1.0

http://www.softbizscripts.com

-----------------------------

-------------

SQL injection

-------------

http://target.xx/search_results.php?country=1[SQL]

http://target.xx/search_results.php?pg=2&sort_by=1[SQL]

http://target.xx/featured_photos.php?browse=1[SQL]

http://targe

[ more ]  [ reply ]
(Page 1111 of 1748)  < Prev  1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus