|
|
Colapse all |
Post message
[security bulletin] HPSBUX02127 SSRT051056 - rev.1 HP-UX Kernel Local Denial of Service (DoS) 2006-06-23 security-alert hp com [KAPDA]Coppermine 1.4.8~Parameter Cleanup System ByPass~Registering Global Varables 2006-06-23 addmimistrator gmail com ORIGINAL ADVISORY: http://myimei.com/security/2006-06-20/coppermine-148parameter-cleanup-sy stem-bypassregistering-global-varables.html VENDOR INFORMED ??????-Summary?????- Software: CPG Coppermine Photo Gallery Sowtware?s Web Site: http://coppermine.sourceforge.net/ Versions: 1.4.8.stable Cla [ more ] [ reply ] QaTraq 6.5 RC: Multiple XSS Vulnerabilities 2006-06-23 enji seclab tuwien ac at =========================================================== QaTraq 6.5 RC: Multiple XSS Vulnerabilities =========================================================== Technical University of Vienna Security Advisory TUVSA-0606-001, June 23, 2006 ==================================================== [ more ] [ reply ] [SNS Advisory No.88] Webmin Directory Traversal Vulnerability 2006-06-23 snsadv (at) lac.co (dot) jp [email concealed] (snsadv lac co jp) ---------------------------------------------------------------------- SNS Advisory No.88 Webmin Directory Traversal Vulnerability Problem first discovered on: Sun, 04 Jun 2006 Published on: Fri, 23 Jun 2006 ---------------------------------------------------------------------- Severity Level: --- [ more ] [ reply ] [SECURITY] [DSA 1101-1] New courier packages fix denial of service 2006-06-23 joey infodrom org (Martin Schulze) Re: MS Excel Remote Code Execution POC Exploit 2006-06-22 Steven M. Christey (coley mitre org) > * Advisories: > * http://www.microsoft.com/technet/security/advisory/921365.mspx > * http://www.securityfocus.com/bid/18422/ There are at least three separate Excel issues that were published in the past week. These references suggest that it's the "zero-day" exploit from last Friday (CVE-2006- [ more ] [ reply ] RE: MS Excel Remote Code Execution POC Exploit 2006-06-22 Jain, Siddhartha (Siddhartha Jain kla-tencor com) (1 replies) Failed against: - Microsoft Excel 2003 (11.8012.6568) SP2 on Windows XP Pro SP2 * Excel complains that the excel sheet is corrupt * Excel tries to repair it but complains that its beyond replair * The first cell shows the word "LINK" without the hyperlink - Siddhartha -----Original Message--- [ more ] [ reply ] [ GLSA 200606-23 ] KDM: Symlink vulnerability 2006-06-22 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [ GLSA 200606-22 ] aRts: Privilege escalation 2006-06-22 Sune Kloppenborg Jeppesen (jaervosz gentoo org) VigilantMinds Advisory: Opera JPEG Processing Integer Overflow Vulnerability (VMSA-20060621-01) 2006-06-22 VigilantMinds Advisories (advisories vigilantminds com) Opera JPEG Processing Integer Overflow Vulnerability (VMSA-20060621-01) Summary: An integer overflow vulnerability exists in the Opera Web Browser due to the improper handling of JPEG files. Impact: Remote Code Execution Affected Versions: Opera 8.54 and Earlier Details: If excessively large hei [ more ] [ reply ] Re: Bypassing of web filters by using ASCII 2006-06-22 Kurt Huwig (k huwig iku-ag de) imipak schrieb: > Hmmm, I just noticed Firefox's Accept-Charset header doesn't include > ASCII. Does the HTTP spec say that ASCII is the default charset? No, it's ISO-8859-1. According to http://www.ecma-international.org/publications/files/ECMA-ST/Ecma-035.pd f Page 27 (37): "11.2 Transformation [ more ] [ reply ] Re: V3Chat Instant Messenger - XSS 2006-06-22 support v3chat com We have addressed these security issues (where applicable) and this article is no longer revelant. We would like to inform readers of this article that the referenced folder 'messenger' was never available to the general public, therefore these findings cannot be a fair representation of the fina [ more ] [ reply ] Re: aXentForum II XSS vuLLn 2006-06-22 Steven M. Christey (coley mitre org) The same executable (viewposts.cfm) and parameter (startrow) was reported by r0t at 13:49 June 15, 2006, probably Finland time: http://pridels.blogspot.com/2006/06/axentforum-ii-xss-vuln.html In fact, the Bugtraq post contains the following text, which is exactly the same as r0t's blog entry as [ more ] [ reply ] MS Excel Remote Code Execution POC Exploit 2006-06-22 naveed (naveedafzal gmail com) /*--------------------------------------------------------------------- * * Microsoft Excel Remote Code Execution Proof Of Concept. * Tested against : Excel 2000 on Win XP SP1 , and Win2000 SP4 * Description: * Microsoft Excel is prone to a remote code execution issue * which may be triggere [ more ] [ reply ] Somechess v1.5 rc1 - XSS 2006-06-20 luny youfucktard com Somechess v1.5 rc1 Homepage: http://www.astrodogpress.org/chess/ Affected files: *Profile input boxes ----------------------- Upon dumping the sql data into the table if you get errors and it wont create the tables & data (like it did to me), then just remove all the " from the sql fil [ more ] [ reply ] Digital Armaments July-August Hacking Challange: Microsoft 2006-06-20 info digitalarmaments com Challenge Publication is 06.15.2006 http://www.digitalarmaments.com/challange200606483923.html I. Details Digital Armaments officially announce the launch of July-August hacking challenge. The challenge starts on July 1. For the July-August Challenge, Digital Armaments will give 5000 cred [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00705283
Version: 1
HPSBUX02127 SSRT051056 - rev.1 HP-UX Kernel Local Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release
[ more ] [ reply ]