|
|
Colapse all |
Post message
planetSearch+ - XSS Vulnerabilities 2006-04-13 d4igoro gmail com planetSearch+ - XSS Vulnerabilities -------------------------------------------------------- Software: planetSearch+ Version: 26.10.2005 Type: Cross Site Scripting Vulnerability Date: Apr 13 20:44:54 CEST 2006 Vendor: PlaNet Concept e.K. Page: http://www.planetc.de Risc: Low credits: -------------- [ more ] [ reply ] RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup 2006-04-13 Derek Soeder (dsoeder eeye com) Dave, great find! Those lists you dug up are named DomainScreenList and HostsScreenList in the symbols for DNSAPI; here they are for reference... DomainScreenList: windowsupdate.microsoft.com windowsupdate.com microsoftupdate.com download.microsoft.com update.microsoft.com HostsScreenL [ more ] [ reply ] Xss In ar-blog v 5.2 2006-04-13 W3 _ hotmail com Software: ar-blog Web Site: http://www.ar-blog.com Versions: ar-blog v 5.2 Type: Xss Exploit : http://www.XXX.com/ar-blog_v5,2/print.php?id=<script>alert(1)</script> Discovery by : ALMOKANN3 LEZR.COM GreeTz : special greet t0 Dr.Jr7 & Qptan & Mr.SNAKE and to my all frinds !n www.le [ more ] [ reply ] PAJAX Remote Code Injection and File Inclusion Vulnerability 2006-04-13 RedTeam Pentesting (release redteam-pentesting de) Advisory: PAJAX Remote Code Injection and File Inclusion Vulnerability RedTeam has identified two security flaws in PAJAX. It is possible to execute arbitrary PHP code from unchecked user input. Additionally, it is possible to include arbitrary files on the server ending in ".class.php". Details [ more ] [ reply ] [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup 2006-04-13 Dave Korn (davek_throwaway hotmail com) (1 replies) Hey, guess what I just found out: Microsoft have deliberately sabotaged their DNS client's hosts table lookup functionality. Normally you can override DNS lookup by specifying a hostname and IP directly in the hosts file, which is searched before any query is issued to your dns server; thi [ more ] [ reply ] Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup 2006-04-13 Brandon S. Allbery KF8NH (allbery ece cmu edu) (1 replies) Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup 2006-04-13 Stan Bubrouski (stan bubrouski gmail com) Re: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability 2006-04-13 tranceformer crimsonguard net i just plugged into the thing, and configured it for the first time... wanted to save my settings so i used the option to save all the settings to a configuration file on my computer. did that... and opened up the file to see what settings the thing actually had configurable, and i found the follow [ more ] [ reply ] Firefox 1.5.0.1 Password Manager Arbtirary User Browsing History Disclosure 2006-04-13 franz noemail com Firefox Password Manager Arbtirary User Browsing History Disclosure Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1 This privacy flaw has caused my fiancé and I to break-up after having dated for 5 years. Basically, we share one compute [ more ] [ reply ] [ GLSA 200604-07 ] Cacti: Multiple vulnerabilities in included ADOdb 2006-04-14 Thierry Carrez (koon gentoo org) Avast Linux Home Edition (vulnerability on a temporary folder creation) 2006-04-14 Julien L. (jlanthea hotmail com) Re: Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2 2006-04-14 sp3x securityreason com We tested this issue on many platforms and in all cases there was reset of apache. Example error.log on Apache/1.3.34 (Win32) PHP/4.4.1 Windows XP : ----------------------- [Fri Apr 14 17:17:17 2006] [info] master_main: Child processed exited prematurely. Restarting the child process. [Fri Apr 14 1 [ more ] [ reply ] phpBB template file code execution 2006-04-14 noch22 gmail com phpBB HTML template files are parsed and executed as PHP code. This files are not well filtered so a user having access to template files can execute PHP code. You can't trust your designer or template files you found around the web Example: Replace ALL switch_enable_pm_popup in overall_header.tpl [ more ] [ reply ] [SECURITY] [DSA 1034-1] New horde2 packages fix several vulnerabilities 2006-04-14 Moritz Muehlenhoff (jmm debian org) phpBB Admin command execution 2006-04-14 noch22 gmail com On a phpBB board, a user having access to the admin panel is able to execute PHP code: This example will execute $user_sig as PHP code: Go to Administration Panel > Styles Admin > Management > subSilver > Edit Set "Font Colour 3" to "'./*" Profile Set Signature to "$fd=fopen($phpbb_root_path.'conf [ more ] [ reply ] Encyclopedia <= 3.0 (login.php) CrossSite Scripting - XSS 2006-04-14 n0m3rcy bsdmail org # Encyclopedia <= 3.0 (login.php) CrossSite Scripting - XSS # by n0m3rcy # Copyright (c) 2006 n0m3rcy <n0m3rcy (at) bsdmail (dot) org [email concealed]> # Exploit: www.site.com/login.php?action=form&username=<username>&password=%22%3E%3 Cscript%3Ealert(document.cookies);%3C/script%3E # Shoutz: cijfer , my baby , Dag & myself :Pp [ more ] [ reply ] osCommerce "extras/" information/source code disclosure 2006-04-14 rgod autistici org ---- osCommerce <= 2.2 "extras/" information/source code disclosure ------------ software site: http://www.oscommerce.com/ if extras/ folder is placed inside the www path, you can see all files on target system, including php source code with database details, poc: http://[target]/[path]/extras/ [ more ] [ reply ] Farsinews Cross-Site Scripting & Path disclosure vulnerability 2006-04-14 aminrayden yahoo com Farsinews Cross-Site Scripting & Path disclosure vulnerability #''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' '''''''''''''''''''''''''''''''''''''''''''' #Aria-Security.net Advisory #Discovered by:R@1D3N (amin emami) #<AminRayden (at) yahoo (dot) com [email concealed]> #Gr33t to:A.u.r.a & O.u.t.l. [ more ] [ reply ] [eVuln] aWebNews Multiple XSS and SQL Injection Vulnerabilities 2006-04-14 alex evuln com New eVuln Advisory: aWebNews Multiple XSS and SQL Injection Vulnerabilities http://evuln.com/vulns/116/summary.html --------------------Summary---------------- eVuln ID: EV0116 CVE: CVE-2006-1612 CVE-2006-1613 Software: aWebNews Sowtware's Web Site: http://labs.aweb.com.au/awebnews.php Versions: 1. [ more ] [ reply ] PowerClan 1.14 - SQL Injection 2006-04-13 d4igoro gmail com PowerClan 1.14 - SQL Injection -------------------------------------------------------- Software: PowerClan 1.14 Version: 1.14 Type: SQL Injection Date: Apr 13 23:37:50 CEST 2006 Vendor: powerscripts.org Page: http://www.powerscripts.org Risc: min credits: ---------------------------- d4igoro - d4 [ more ] [ reply ] Camino Browser HTML Parsing Null Pointer Dereference Denial of Service Vulnerability 2006-04-13 izimask thehackademy net Camino Browser HTML Parsing Null Pointer Dereference Denial of Service Vulnerability ______________________ Camino Browser is prone to a denial-of-service condition when parsing certain malformed HTML content. Successful exploitation will cause the browser to fail or hang. ______________________ [ more ] [ reply ] Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup 2006-04-13 A L M Buxey lboro ac uk |
|
Privacy Statement |
[ more ] [ reply ]