|
|
Colapse all |
Post message
[SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability 2006-04-04 Richard Horsman (richardh sec-1 com) [SECURITY] [DSA 1022-1] New storebackup packages fix several vulnerabilities 2006-04-03 Moritz Muehlenhoff (jmm debian org) [Full-disclosure] PIRANA exploitation framework and SMTP contentfilter security 2006-04-03 Jean-Sébastien Guay-Leroux (jean-sebastien guay-leroux com) Hi, I am releasing the first public version of PIRANA. PIRANA is an exploitation framework that tests the security of a email content filter. By means of a vulnerability database, the content filter to be tested will be bombarded by various emails containing a malicious payload intended to compro [ more ] [ reply ] Re: [Full-disclosure] Critical PHP bug - act ASAP if you are runningweb with sen 2006-04-03 mailinglist mailinglist (email-fulldisclosure hotmail com) Tõnu Samuel , >There are different PHP applications are vulnerable to this exploit but >this is not their fault. Agreed. But why are they html_entity_decode in the first place? Users don't supply HTML. Databases don't contain HTML. As Stefan Esser says, and your exploit demonstrates, it is real [ more ] [ reply ] Re: recursive DNS servers DDoS as a growing DDoS problem 2006-04-03 Marco Ivaldi (raptor 0xdeadbeef info) On Thu, 30 Mar 2006, Geo. wrote: > Don't you think creating a control point like that is dangerous? > Especially dangerous when it's DNS which runs virtually every function > on the internet? Yeah, it could be indeed... It's not directly related to the discussion topic, but i just wanted to inf [ more ] [ reply ] Re: [Full-disclosure] Critical PHP bug - act ASAP if you are running web with sensitive data 2006-04-03 Jasper Bryant-Greene (jasper album co nz) Jasper Bryant-Greene wrote: > Moriyoshi Koizumi wrote: >> Jasper Bryant-Greene wrote: >> >>> I very much doubt there are many applications at all containing code >>> like this. It is illogical to be decoding html entities from user >>> input. Therefore I would not call this a "very serious problem [ more ] [ reply ] ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection ] MultBugz 2006-04-04 o y 6 hotmail com Buffer-overflow in Ultr@VNC 1.0.1 viewer and server 2006-04-04 Luigi Auriemma (aluigi autistici org) Re: Flaw in commonly used bash random seed method 2006-04-04 Matthijs (thotter gmail com) Erm excuse me, the seed should be 4 BYTES, not bits. I should really check my posts better before hitting send... On 4/4/06, Matthijs <thotter (at) gmail (dot) com [email concealed]> wrote: > altough it returns a number between 0 and 32767, it indeed saves a 32 > bit number, so the cycle length of this linear congruential gene [ more ] [ reply ] [ GLSA 200604-03 ] FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module 2006-04-04 Matthias Geerdsen (vorlon gentoo org) RE: recursive DNS servers DDoS as a growing DDoS problem 2006-04-04 Thomas Guyot-Sionnest (Thomas zango com) (1 replies) > -----Original Message----- > From: Geo. [mailto:geoincidents (at) nls (dot) net [email concealed]] > Sent: April 2, 2006 10:31 > To: bugtraq (at) securityfocus (dot) com [email concealed] > Subject: Re: recursive DNS servers DDoS as a growing DDoS problem > > > 1. Resolvers and Authoritative nameservers must be separate and > > authoritative nameserver [ more ] [ reply ] [ GLSA 200604-02 ] Horde Application Framework: Remote code execution 2006-04-04 Stefan Cornelius (dercorny gentoo org) [security bulletin] HPSBPI2109 SSRT061141 rev.1 - HP Color LaserJet 2500 and 4600 Toolbox Running on Microsoft Windows Remote Unauthorized Disclosure of Information 2006-04-04 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00634759 Version: 1 HPSBPI2109 SSRT061141 rev.1 - HP Color LaserJet 2500 and 4600 Toolbox Running on Microsoft Windows Remote Unauthorized Disclosure of Information NOTICE: The information in th [ more ] [ reply ] NOD32 local privilege escalation vulnerability 2006-04-04 visitbipin hotmail com NOD32 local privilege escalation vulnerability Not affected: > Version 2.51.26 Tested on: Winxp sp2 Risk: Average To escalate the system privilage, the option 'quarentine a file' in NOD32 can be exploited & a malicious file can be copied to the quarentine and using the 'restore to...' option it ca [ more ] [ reply ] Another way to spoof Internet Explorer Address Bar 2006-04-04 hainamluke yahoo com DESCRIPTION Attacker alse can spoof the address bar with another HTML page instead of the shockwave-flash file by continuing make to window.location If you use a very large SWF file, the last page will be display as long as SWF loading time with the original address bar. This exploit code will try t [ more ] [ reply ] Barracuda ZOO archiver security bug leads to remote compromise 2006-04-03 Jean-Sébastien Guay-Leroux (jean-sebastien guay-leroux com) [ GLSA 200604-01 ] MediaWiki: Cross-site scripting vulnerability 2006-04-04 Stefan Cornelius (dercorny gentoo org) Barracuda LHA archiver security bug leads to remote compromise 2006-04-03 Jean-Sébastien Guay-Leroux (jean-sebastien guay-leroux com) |
|
Privacy Statement |
SEC-1 LTD
www.sec-1.com
Security Advisory
Advisory Name: HP Colour LaserJet 2500 and 4600 Toolbox Directory
Traversal Vulnerability
Release Date: 04/04/2006
Application: HP Colour LaserJet 2500 and
[ more ] [ reply ]