SecurityFocus

Buffer-overflow and in-game crash in Zdaemon 1.08.01 2006-03-31
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: Zdaemon
http://www.zdaemon.org
(and also X-Doom http://www.doom2.net/~xdoom/)
Versions: <= 1.08.01
Platforms: Windows and Linux
Bugs

[ more ] [ reply ]

DbbS<=2.0-alpha SQL injection 2006-03-31
dabdoub-mosikar moroccan-security com

author: DaBDouB-MoSiKaR [Moroccan Security Team]
site: http://www.dbbs.sup.fr/
greetz to : [Moroccan Security Team] CiM-TeaM and All Freinds
exemple:
http://[target]/topics.php?fid=3&limite=[sql]
inbox:DaBDouB-MoSiKaR[at]moroccan-security[dot]com

[ more ] [ reply ]

EzASPSite <= 2.0 RC3 Remote SQL Injection Exploit Vulnerability. 2006-03-29
Mustafa Can Bjorn IPEKCI (nukedx nukedx com)

--Security Report--
Advisory: EzASPSite <= 2.0 RC3 Remote SQL Injection Exploit Vulnerability.
---
Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI
---
Date: 29/03/06 21:33 PM
---
Contacts:{
ICQ: 10072
MSN/Email: nukedx (at) nukedx (dot) com [email concealed]
Web: http://www.nukedx.com
}
---
Vendor: EzASPSite (http://www.

[ more ] [ reply ]

RE: recursive DNS servers DDoS as a growing DDoS problem 2006-03-30
Geo. (geoincidents nls net)

> > servers and you have just created a really powerful control mechanism
for
> > entities to control large sections of the internet since folks from
those
> > sections won't be able to use anyone else's DNS servers or even run
their
> > own (much like port 25 blocking limits who can run a mail serv

[ more ] [ reply ]

Re: Re: Cantv/Movilnet's Web SMS vulnerability. 2006-03-29
rrecabarren snsecurity com

Dear Raven,

raven wrote:
> Bugtraq @ SNSecurity wrote:
>>
>> Quick Summary:
>> ************************************************************************

>>
>> Product : Movilnet's Web SMS.
>> Version : In-production versions.
>> Vendor : Movilnet - http://www.movilnet.com.ve/
>> Class : Remote
>> Cr

[ more ] [ reply ]

OSSTMM Security Analyst Training Live Stream on the Web 2006-03-29
Pete Herzog (pete isecom org)

Hi,

The OPSA professional security analyst training from ISESTORM will be
available in real time!!

This event has only been approved for 1 time. ISECOM does not directly
provide any certification training outside of the annual ISESTORM event.
ISECOM will not be offering DVDs or other recordings of

[ more ] [ reply ]

RE: WebVulnCrawl searching excluded directories for hackable web servers 2006-03-29
Michael Scheidell (scheidell secnap net)

Just a quick followup and clarification:

> -----Original Message-----
> From: Michael Scheidell
> Sent: Wednesday, March 15, 2006 8:38 AM
> To: bugtraq (at) securityfocus (dot) com [email concealed]
> Subject: WebVulnCrawl searching excluded directories for
> hackable web servers
>
>
> What he is doing is a violation of th

[ more ] [ reply ]

[security bulletin] HPSBUX02108 SSRT061133 rev.2 - HP-UX running Sendmail, Remote Execution of Arbitrary Code 2006-03-31
security-alert hp com

Black Hat Call for Papers and Registration now open 2006-03-31
Jeff Moss (jmoss blackhat com)

MonAlbum 0.8.7 SQL Injection 2006-03-31
undefined1 gmail com

advisory by undefined1_ @ bash-x.net/undef/

Mon Album 0.8.7
http://www.3dsrc.com/monalbum/

There are 2 sql injection flaws in MonAlbum 0.8.7. First in index.php (line 99)
if (isset($_GET["pc"])) $pc = $_GET["pc"];

... (no sanity checks)

if (isset($pc) && $grech_inactive) $result = execute_requet

[ more ] [ reply ]

Oxygen<=1.x.x SQL injection 2006-03-30
dabdoub-mosikar moroccan-security com

author: DaBDouB-MoSiKaR [Moroccan Security Team]
site: www.o2php.com
greetz to : [Moroccan Security Team] CiM-TeaM and All Freinds
Solution: intval()
exemple:
http://[target]/post.php?action=newthread&fid=[sql]
inbox:DaBDouB-MoSiKaR[at]moroccan-security[dot]com

[ more ] [ reply ]

MediaSlash Gallery 'rub' variable Remote File inlcusion Vulnerability 2006-03-30
simo64 gmail com

author: [Moroccan Security Team]
Vendor: www.MediaSlash.com
Vendor Contacted
greetz to : [Moroccan Security Team] CiM-TeaM and All Freinds
Google : Powered by MediaSlash.com
Details:

MediaSlash Galleryis is vulnerable to remote URL inclusion vulnerability
This flaw is due to an input validation err

[ more ] [ reply ]

[security bulletin] HPSBUX02102 SSRT051078 rev.2 - HP-UX usermod(1M) Local Unauthorized Access. 2006-03-30
security-alert hp com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00614838
Version: 2

HPSBUX02102 SSRT051078 rev.2 - HP-UX usermod(1M) Local
Unauthorized Access.

NOTICE: The information in this Security Bulletin should be acted
upon as soon as possible.

Relea

[ more ] [ reply ]

[security bulletin] HPSBUX02103 SSRT5953 rev.2 - HP-UX passwd(1) Local Denial of Service (DoS) 2006-03-30
security-alert hp com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00619550
Version: 2

HPSBUX02103 SSRT5953 rev.2 - HP-UX passwd(1) Local Denial of
Service (DoS)

NOTICE: The information in this Security Bulletin should be acted
upon as soon as possible.

Releas

[ more ] [ reply ]

[SECURITY] Samba 3.0.21-3.0.21c: Exposure of machine account credentials in winbindd log files 2006-03-30
Gerald (Jerry) Carter (jerry samba org)

strip_tags() but not only vulnerability 2006-03-29
Tõnu Samuel (tonu jes ee)

Some time ago I wrote document describing common problem with cleaning up
HTML. PHP manual states some little warning about topic but no solution on
http://www.php.net/strip_tags

Many websites are still vulnerable and similar problems happen not depending
on programming language too often:

http

[ more ] [ reply ]

Smurfable Linux Kernel 2006-03-30
Tomasz Chomiuk (t chomiuk wp pl)

Hi list,

A couple of months ago I pointed out to the Linux Kernel networking
maintainers an oversight which caused the kernel to be vulnerable to
some form of smurf attack.

The problem lay in the kernel's inability to ignore icmp timestamp
broadcast requests, thus IP networks with Linux boxes o

[ more ] [ reply ]

McAfee VirusScan DUNZIP32.dll Buffer Overflow Vulnerability 2006-03-30
Juha-Matti Laurio (juha-matti laurio netti fi)

Networksecurity.fi Security Advisory (30-03-2006)

Title: McAfee VirusScan DUNZIP32.dll Buffer Overflow Vulnerability
Criticality: High (3/3)
Affected software: McAfee VirusScan versions 10 Build 10.0.21 and prior
Author: Juha-Matti Laurio
Date: 30th March, 2006
Advisory ID: Networksecurity.fi Secur

[ more ] [ reply ]

X-Changer <=v0.2 Demo SQL injection 2006-03-30
dabdoub-mosikar moroccan-security com

[+]X-Changer v0.2 Demo
[+]website of software:http://www.skintech.org
[+]founded by Morocco Security Team
[+]special 10x to:all friends ww.lezr.com & www.cim-team.org
[+]SQL
[+]http://[target]/index.php?from=[sql]&into=[sql]&value=1&action=calcul
ate
[+]http://[target]/index.php?action=edit&id=[sql]

[ more ] [ reply ]

[ MDKSA-2006:061 ] - Updated mailman packages fix DoS from badly formed mime multipart messages. 2006-03-30
security mandriva com

Buffer overflows in Dia XFig import 2006-03-29
lars raeder dk

A security review kindly performed by infamous41md has turned up three buffer overflow vulnerabilities in the XFig import plug-in in Dia, a diagramming tool for Gtk that runs on both Winddows and Unix. While the XFig format is not the native format of Dia, a specially crafted XFig file could cause

[ more ] [ reply ]