|
|
Colapse all |
Post message
Advisory: MyPHPNuke <= 1.8.8 multiple XSS vulnerabilities 2006-02-24 nukedx nukedx com --Security Report-- Advisory: MyPHPNuke <= 1.8.8 multiple XSS vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 24/02/06 05:56 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: MPN (www.myphpnuke.com) Version: 1.8.8 a [ more ] [ reply ] Advisory: Woltlab Burning Board 2.x (JGS-Gallery MOD <= 4.0)multiple XSS vulnerabilities 2006-02-24 nukedx nukedx com Dökümanlar »» Döküman oku --Security Report-- Advisory: Woltlab Burning Board 2.x (JGS-Gallery MOD <= 4.0) multiple XSS vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 24/02/06 04:43 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx. [ more ] [ reply ] Advisory: CilemNews System <= 1.1 Remote SQL InjectionVulnerability 2006-02-24 nukedx nukedx com --Security Report-- Advisory: CilemNews System <= 1.1 Remote SQL Injection Vulnerability --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 23/02/06 08:36 PM --- Contacts:{ ICQ: 10072 MSN/Email: nukedx (at) nukedx (dot) com [email concealed] Web: http://www.nukedx.com } --- Vendor: Cilem (www.cilem.net) Version [ more ] [ reply ] [FLSA-2006:180036-2] Updated firefox package fixes security issues 2006-02-24 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2006:180036-1] Updated mozilla packages fix security issues 2006-02-24 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2006:162750] Updated sudo packages fix security issue 2006-02-24 Marc Deslauriers (marcdeslauriers videotron ca) SpeedCommander 11.0 & ZipStar 5.1 & Squeez 5.1 Directory traversal 2006-02-24 h e (het_ebadi yahoo com) SpeedCommander 11.0 & ZipStar 5.1 & Squeez 5.1 Directory traversal The StuffIt and ZipMagic Family of products is designed to meet any level of compression needs; from basic expansion to advanced archive manipulation, to automating routine compression tasks, and even building compression into a [ more ] [ reply ] StuffIt and ZipMagic Family of products Directory traversal 2006-02-24 h e (het_ebadi yahoo com) StuffIt and ZipMagic Family of products Directory traversal The StuffIt and ZipMagic Family of products is designed to meet any level of compression needs; from basic expansion to advanced archive manipulation, to automating routine compression tasks, and even building compression into a software [ more ] [ reply ] WinAce Archiver v2.6 Directory traversal 2006-02-24 h e (het_ebadi yahoo com) WinAce Archiver v2.6 Directory traversal ACE Cmpression Software & e-merge GmbH http://www.winace.com Credit: The information has been provided by Hamid Ebadi ( Hamid Network Security Team) : admin (at) hamid (dot) ir. [email concealed] The original article can be found at : http://hamid.ir/security Vulnerable Systems: Win [ more ] [ reply ] [eVuln] Guestex Shell Command Execution Vulnerability 2006-02-24 alex evuln com New eVuln Advisory: Guestex Shell Command Execution Vulnerability http://evuln.com/vulns/76/summary.html --------------------Summary---------------- eVuln ID: EV0076 CVE: CVE-2006-0777 Software: Guestext Sowtware's Web Site: http://www.teca-scripts.com/ Versions: 1.0 Critical Level: Dangerous Type: [ more ] [ reply ] NSA Group Security Advisory NSAG-¹200-24.02.2006 Vulnerability ArGoSoft Mail Server Pro IMAP 2006-02-24 NSA Group (vulnerability nsag ru) Advisory: NSAG-¹200-24.02.2006 Research: NSA Group [Russian company on Audit of safety & Network security] Site of Research: http://www.nsag.ru or http://www.nsag.org Product: ArGoSoft Mail Server Pro 1.8 IMAP Site of manufacturer: www.argosoft.com The status: 19/11/2005 - Publication is pos [ more ] [ reply ] NSA Group Security Advisory NSAG-¹198-23.02.2006 Vulnerability ArGoSoft Mail Server Pro 2006-02-24 NSA Group (vulnerability nsag ru) Advisory: NSAG-¹201-24.02.2006 Research: NSA Group [Russian company on Audit of safety & Network security] Site of Research: http://www.nsag.ru or http://www.nsag.org Product: ArGoSoft Mail Server Pro 1.8 POP Site of manufacturer: www.argosoft.com The status: 19/11/2005 - Publication is pos [ more ] [ reply ] Archive_Tar v 1.2(Tested) (Tar file management class) Directory traversal 2006-02-24 h e (het_ebadi yahoo com) Archive_Zipr (Zip file management class) Directory traversal This class provides handling of tar files in PHP. It supports creating, listing, extracting and adding to tar files. Gzip support is available if PHP has the zlib extension built-in or loaded. Bz2 compression is also supported with t [ more ] [ reply ] Vulnerability in Crypt::CBC Perl module, versions <= 2.16 2006-02-23 Lincoln Stein (lstein cshl edu) Perl Module Security Advisory ------------------------------------------------------------------------ ------- Title: Crypt::CBC ciphertext weakness when using certain block algorithms Severity: High Versions: All versions <= 2.16. Date: 23 February 2006 -------------------------------------- [ more ] [ reply ] Administrivia: New Bugtraq moderator 2006-02-23 David Ahmad (da securityfocus com) Bugtraq Subscribers, Due to a recent lateral shift I've made, I am no longer moderating the Bugtraq mailing list. I haven't moderated full time for a while, and now it's time to hand the list over to a new manager. David McKinney <dm (at) securityfocus (dot) com [email concealed]> will be taking over Bugtraq as primary [ more ] [ reply ] RE: Amazon phishing scam on Yahoo servers 2006-02-23 Alex Eckelberry (AlexE sunbelt-software com) There's a LOT of phishing domains on Yahoo. Apparently all you need to do setup an account is a fake address and phone number. I routinely report it to them. You can always send an email to phishing-abuse (at) cc.yahoo-inc (dot) com [email concealed] as well as anyone else you can find. Alex -----Original Message----- Fro [ more ] [ reply ] NSA Group Security Advisory NSAG-¹195-23.02.2006 Vulnerability FCKeditor 2.0 FC 2006-02-23 NSA Group (vulnerability nsag ru) Advisory: NSAG-¹195-23.02.2006 Research: NSA Group [Russian company on Audit of safety & Network security] Site of Research: http://www.nsag.ru or http://www.nsag.org Product: FCKeditor 2.0 FC Site of manufacturer: http://www.fckeditor.net The status: 19/11/2005 - Publication is postponed. [ more ] [ reply ] NSA Group Security Advisory NSAG-¹198-23.02.2006 Vulnerability The Bat v. 3.60.07 2006-02-23 NSA Group (vulnerability nsag ru) Advisory: NSAG-¹198-23.02.2006 Research: NSA Group [Russian company on Audit of safety & Network security] Site of Research: http://www.nsag.ru or http://www.nsag.org Product: The Bat v. 3.60.07 Site of manufacturer: www.ritlabs.com The status: 19/11/2005 - Publication is postponed. 19/11/ [ more ] [ reply ] NSA Group Security Advisory NSAG-¹196-23.02.2006 Vulnerability FCKeditor 2.2 2006-02-23 NSA Group (vulnerability nsag ru) Advisory: NSAG-¹196-23.02.2006 Research: NSA Group [Russian company on Audit of safety & Network security] Site of Research: http://www.nsag.ru or http://www.nsag.org Product: FCKeditor 2.2 Site of manufacturer: http://www.fckeditor.net The status: 19/11/2005 - Publication is postponed. 19/ [ more ] [ reply ] NSA Group Security Advisory NSAG-¹197-23.02.2006 Vulnerability CubeCart 3.0.0 ? 3.0.6 2006-02-23 NSA Group (vulnerability nsag ru) Advisory: NSAG-¹197-23.02.2006 Research: NSA Group [Russian company on Audit of safety & Network security] Site of Research: http://www.nsag.ru or http://www.nsag.org Product: CubeCart 3.0.0 ? 3.0.6 Site of manufacturer: http://www.cubecart.com The status: 19/11/2005 - Publication is postpone [ more ] [ reply ] HYSA-2006-003 Oi! Email Marketing 3.0 SQL Injection 2006-02-23 h4cky0u org gmail com ------------------------------------------------------ HYSA-2006-003 h4cky0u.org Advisory 012 ------------------------------------------------------ Date - Thu Feb 24 2006 TITLE: ====== Oi! Email Marketing 3.0 SQL Injection SEVERITY: ========= High SOFTWARE: ========= Oi! Email Market [ more ] [ reply ] Event Speaker 2006-02-23 Pete Herzog (pete isecom org) Hi, We're looking for other speakers for our annual ISESTORM event (www.isestorm.org) from April 1 - 8. This is our third event which we do at cost and it will take place in Barcelona, Spain again at La Salle University (La Salle URL). We are inviting speakers to talk about experiences within th [ more ] [ reply ] RE: Amazon phishing scam on Yahoo servers 2006-02-22 Geoff Vass (geoff cadzow com au) (1 replies) Other domains used for phishing I have seen are paypal-unlocking.net, secure.commonwealth-banking.com and citibusinessonline.da-us.citybizcorp.com. Surely someone, somewhere, has to take some responsibility for allowing domains to be created which are clearly and obviously bogus. Who could possibly [ more ] [ reply ] |
|
Privacy Statement |
Winamp 5.13 m3u Playlist Buffer Overflow
Vulnerability Type / Importance: Unauthorised Code Execution / High
Problem Discovered: February 17th 2006
Vendor Contacted: February 17th 2006
Advisory Published: February 24th 2006
Abstract:
Nullsoft Winamp is a popular
[ more ] [ reply ]