SecurityFocus

Re: What can a Remote Vulnerability Scanner do in Future? 2006-02-12
Tim Nelson (security webalive biz)

On Mon, 6 Feb 2006, Alice Bryson wrote:

...
> Eeye scanner could not do remote local check too. So I am consider
> what can Remote Vulnerability Scanner do? Will this thing disappear in
> the future?

Scan for remote vulnerabilities. Scanning for local
vulnerabilities can obviously only be d

[ more ] [ reply ]

[USN-248-1] unzip vulnerability 2006-02-15
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-248-1 February 13, 2006
unzip vulnerability
CVE-2005-4667
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

[ more ] [ reply ]

Re: John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0 2006-02-11
Aaron (microchp microchp org)

Yes. For example, a sysadmin may wish to just check a
known set of used/common passwords against many machines.
JTR is great for a single quick pass against a small
dictionary thus to ensure people are not picking stupid
passwords. Some systems also do not support password
complexity checkin

[ more ] [ reply ]

[eVuln] 2200net Calendar system SQL Injection and Authentication Bypass Vulnerabilities 2006-02-15
alex evuln com

New eVuln Advisory:
2200net Calendar system SQL Injection and Authentication Bypass Vulnerabilities
http://evuln.com/vulns/62/summary.html

--------------------Summary----------------
eVuln ID: EV0062
CVE: CVE-2006-0610
Software: 2200net Calendar system
Sowtware's Web Site: http://calendar.2200net.c

[ more ] [ reply ]

[SECURITY] [DSA 974-1] New gpdf packages fix denial of service 2006-02-15
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 974-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
February 15th, 2006

[ more ] [ reply ]

[eVuln] My Blog BBCode XSS Vulnerabilities 2006-02-15
alex evuln com

New eVuln Advisory:
My Blog BBCode XSS Vulnerabilities
http://evuln.com/vulns/79/summary.html

--------------------Summary----------------
eVuln ID: EV0079
Software: My Blog
Sowtware's Web Site: http://fuzzymonkey.net/cgi-bin/download.cgi?file=blog
Versions: My Blog 1.63
Critical Level: Harmless
Typ

[ more ] [ reply ]

[security bulletin] SSRT061108 rev.3 - HP Systems Insight Manager Remote Unauthorized Access via Directory Traversal 2006-02-15
security-alert hp com

Re: John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0 2006-02-11
Rainer Duffner (rainer ultra-secure de)

Solar Designer wrote:

>
>Finally, often it is preferable to not spend lots of disk space and lots
>of time and/or bandwidth to generate or download rainbow tables, -- and
>also to not reveal your password hashes to a third party (such as one of
>the online rainbow tables based cracking services).
>

[ more ] [ reply ]

XMB Forums Multiple Vulnerabilities 2006-02-12
GulfTech Security Research (security gulftech org)

##########################################################
# GulfTech Security Research February 12, 2006
##########################################################
# Vendor : XMB Software
# URL : http://www.xmbforum.com/
# Version : XMB Forums <= 1.9.3
# Risk : Multiple Vulnerabilities
#

[ more ] [ reply ]

[security bulletin] SSRT051045 rev.2 - HP-UX Running DNS BIND4/BIND8 as Forwarders: Remote Unauthorized Privileged Access 2006-02-15
security-alert hp com

[USN-248-2] unzip regression fix 2006-02-15
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-248-2 February 15, 2006
unzip regression fix
https://launchpad.net/bugs/31457
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4

[ more ] [ reply ]

Mirabiliz ICQ 2002/2003/ LITE 4.0/4.1 LONG (DIRECTORY + FILENAME) EXPLOIT 2006-02-15
edubp2002 hotmail com

Mirabiliz ICQ 2002/2003/ LITE 4.0/4.1 LONG (DIRECTORY + FILENAME) EXPLOIT

Found this 'bug' about 1 year n a half ago.

If u drag and drop a folder containing 1 or more file from your computer into the nick of someone in your contact
list it is possible to send a full directory... The possibility to

[ more ] [ reply ]

[USN-250-1] Linux kernel vulnerability 2006-02-15
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-250-1 February 13, 2006
linux-source-2.6.12 vulnerability
CVE-2006-0454
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.10 (Breezy B

[ more ] [ reply ]

Digital Armaments Security Advisory 02.14.2006: Gallery web-based photo gallery remote file execution 2006-02-14
info digitalarmaments com

Gallery web-based photo gallery remote file execution

Digital Armaments advisory is 02.14.2006
http://www.digitalarmaments.com/2006140293402395.html

I. Background

Gallery is a slick Web-based photo album written using PHP. It is easy to install, includes a config wizard, and provides users with t

[ more ] [ reply ]

Re: Latest wu-ftpd exploit :-s 2006-02-14
Ragnar Paulson (ragnar wanware com)

----- Original Message -----
From: "Mark Heiligen" <mark.heiligen (at) gmx (dot) at [email concealed]>
To: <bugtraq (at) securityfocus (dot) com [email concealed]>; <full-disclosure (at) lists.grok.org (dot) uk [email concealed]>
Sent: Monday, February 13, 2006 3:41 AM
Subject: Latest wu-ftpd exploit :-s

> http://www.frsirt.com/exploits/08.11.0x82-wu262-advanced.c.php
>

Isn't th

[ more ] [ reply ]

Re: Invision Power Board Army System Mod <= 2.1 SQL Injection Exploit 2006-02-13
Cristian Stoica (security netcms biz)

Hi,

I have a question:
If you use an ecryption algorithm to store/get data into/from the
database you will not be able to do SQL injections ?
With a simple encryption algorithm, I do with php explode, transform
the string into an array and run the algorithm on each member of the array

[ more ] [ reply ]

Re: Re: Vulnerabilities in vBulltin(3.0.7 - 3.5.3) and IPB(2.0.0 - 2.1.4). 2006-02-13
sudd3n_death hotmail com

Hi
I sent him an email about his bugs and exploits.
He asked me to add him in his ICQ.
I told him I dont have and I gave him my msn and he added me.
He asked me if I want the exploits I have to pay 500$.
I said how and he gave me a site for transfring money.
I told him I cant. I said if you want me

[ more ] [ reply ]

CYBSEC - Security Pre-Advisory: Phishing Vector in SAP BC 2006-02-15
Leandro Meiners (lmeiners cybsec com)

(The following advisory is also available in PDF format for download at:
http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Phishing_Vector_
in_SAP_BC.pdf )

CYBSEC S.A.
www.cybsec.com

Pre-Advisory Name: Phishing Vector in SAP BC (Business Connector)

Vulnerability Class: Phishing Vector / Impr

[ more ] [ reply ]

Vulnerabilites in new laws on computer hacking 2006-02-11
self-destruction itsbest com

It'd be interesting to see if this post gets approved by the moderators of bugtraq.

As all of you know, this forum (bugtraq) is constantly monitored not only by crackers and infosec professionals, but also by government and law-enforcement agencies.

The reason why I'm posting this message is becau

[ more ] [ reply ]

iDefense Labs Quarterly Hacking Challenge 2006-02-14
labs-no-reply (at) idefense (dot) com [email concealed] (labs-no-reply idefense com)

iDefense Labs is pleased to announce the launch of our quarterly hacking
challenge. Going forward, on a quarterly basis, we will select a new
focus for the challenge and outline the rules for vulnerability
discoveries that will qualify for the monetary rewards.

For the current quarter, iDefense Lab

[ more ] [ reply ]

CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAPBC 2006-02-15
Leandro Meiners (lmeiners cybsec com)

(The following advisory is also available in PDF format for download at:
http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Arbitrary_File_R
ead_or_Delete_in_SAP_BC.pdf )

CYBSEC S.A.
www.cybsec.com

Pre-Advisory Name: Arbitrary File Read/Delete in SAP BC (Business
Connector)

Vulnerability Clas

[ more ] [ reply ]

[BuHa-Security] Multiple Vulnerabilities in Mantis 1.00rc4 2006-02-15
bugtraq morph3us org

[myimei]WordPress2.0.0~autors?website~XSS attack 2006-02-14
addmimistrator gmail com

>>>>original advisory<<<<<
http://myimei.com/security/2006-02-15/wordpress200autors-websitexss-atta
ck.html#more-14
>>>>><<<<<>>>>>><<<<<>>>>
??????-Summary?????-
Software: WordPress
Sowtware?s Web Site: http://www.wordpress.org
Versions: 2.0.0
Class: Remote
Status: Unpatched
Exploit: Available
Solut

[ more ] [ reply ]

[SECURITY] [DSA 976-1] New libast packages fix arbitrary code execution 2006-02-15
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 976-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
February 15th, 2006

[ more ] [ reply ]

PostgreSQL security releases 8.1.3, 8.0.7, 7.4.12, 7.3.14 2006-02-15
PostgreSQL Security (security postgresql org)

PostgreSQL versions 8.1.3, 8.0.7, 7.4.12 and 7.3.14 have been released
fixing two security issues.

Details of vulnerability 1
--------------------------
Vulnerability type: Escalation of privileges
Remotely exploitable: No (requires valid login)

Affected versions: PostgreSQL 8.1.0-8.1.2
Fixed ve

[ more ] [ reply ]

Cisco Security Advisory: TACACS+ Authentication Bypass in Cisco Anomaly Detection and Mitigation Products 2006-02-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: TACACS+ Authentication Bypass in Cisco
Anomaly Detection and Mitigation Products

Document ID: 69073

Advisory ID: cisco-SA-20060215-guard-auth

http://www.cisco.com/warp/public/707/cisco-sa-20060215-guard.shtml

Revision 1.0
==

[ more ] [ reply ]

[SECURITY] [DSA 975-1] New nfs-user-server packages fix arbitrary code execution 2006-02-15
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 975-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
February 15th, 2006

[ more ] [ reply ]

[ GLSA 200602-07 ] Sun JDK/JRE: Applet privilege escalation 2006-02-15
Stefan Cornelius (dercorny gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200602-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[EEYEB-20051017] Windows Media Player BMP Heap Overflow 2006-02-14
eEye Advisories (Advisories eeye com)

EEYEB-20051017 Windows Media Player BMP Heap Overflow

Release Date:
February 14, 2006

Date Reported:
October 17, 2005

Patch Development Time (In Days):
60

Severity:
High (Remote Code Execution)

Vendor:
Microsoft

Systems Affected:
Microsoft Windows Media Player 7.1 through 10

Windows NT 4

[ more ] [ reply ]

iDefense Security Advisory 02.14.06: Microsoft Windows Media Player Plugin Buffer Overflow Vulnerability 2006-02-14
labs-no-reply (at) idefense (dot) com [email concealed] (labs-no-reply idefense com)

Microsoft Windows Media Player Plugin Buffer Overflow Vulnerability

iDefense Security Advisory 02.14.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=393
February 14, 2006

I. BACKGROUND

Windows Media Player is a full featured Audio/Visual playback
application offered by Micr

[ more ] [ reply ]