|
|
Colapse all |
Post message
CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAPBC 2006-02-15 Leandro Meiners (lmeiners cybsec com) [myimei]WordPress2.0.0~autors?website~XSS attack 2006-02-14 addmimistrator gmail com >>>>original advisory<<<<< http://myimei.com/security/2006-02-15/wordpress200autors-websitexss-atta ck.html#more-14 >>>>><<<<<>>>>>><<<<<>>>> ??????-Summary?????- Software: WordPress Sowtware?s Web Site: http://www.wordpress.org Versions: 2.0.0 Class: Remote Status: Unpatched Exploit: Available Solut [ more ] [ reply ] [SECURITY] [DSA 976-1] New libast packages fix arbitrary code execution 2006-02-15 joey infodrom org (Martin Schulze) PostgreSQL security releases 8.1.3, 8.0.7, 7.4.12, 7.3.14 2006-02-15 PostgreSQL Security (security postgresql org) PostgreSQL versions 8.1.3, 8.0.7, 7.4.12 and 7.3.14 have been released fixing two security issues. Details of vulnerability 1 -------------------------- Vulnerability type: Escalation of privileges Remotely exploitable: No (requires valid login) Affected versions: PostgreSQL 8.1.0-8.1.2 Fixed ve [ more ] [ reply ] Cisco Security Advisory: TACACS+ Authentication Bypass in Cisco Anomaly Detection and Mitigation Products 2006-02-15 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: TACACS+ Authentication Bypass in Cisco Anomaly Detection and Mitigation Products Document ID: 69073 Advisory ID: cisco-SA-20060215-guard-auth http://www.cisco.com/warp/public/707/cisco-sa-20060215-guard.shtml Revision 1.0 == [ more ] [ reply ] [SECURITY] [DSA 975-1] New nfs-user-server packages fix arbitrary code execution 2006-02-15 joey infodrom org (Martin Schulze) [ GLSA 200602-07 ] Sun JDK/JRE: Applet privilege escalation 2006-02-15 Stefan Cornelius (dercorny gentoo org) [EEYEB-20051017] Windows Media Player BMP Heap Overflow 2006-02-14 eEye Advisories (Advisories eeye com) EEYEB-20051017 Windows Media Player BMP Heap Overflow Release Date: February 14, 2006 Date Reported: October 17, 2005 Patch Development Time (In Days): 60 Severity: High (Remote Code Execution) Vendor: Microsoft Systems Affected: Microsoft Windows Media Player 7.1 through 10 Windows NT 4 [ more ] [ reply ] iDefense Security Advisory 02.14.06: Microsoft Windows Media Player Plugin Buffer Overflow Vulnerability 2006-02-14 labs-no-reply (at) idefense (dot) com [email concealed] (labs-no-reply idefense com) Microsoft Windows Media Player Plugin Buffer Overflow Vulnerability iDefense Security Advisory 02.14.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=393 February 14, 2006 I. BACKGROUND Windows Media Player is a full featured Audio/Visual playback application offered by Micr [ more ] [ reply ] memory leak in IE? 2006-02-14 David Cross (davidcross Post-N-Track com) I've tried the following code in IE on XP SP2 and it appears there is a memory leak. It could potentially lead to a dos. Interestingly I tried the same code with a very large status message and the leak seemed to slow down. Strange. <HTML> <Body> <script language="JavaScript"> setInte [ more ] [ reply ] XSS bugs and SQL injection in sNews 2006-02-14 Alexander Hristov (joffer gmail com) Official page : http://www.solucija.com/home/snews/ XSS in comments : just post some comment with <script>alert('XSS TEST by securitydot.net');</script> FIX : put this on 423 line $r = str_replace ("<","<",$r); $r = str_replace (">","&lg",$r); Injection through categories : index.php?cate [ more ] [ reply ] dotproject <= 2.0.1 remote code execution 2006-02-14 r verton gmail com dotproject <= 2.0.1 remote code execution ====================================== Software: dotProject <= 2.0.1 Severity: Arbitrary code execution, Path/Information Disclosure Risk: High Author: Robin Verton <r.verton (at) gmail (dot) com [email concealed]> Date: Feb. 14 2006 Vendor: dotproject.net [contact [ more ] [ reply ] SQL injection in PHP Classifieds 6.20 2006-02-14 audun larsen lkonsult no ------------------------------------------------------------------------ --- SQL injection in PHP Classifieds 6.20 ------------------------------------------------------------------------ --- Author: Audun Larsen (audun dot larsen at lkonsult dot no) Date: February 14, 2006 Affected software: ======= [ more ] [ reply ] [SECURITY] [DSA 971-1] New xpdf packages fix denial of service 2006-02-14 joey infodrom org (Martin Schulze) On the "0-day" term 2006-02-14 Steven M. Christey (coley mitre org) (2 replies) In the "Internet Explorer drag&drop 0day" thread, Gadi Evron said: >In my opinion, this comes to prove 0days are USUALLY a "myth" (WMF >being a good example of a real 0day), It's not necessarily that 0-days are a myth, it's that people have been using the term "0-day" to mean two separate things: [ more ] [ reply ] [SECURITY] [DSA 970-1] New kronolith packages fix cross-site scripting 2006-02-14 joey infodrom org (Martin Schulze) [ MDKSA-2006:039 ] - Updated gnutls packages fix libtasn1 out-of-bounds access vulnerabilities 2006-02-14 security mandriva com eStara SIP softphone several message-processing vulnerabilities 2006-02-14 zwell sohu com Visit http://www.nosec.org for more infomation SIP is the important protocol in VOIP, and I think it'll improve fast and fast in the future just like the TCP/IP. In that time, we can contact each other by VOIP for vedio and sound very cheaply. As a new protocol, most vendor just consider the [ more ] [ reply ] MyBB 1.03 Multible xss and sql injections 2006-02-14 s2b hotmail com Multible Injections in MyBB 1.03 All injections and vulnerabilities discovered by : HACKERS PAL two days ago i thought to download the new Mybb forum new version files .. and there were the desaster there is many xss and sql injections in the new protected version ... and i made a exploit which [ more ] [ reply ] Advisory: Internet Explorer Drag and Drop Redeux [CVE-2005-3240] (fwd) 2006-02-14 Matthew Murphy (mattmurphy kc rr com) (1 replies) -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 My apologies to those who are receiving this late or are otherwise inconvenienced by the staggered release. I had unexpected, last-minute travel issues that interfered somewhat with today's release. Of note since the initial drafting of the advis [ more ] [ reply ] Advisory: Internet Explorer Drag and Drop Redeux [CVE-2005-3240] (fwd) 2006-02-14 Matthew Murphy (mattmurphy kc rr com) [ GLSA 200602-06 ] ImageMagick: Format string vulnerability 2006-02-13 Thierry Carrez (koon gentoo org) New winamp m3u/pls .WMA & .M3U Extension overflows 2006-02-13 b0fnet yahoo com This is an update on. http://idefense.com/intelligence/vulnerabilities/display.php?id=378 and also a new overflow with .m3u This overflow is still present in the latest version of winamp 5.13 with a little bit of modifcation. FIRST VULN ========== like so.. Example m3U file format: #EXTM3U #EXT [ more ] [ reply ] EGS Enterprise Groupware System 1.0 rc4 remote commands execution & FlySpray 0.9.7 remote commands execution 2006-02-13 rgod autistici org --------EGS Enterprise Groupware System 1.0 rc4 (possibly prior versions)------- remote code execution ------------------------------------------------------------------------ -------- software: site: http://egs.sourceforge.net/ description: "EGS is an Open Source business system release [ more ] [ reply ] |
|
Privacy Statement |
http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Arbitrary_File_R
ead_or_Delete_in_SAP_BC.pdf )
CYBSEC S.A.
www.cybsec.com
Pre-Advisory Name: Arbitrary File Read/Delete in SAP BC (Business
Connector)
Vulnerability Clas
[ more ] [ reply ]