-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:038
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:036
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]

QNX RTOS 6.3.0 rc.local Insecure File Permissions Vulnerability

iDefense Security Advisory 02.07.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=387
February 7, 2006

I. BACKGROUND

QNX Software Systems Ltd.'s Neutrino RTOS (QNX) is a real-time operating
system designed for u

[ more ]  [ reply ]

QNX Neutrino RTOS passwd Command Buffer Overflow

iDefense Security Advisory 02.07.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=388
February 7, 2006

I. BACKGROUND

QNX Neutrino RTOS is a real-time operating system designed for use in
embedded systems. More information abou

[ more ]  [ reply ]

<?php
# ---dragonfly9.0.6.1_incl_xpl.php 20.15 07/02/2006 #
# #
# CPGNuke Dragonfly 9.0.6.1 remote commands execution through arbitrary local #
# inclusion - (Sun-Tzu Drangonfly killing) -

[ more ]  [ reply ]

I would just like to follow up on this thread by announcing that the security-flaws detected by Preben has been successfully been removed in Easy CMS v1.3RC2.

regards,
Kim Steinhaug
www.easycms.no

[ more ]  [ reply ]

New eVuln Advisory:
PHP iCalendar File Inclusion Vulnerability
http://evuln.com/vulns/70/summary.html

--------------------Summary----------------
eVuln ID: EV0070
Software: PHP iCalendar
Sowtware's Web Site: http://phpicalendar.net/
Versions: 2.0.1 2.1 2.2
Critical Level: Dangerous
Type: File Inclu

[ more ]  [ reply ]

WiredRed EPOP XSS Vulnerability

---Summary---

Software Affected: EPOP WebConference Server
Software Versions: 4.1.0.755
Vendors URL: www.wiredred.com
Vulnerability Type: Cross Site Scripting
Proof of Concept: An exploit is not required
Threat Level:

[ more ]  [ reply ]

QNX Neutrino RTOS libAp ABLPATH Buffer Overflow Vulnerability

iDefense Security Advisory 02.07.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=381
February 7, 2006

I. BACKGROUND

QNX Software Systems Ltd.'s Neutrino RTOS (QNX) is a real-time operating
system designed for use

[ more ]  [ reply ]

QNX Neutrino RTOS phgrafx Command Buffer Overflow

iDefense Security Advisory 02.07.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=384
February 7, 2006

I. BACKGROUND

QNX Software Systems Ltd.'s Neutrino RTOS (QNX) is a real-time operating
system designed for use in embedded

[ more ]  [ reply ]

##Night_Warrior<Kurdish Hacker>
##night_warrior771[at]hotmail.com
##Whomp Real Estate Manager XP 2005 Sql Injection
##http://www.webeveyn.com/WHOMP/Rem/
##
##Code For Admin Login :
##
##Username : ' or ''='
##Password: ' or ''='
##
##
##Contact :night_warrior771[at]hotmail.com
##Night_Warrior<Kurdih

[ more ]  [ reply ]

So, like, what about http://www.integrigy.com/info/IntegrigySecurityAnalysis-MODPLSQLVuln.pdf

[ more ]  [ reply ]

QNX Neutrino RTOS libph PHOTON_PATH Buffer Overflow Vulnerability

iDefense Security Advisory 02.07.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=382
February 7, 2006

I. BACKGROUND

QNX Software Systems Ltd.'s Neutrino RTOS (QNX) is a real-time operating
system designed for

[ more ]  [ reply ]

QNX RTOS 6.3.0 Local Denial of Service Vulnerability

iDefense Security Advisory 02.07.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=386
February 7, 2006

I. BACKGROUND

QNX Software Systems Ltd.'s Neutrino RTOS (QNX) is a real-time operating
system designed for use in embed

[ more ]  [ reply ]

QNX Neutrino RTOS phfont Race Condition Vulnerability

iDefense Security Advisory 02.07.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=383
February 7, 2006

I. BACKGROUND

QNX Software Systems Ltd.'s Neutrino RTOS (QNX) is a real-time operating
system designed for use in embe

[ more ]  [ reply ]

The advisory says:

>Status: patched in 1.0.3
...
>?????Solution???????
>No Patch available.
>(bug reported to vendor today)

I'm confused. One part of this advisory says there's a patch
available, one part says there isn't. (By the way, this is an example
of the "inconsistent" property of securi

[ more ]  [ reply ]

QNX Neutrino RTOS su Command Buffer Overflow

iDefense Security Advisory 02.07.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=385
February 7, 2006

I. BACKGROUND

QNX Software Systems Ltd.'s Neutrino RTOS (QNX) is a real-time operating
system designed for use in embedded syst

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:037
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]

QNX Neutrino RTOS fontsleuth Command Format String Vulnerability

iDefense Security Advisory 02.07.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=380
February 7, 2006

I. BACKGROUND

QNX Software Systems Ltd.'s Neutrino RTOS (QNX) is a real-time operating
system designed for

[ more ]  [ reply ]

QNX Neutrino RTOS crttrap Arbitrary Library Loading Vulnerability

iDefense Security Advisory 02.07.06
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=379
February 7, 2006

I. BACKGROUND

QNX Software Systems Ltd.'s Neutrino RTOS (QNX) is a real-time operating
system designed for

[ more ]  [ reply ]

ORIGINAL ADVISORY :
http://myimei.com/security/2006-02-07/mybb103moderationphpsqlinject-whil
e-merging-posts.html
??????-Summary?????-
Software: MyBB
Sowtware?s Web Site: http://www.mybboard.com
Versions: 1.0.3
Class: Remote
Status: Unpatched
Exploit: Available
Discovered by: imei addmimistrator
Risk

[ more ]  [ reply ]

original advisory:
http://myimei.com/security/2006-01-14-mybb-102searchphpxss-attackandmore
/index.html
---------------
?????-Summary?????-
Software: MyBB
Sowtware?s Web Site: http://mybboard.com
Versions: 1.0.2
Class: Remote
Status: patched in 1.0.3
Exploit: Available
Solution: Available
Discovered

[ more ]  [ reply ]

While we take all security reports seriously we have investigated this report and have been unable to find any sort of exploit suggested by the author.

External security audits are performed on a regular basis and we are committed to the fast response and release of patches for any vulnerability, c

[ more ]  [ reply ]

##########################################################
# GulfTech Security Research February 7, 2006
##########################################################
# Vendor : eyeOS Project
# URL : http://www.eyeos.org/
# Version : eyeOS <= 0.8.9
# Risk : Remote Code Execution
###########

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:035
http://www.mandriva.com/security/
____________________________________________________________________

[ more ]  [ reply ]

Hello all,

I recently audited a box with a software called OProfile
(http://oprofile.sourceforge.net/).

"OProfile is a system-wide profiler for Linux systems, capable of profiling all
running code at low overhead. OProfile is released under the GNU GPL.
It consists of a kernel driver and a daemon

[ more ]  [ reply ]