I. DESCRIPTION

Easily exploitable Pseudo Random Number generator in phpbb version 2.0.19 and under.

II. DETAILS

Due to poor design the gen_rand_string() can only generate upto 1 million hashes or random strings. This allow an attacker to reset any account through the lost password request form b

[ more ]  [ reply ]

I. DESCRIPTION

CommuniGate Pro Core Server from CommuniGate Systems provides robust cross-platform
groupware applications, enabling a cost effective, easy to manage communications platform.

For more info visit http://www.stalker.com

II. DETAILS

ProtoVer LDAP testsuite v1.5 uncovered critical D

[ more ]  [ reply ]

author: l0om
page: www.excluded.org
date: 03.02.2006

cleartext passwords get into log files
(this was first noted from a sshd [SSH-1.99-OpenSSH_3.7.1p2])

once on a linux box i have noticed cleartext passwords in the
"/var/log/messages" logfile. how this happens and how to prevent
is the aim of th

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The mwcollect Alliance has been launched today. The mwcollect Alliance
is a non-profit community effort to collect autonomously spreading
malware and share with anti-virus and vulnerability researchers. Malware
is collected with the mwcollect Malware Co

[ more ]  [ reply ]

New eVuln Advisory:
Vanilla Guestbook Multiple XSS & SQL Injection Vulnerabilities
http://evuln.com/vulns/54/summary.html

--------------------Summary----------------

Software: Vanilla Guestbook
Sowtware's Web Site: http://tachyondecay.net/
Versions: 1.0 Beta
Critical Level: Moderate
Type: Multiple

[ more ]  [ reply ]

During a lab exercise one of our students found several privacy
security issues in products and services offered by http://orbicule.com.

orbicule.com offers what is claimed to be a Notebook Anti-Theft
solution for Apple MacOS X called Undercover. You install their
software on their machine, r

[ more ]  [ reply ]

KAPDA New advisory

Vendor: http://www.jaia-interactive.com
Vulnerable: Version: 1.2.3
Bug: Sql Injection & Path Disclosure
Exploitation: Remote with browser

Description:
--------------------
MyTopix is a PHP-based message board system that uses
a MySQL database.

Vulnerability:
-----------------

[ more ]  [ reply ]

Hi guys
there is a simple sql injection in web app. (ASP Survey) by this vuln. you can go into the admin page

Target Page : login.asp
Vendor : ASP Survey
Exploit : User: admin Password: 'or'

Hacking: 1. search on google.com as :
allinurl:"login.asp" ASPsurvey
and then type the Exploit in correct o

[ more ]  [ reply ]

PluggedOut Blog SQL INJECTION and XSS

PluggedOut Blog is an open source script you can run
on your web server to give you an online multi-user
journal or diary.
It can be used equally well for any kind of calendar
application.Rather than give you a thousand things you
don't really want ...
Plugged

[ more ]  [ reply ]

------------- LoudBlog <= 0.4 arbitrary remote inclusion -----------

software:
site: http://loudblog.de/
description: "Loudblog is a sleek and easy-to-use Content Management
System (CMS) for publishing media content on the web. It automatically
generates a skinnable website and an RSS-Feed fo

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Virtual Security Research, LLC.
http://www.vsecurity.com/
Security Advisory

-
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-

Advisory Name: Remote Directory Traver

[ more ]  [ reply ]

New eVuln Advisory:
MyQuiz Arbitrary Command Execution Vulnerability
http://evuln.com/vulns/57/summary.html

--------------------Summary----------------

Software: MyQuiz
Sowtware's Web Site: http://www.corantodemo.net/
Versions: 1.01
Critical Level: Dangerous
Type: Command Execution
Class: Remote
S

[ more ]  [ reply ]

Title: outblaze Cross Site Scripting

Author: Simo Ben youssef aka _6mO_HaCk <simo_at_morx_org>
Discovered: 23 january 2005
Published: 02 february 2006
MorX Security Research Team
http://www.morx.org
Original advisory: http://www.morx.org/outblazeXSS.txt

Service: Webmail manager

Vendor: outblaze /

[ more ]  [ reply ]

David Litchfield recently provided a detailed description of a number
of vulnerabilities in Oracle PLSQL Gateway. He showed how, each time
the blacklist defense was modified, he was able to find a new variant
that worked around the more restrictive blacklist.

This type of pattern has emerged time

[ more ]  [ reply ]

As I submitted to full disclosure:

"I have discovered that there is a buffer overrun vulnerability in AOL's Instant Messenger program. I have only tested this on version 5.9.3861. The problem causes a minimum of a program crash. I am not sure as to the posibility of shellcode execution.

The vulner

[ more ]  [ reply ]

Author: securma massine <securma (at) morx (dot) org [email concealed]>
MorX Security Research Team
http://www.morx.org

Product info :
EXchangepop3 is an email gateway (connector) that retrieves messages from
Internet POP3 email accounts and delivers them to Exchange Server.
Vulnerability Description:
eXchangepop3 is vulnera

[ more ]  [ reply ]

Title: cPanel Multiple Cross Site Scripting

Author: Simo Ben youssef aka _6mO_HaCk <simo_at_morx_org>
Discovered: 22 january 2005
Published: 02 february 2006
MorX Security Research Team
http://www.morx.org

Service: Web Hosting Manager

Vendor: cPanel

Vulnerability: Cross Site Scripting / Cookie-T

[ more ]  [ reply ]

Title: Neomail Cross Site Scripting

Author: Simo Ben youssef aka _6mO_HaCk <simo_at_morx_org>
Discovered: 24 january 2005
Published: 02 february 2006
MorX Security Research Team
http://www.morx.org

Service: Webmail Perl Client

Vendor: neomail / www.neocodesolutions.com

Vulnerability: Cross Site

[ more ]  [ reply ]

On Sun, 29 Jan 2006 01:50:23 +0100, Michal Zalewski <lcamtuf (at) dione.ids (dot) pl [email concealed]>
wrote:

> Problem #1 - trouble with these pesky foreigners
> ------------------------------------------------
>
> The mechanism for preventing overly relaxed cookie domain
> specification seems to be broken in

[ more ]  [ reply ]

KDE Security Advisory: kpdf/xpdf heap based buffer overflow
Original Release Date: 2006-02-02
URL: http://www.kde.org/info/security/advisory-20060202-1.txt

0. References
CVE-2006-0301

1. Systems affected:

KDE 3.4.0 up to including KDE 3.5.1

2. Overview:

kpdf, the KDE

[ more ]  [ reply ]

IronMail 5.0.1 Denial of Service Protection Lets Remote Users Deny Service

Date
====
November 29, 2005 ? Research and Testing
Junary 10, 2006 ? Update Release

Vulnerability
=============
SYN attack Denial of Service (Flood Connections)

Severity
========
High

Affect Products
===============

[ more ]  [ reply ]