|
|
Colapse all |
Post message
[ MDKSA-2006:022 ] - Updated perl-Convert-UUlib packages fix vulnerability 2006-01-26 security mandriva com [SECURITY] [DSA 950-1] New CUPS packages fix arbitrary code execution 2006-01-23 joey infodrom org (Martin Schulze) iDefense Security Advisory 01.23.06: Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow Vulnerability 2006-01-23 labs-no-reply (at) idefense (dot) com [email concealed] (labs-no-reply idefense com) Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow Vulnerability iDefense Security Advisory 01.23.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376 January 23, 2006 I. BACKGROUND iTechnology is an integration technology which provides standard [ more ] [ reply ] Buffer Overflow /Font on mIRC 2006-01-24 Crowdat Kurobudetsu (crowdat gmail com) - 1 - Introduction Written by Khaled Mardam-Bey, mIRC is a friendly IRC client that is well equipped with options and tools. - 2 - Vulnerability description This bug was discovered by a friend (Racy) , with the command exposed by Racy only hung mIRC, but after debugging and testing, I discover t [ more ] [ reply ] Re: MySQL 5.0 information leak? 2006-01-22 Lance James (bugtraq securescience net) (1 replies) Burton Strauss wrote: >I'd get a refund on your coinage... root's password is not security by >obscurity, it is an undisclosed piece of information. There is a big >difference. > > Now we're arguing symantics, undislosed information would also by the MySQL information leak problem then too, as [ more ] [ reply ] Urgent Alert: Possible BlackWorm DDay February 3rd (Snort signatures included) 2006-01-24 Gadi Evron (ge linuxbox org) (1 replies) Hello. This is an urgent alert released by the cooperative efforts of the MWP / DA groups that also worked on the hurricane Rita scams. This task force is now known as the TISF BlackWorm task force. This task force involves many in the security (anti spam, CERTs, anti virus, academia, ISP's, etc.) [ more ] [ reply ] Re: [Full-disclosure] Urgent Alert: Possible BlackWorm DDay February 3rd (Snort signatures included) 2006-01-24 Dude VanWinkle (dudevanwinkle gmail com) [ GLSA 200601-13 ] Gallery: Cross-site scripting vulnerability 2006-01-26 Stefan Cornelius (dercorny gentoo org) [SECURITY] [DSA 957-1] New ImageMagick packages fix arbitrary command execution 2006-01-26 joey infodrom org (Martin Schulze) Windows mem leakage 2006-01-24 endrazine pulltheplug org Desc : Windows Dos emulation allows dumping of first 1 Mo of RAM (with no particular privilege). Tested under : Win 2000, XP SP2, 2003 Code : ;---------------- [ dumper.asm ]----------------------------------------- ; Dump first 1 Mo of memory under any MS product ; 1 Mo is the maximum quantity o [ more ] [ reply ] [eVuln] "my little homepage" products [link] BBCode XSS Vulnerability 2006-01-26 alex evuln com New eVuln Advisory: "my little homepage" products [link] BBCode XSS Vulnerability http://evuln.com/vulns/51/summary.html --------------------Summary---------------- Vendor: my little homepage Vendor's Web Site: http://www.mylittlehomepage.net/ Software: All products Versions: 2004.04.20 Critical Le [ more ] [ reply ] [ISecAuditors Advisories] Arbitrary flash code remote execution in 123flashchat 2006-01-24 ISecAuditors Security Advisories (advisories isecauditors com) ============================================= INTERNET SECURITY AUDITORS ALERT 2006-003 - Original release date: January 12, 2006 - Last revised: January 23, 2006 - Discovered by: Jesus Olmos Gonzalez - Severity: 4/5 ============================================= I. VULNERABILITY ------------------- [ more ] [ reply ] [eVuln] AndoNET Blog SQL Injection Vulnerability 2006-01-26 alex evuln com New eVuln Advisory: AndoNET Blog SQL Injection Vulnerability http://evuln.com/vulns/50/summary.html --------------------Summary---------------- Software: AndoNET Blog Sowtware's Web Site: http://www.andonet.tk/ Versions: 2004.09.02 Critical Level: Moderate Type: SQL Injection Class: Remote Status: [ more ] [ reply ] Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack 2006-01-26 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack Advisory ID: cisco-sa-20060126-vpn http://www.cisco.com/warp/public/707/cisco-sa-20060126-vpn.shtml Revision 1.0 For Public Release 2006 January 26 1700 UTC (GMT) [ more ] [ reply ] [HSC] Multiple transversal bug in vis 2006-01-26 spher3 hackerscenter com Hackers Center Security Group (http://www.hackerscenter.com/) spher3's Security Advisory Multiple transversal bug in vis.pl ------------------------------------------------------------------------ -- Description: Vis.pl is a perl script which manages files in order to show these; you can f [ more ] [ reply ] SamiFTPd buffer overflow 2006-01-24 admin critical lt Sami FTP server buffer overflow Critical Security advisory #007 - 2006-01-24 16:20:08 Product: Sami FTP 2.0.1 Vuln type: Stack based buffer overflow Risk: Moderate Attack: Remote Original advisory: http://www.critical.lt/?vulnerabilities/208 Sami FTP Server buffer overflow vulnerability Prod [ more ] [ reply ] BlackWorm: 2 million infected? ISP notifications. 2006-01-25 Gadi Evron (ge linuxbox org) 2 million hits: The counter is now at 2 million. Check out Sunbelt?s blog on this: http://sunbeltblog.blogspot.com/2006/01/blackworm-worm-over-18-million.h tml From past experience the 2 million hits probably mean a little over a million users infected. ISP notification: In cooperation with man [ more ] [ reply ] SUSE Security Announcement: nfs-server/rpc.mountd remote code execution (SUSE-SA:2006:005) 2006-01-26 Marcus Meissner (meissner suse de) SUSE Security Announcement: phpMyAdmin (SUSE-SA:2006:004) 2006-01-26 Ludwig Nussel (ludwig nussel suse de) [security bulletin] SSRT061104 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update January 2006 2006-01-24 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00593668 Version: 1 HPSBMA02094 SSRT061104 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update January 2006 NOTICE: The information in this Security Bulletin should be acted upon as soon [ more ] [ reply ] [ GLSA 200601-12 ] Trac: Cross-site scripting vulnerability 2006-01-26 Stefan Cornelius (dercorny gentoo org) [SECURITY] [DSA 956-1] New lsh-utils packages fix local vulnerabilities 2006-01-26 joey infodrom org (Martin Schulze) Re: [OSVDB Mods] iNETstore E Commerce Solution - Cross Site Scripting 2006-01-26 iNETstore Support (support inetstore com) Please note this problem has been fixed and changes propagated to all iNETstore servers world wide. Please update your records. thank you iNETstore Support On Fri, 20 Jan 2006 17:33:14 +1100, "iNETstore Support" <support (at) inetstore (dot) com [email concealed]> said: > iNETstore E Commerce Solution - Cross Site Scripting [ more ] [ reply ] MyBB 1.0.2 XSS attack in search.php redirection 2006-01-25 addmimistrator gmail com http://127.0.0.1/mybb/search.php?action=do_search&keywords=&postthread=1 &author=imei&matchusername=1&forums=all&findthreadst=1&numreplies=&postd ate=0&pddir=1&sortby="><script language=javascript>alert(document.cookie)</script>&sorder=1&showresults =threads&submit=Search --------------------Summary--- [ more ] [ reply ] |
|
Privacy Statement |
#include <stdio.h>
/*
* .::[ BitComet URI Buffer Overflow ]::.
*
* A vulnerability in BitComet, allows remote attackers construct a special .torrent file and put
* it on any BitTorrent publishing web site. When a user downloads the .torrent file and clicks
* on publishers nam
[ more ] [ reply ]