|
|
Colapse all |
Post message
RE: WMF vulnerability was a deliberate backdoor? 2006-01-16 Alex Eckelberry (AlexE sunbelt-software com) CounterPath eyeBeam Handing SIP header Vulnerabilities 2006-01-16 zwell sohu com eyeBeam is a SIP softphone supporting open standards for VoIP, Video and Instant Messaging. There is a vunerability in it while handing SIP header with a large field name like this: INVITE sip:a (at) 127.0.0 (dot) 1 [email concealed] SIP/2.0 Via: SIP/2.0/UDP 127.0.0.1:5060;branch=z9hG4bK00001249z9hG4bK.00004119 From: 1249 < [ more ] [ reply ] [SECURITY] [DSA 941-1] New tuxpaint packages fix insecure temporary file creation 2006-01-16 joey infodrom org (Martin Schulze) Directory traversal in phpXplorer 2006-01-16 Oriol Torrent (oriol torrent gmail com) ========================================================== Title: Directory traversal in phpXplorer Application: phpXplorer Vendor: http://www.phpxplorer.org Vulnerable Versions: 0.9.33 Bug: directory traversal Date: 16-January-2006 Author: Oriol Torrent Santiago < oriol.torrent.AT.gmail.com > Ref [ more ] [ reply ] Apache Geronimo 1.0 - CSS and persistent HTML-Injectionvulnerabilities 2006-01-15 oliver karow (oliver karow gmx de) Apache Geronimo 1.0 - CSS and persistent HTML-Injection vulnerabilities ======================================================================== Product: ======== Apache Geronimo is the J2EE server project of the Apache Software Foundation. Version: ======== Apache Geronimo 1.0, Jetty 5.1.9 Vu [ more ] [ reply ] [SECURITY] [DSA 943-1] New Perl packages fix arbitrary code execution 2006-01-16 joey infodrom org (Martin Schulze) [eVuln] Bit 5 Blog JavaScript Insertion Vulnerability 2006-01-15 alex evuln com New eVuln Advisory: Bit 5 Blog JavaScript Insertion Vulnerability http://evuln.com/vulns/32/summary/bt/ --------------------Summary---------------- Software: Bit 5 Blog Sowtware's Web Site: http://bit5blog.sourceforge.net/ Versions: 8.01 Critical Level: Harmless Type: Cross-Site Scripting Class: R [ more ] [ reply ] DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal' 2006-01-13 KF (lists) (kf_lists digitalmunition com) DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal' Author: Kevin Finisterre Vendor: http://www.toshiba-tro.de/ Product: 'Toshiba Bluetooth Stack <=v4.00.23(T)' References: http://www.digitalmunition.com/DMA[2006-0112a].txt Description: Toshiba was one of the first companies to pro [ more ] [ reply ] MDKSA-2006:013 - Updated kolab packages fix vulnerability 2006-01-13 Mandriva Security Team (security mandriva com) Visual Studio Remote Code Execution 2006-01-13 priest priestmaster org Hi, I coded a remote code execution exploit for visual studio 2005 and below. If you open a solution and you click on the Form1.cs file the code inside the UserControl1_Load function is executed. You can code your backdoor inside this function. Basically the exploit only start a calc.exe applicati [ more ] [ reply ] [ISecAuditors Advisories] Arbitrary remote file creation in 123flashchat server 2006-01-13 ISecAuditors Security Advisories (advisories isecauditors com) ============================================= INTERNET SECURITY AUDITORS ALERT 2006-001 - Original release date: January 09, 2006 - Last revised: January 13, 2006 - Discovered by: Jesus Olmos Gonzalez - Severity: 4/5 ============================================= I. VULNERABILITY ------------------- [ more ] [ reply ] DDSN CMS Admin Panel SQL Injection Vulnerability 2006-01-13 khc bsdmail org Web Site : http://www.ddsn.com and http://www.cm3cms.com Description : DDSN is an expert provider of professional services surrounding the science of content management: Design, information architecture, deployment, and integration. In addition we offer our own content management software: Our [ more ] [ reply ] DIMVA 2006 Call for Papers 2006-01-13 thomas suse de (Thomas Biege) Sorry, if you receive multiple copies of this Call for Papers. RECENT UPDATES!!! ----------------- - Due to multiple requests the paper submission deadline has been extended to Friday, January 27, 2006! - Selected papers will be published in revised and extended version in a special issue of S [ more ] [ reply ] Linksys VPN Router (BEFVP41) DoS Vulnerability 2006-01-13 paul14075 gmail com Linksys BEFVP41 (possibly others) (not sure which firmware) can be instantenously crashed by sending a specially crafted IP packet with a null length for IP option #0xE4 , like this one: 00 0f 66 99 a3 45 00 10 5a cc 59 84 08 00 46 00 00 2c 04 d2 00 00 ff aa 06 2a c0 a8 01 65 43 08 c6 15 e4 00 [ more ] [ reply ] [eVuln] Light Weight Calendar PHP Code Execution 2006-01-13 alex evuln com New eVuln Advisory: Light Weight Calendar PHP Code Execution http://evuln.com/vulns/29/summary.html --------------------Summary---------------- Software: Light Weight Calendar Sowtware's Web Site: http://sourceforge.net/projects/lwcal/ Versions: 1.0 Critical Level: Dangerous Type: PHP Code Executi [ more ] [ reply ] AlstraSoft Template Seller Pro Cross-Site Scripting Vulnerability 2006-01-13 night_warrior771 hotmail com ##Night_Warrior<Kurdish Hacker> ##night_warrior771[at]hotmail.com ##AlstraSoft Template Seller Pro Cross-Site Scripting Vulnerability ##http://www.alstrasoft.com http://vicktimhost/template/fullview.php?tempid=[XSS] Contact :night_warrior771[at]hotmail.com Night_Warrior<Kurdihs Hacker> [ more ] [ reply ] DCP Portal Cross-Site Scripting Vulnerability 2006-01-13 night_warrior771 hotmail com ##Night_Warrior<Kurdish Hacker> ##night_warrior771[at]hotmail.com ##DCP Portal Cross-Site Scripting Vulnerability ##http://www.dcp-portal.org http://vicktimhost/calendar.php?show=full_month&s=1&submit=GO&day=[XSS] http://vicktimhost/search.php post this code <script>alert('night_warrior');</script> [ more ] [ reply ] MyBB 1.0.2 SQL injection 2006-01-13 addmimistrator gmail com Hey this is a bug report for mybb software ( forum software downloadable from http://www.mybboard.com) bug found by imei; bug is in usercp.php file line 830 (ver 1.0.2 latest ver) that allows SQL injection bug is in result of poor checking for $mybb->input['threadmode'] value that can have quote and [ more ] [ reply ] WMF vulnerability was a deliberate backdoor? 2006-01-13 Brooks, Shane (SBrooks orangelake com) I've recently had my attention brought to a post from Steve Gibson in the grc.com forums, which contains the following quote: <snippet> The only conclusion that can reasonably be drawn is that this [setAbortProc procedure] was a deliberate backdoor put into all of Microsoft's recent editions of W [ more ] [ reply ] [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability 2006-01-10 Advisories (Advisories eeye com) EEYEB-20050801 Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability Release Date: January 10, 2006 Date Reported: July 31, 2005 Time to Patch: 163 Days Severity: High (Code Execution) Systems Affected: Windows ME Windows 98 Windows NT Windows 2000 Windows XP SP1 / SP2 Windows Serve [ more ] [ reply ] [SECURITY] [DSA 936-1] New libextractor packages fix arbitrary code execution 2006-01-11 joey infodrom org (Martin Schulze) FreeBSD Security Advisory FreeBSD-SA-06:02.ee 2006-01-11 FreeBSD Security Advisories (security-advisories freebsd org) Hacking With The Google Search Engine 2006-01-14 Paul Laudanski (zx castlecops com) By Darren W. Miller, aka defendingthenet, CastleCops Staff Writer Jan 14, 2006 Google: Yes, You Can Find Just About Anything Hackers and security experts use various custom and open source tools to complete their tasks. In fact, one of the tools they use you probably use every time you browse t [ more ] [ reply ] FullPath disclosure in Xaraya 1.0.1 2006-01-14 king_purba yahoo co uk Author : Ph03n1X http://student.te.ugm.ac.id/~phoenix03 Description Software : Xaraya v 1.0.1 http://xaraya.com PoC : 1. http://site.xxx/xaraya/xaraya-1.0.1/html/includes/xarTemplate.php Call to undefined function: xarcoregetvardirpath() in/usr/local/www/xaraya/xaraya-1.0.1/html/includes/xarTempl [ more ] [ reply ] MyBB 1.0.2 SQL injection in usercp.php 2006-01-14 addmimistrator gmail com this is a bug report for MyBB 1.0.2(latest version) bug found by imei there is a security bug in usercp.php line 830 that Allows SQL Injection and can result to full access to admin cp. bug is in result of poor checking of $mybb->input['threadmode'] value against all other values in usercp.php file [ more ] [ reply ] ezDatabase 2.0 and below 2006-01-14 none none com ezDatabase 2.0 and below ezDatabase 2.0 and below ========================================= www.ezdatabase.org "ezDatabase is the foundation for your online databases. It is a powerful web based application that allows even non-technical users to create online databases for their website. ezDatabas [ more ] [ reply ] [KAPDA::#21] - HomeFtp v1.1 Denial of Service 2006-01-14 cvh securityfocus com, "[a]" securityfocus com,kapda ir securityfocus com [KAPDA::#21] - HomeFtp v1.1 Denial of Service KAPDA New advisory Vulnerable products : HomeFtp v1.1 Vendor: Helmsman(http://www.Frigate3.com) Risk: High Vulnerabilities: Denial of service Date : -------------------- Found : Aug 21 2005 Vendor Contacted : Aug 21 2005 Release Date : Jan 14 2006 A [ more ] [ reply ] |
|
Privacy Statement |
http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx
-----Original Message-----
From: Brooks, Shane [mailto:SBrooks (at) orangelake (dot) com [email concealed]]
Sent: Friday, January 13, 2006 2:31 PM
To: bugtraq (at) securityfocus (dot) com [email concealed]
Subject: WMF vulnerability was a deliberate backdoor?
I've recen
[ more ] [ reply ]