|
|
Colapse all |
Post message
[security bulletin] SSRT051069 - HP Tru64 Unix Secure Web Server (SWS 6.4.1 and earlier) PHP/XMLRPC Remote Unauthorized Execution of Arbitrary Code 2005-12-09 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00576921 Version: 1 HPSBTU02083 SSRT051069 - HP Tru64 Unix Secure Web Server (SWS 6.4.1 and earlier) PHP/XMLRPC Remote Unauthorized Execution of Arbitrary Code NOTICE: The information in this Se [ more ] [ reply ] Website Baker <=2.6.0 SQL Injection -> Login bypass -> remote code execution 2005-12-08 retrogod aliceposta it Website Baker <=2.6.0 SQL Injection -> Login bypass -> remote code execution software: site: http://www.websitebaker.org/2/home/ description: "Website Baker 2, the Open Source Content Management System designed to enable users to produce websites with ease." if magic_quotes_gpc off y [ more ] [ reply ] [SECURITY] [DSA 917-1] New courier packages fix unauthorised access 2005-12-08 joey infodrom org (Martin Schulze) -Exploiting Freelist[0] On Windows XP Service Pack 2- 2005-12-08 Brett Moore (brett moore security-assessment com) -Exploiting Freelist[0] On Windows XP Service Pack 2- Windows XP Service pack 2 introduced some new security measures in an attempt to prevent the use of overwritten heap headers to do arbitrary byte writing. This method of exploiting heap overflows, and the protection offered by service pack 2, is [ more ] [ reply ] Airscanner Mobile Security Advisory: Remote Hard Reset Data Wipe and DoS of Pocket Controller v5.0 (#AS05080401) 2005-12-07 contact removethis removethis airscanner com ------------------------------------- Airscanner Mobile Security Advisory: (#AS05080401) (Critical) ------------------------------------- Remote Hard Reset Data Wipe and DoS of Pocket Controller v5.0 (#AS05080401) Date of discovery: August 4, 2005 Product: Pocket Controller-Professional V5 (lat [ more ] [ reply ] iDefense Security Advisory 12.07.05: Dell TrueMobile 2300 Wireless Broadband Router Authentication Bypass Vulnerability 2005-12-07 labs-no-reply (at) idefense (dot) com [email concealed] (labs-no-reply idefense com) Dell TrueMobile 2300 Wireless Broadband Router Authentication Bypass Vulnerability iDefense Security Advisory 12.07.05 www.idefense.com/application/poi/display?id=348&type=vulnerabilities December 7, 2005 I. BACKGROUND The Dell TrueMobile 2300 Wireless Broadband Router is an 802.11b/g wireless a [ more ] [ reply ] [security bulletin] SSRT051037 HP-UX Running IPSec Remote Unauthorized Access 2005-12-07 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00574124 Version: 1 HPSBUX02082 SSRT051037 HP-UX Running IPSec Remote Unauthorized Access NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Dat [ more ] [ reply ] [security bulletin] SSRT5954 Revised - HP-UX TCP/IP Remote Denial of Service (DoS) 2005-12-07 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00571568 Version: 7 HPSBUX01137 SSRT5954 Revised - HP-UX TCP/IP Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Releas [ more ] [ reply ] [ GLSA 200512-01 ] Perl: Format string errors can lead to code execution 2005-12-07 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [ GLSA 200512-02 ] Webmin, Usermin: Format string vulnerability 2005-12-07 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [KDE Security Advisory] multiple buffer overflows in kpdf/koffice 2005-12-07 Dirk Mueller (mueller kde org) [security bulletin] SSRT4884 HP-UX TCP/IP Remote Denial of Service (DoS) 2005-12-07 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00576017 Version: 8 HPSBUX01164 SSRT4884 HP-UX TCP/IP Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 20 [ more ] [ reply ] Journal of Computer Virology-Call for Papers 2005-12-07 Saeed Abu Nimeh (drellman hotmail com) Call for Papers Journal of Computer Virology In association with Mobile Antivirus Researchers Assoc. Special Issue on Mobile Malware and Anti-Malware Technologies Any new computer technology cannot ignore the risk of malware. As soon as a new technical novelty appears, malware risk should be [ more ] [ reply ] DRZES HMS XSS and SQL Injection Vulnerabilities 2005-12-07 vipsta gmail com Description: (http://www.drzes.com/) An all-in-one web hosting management system. A feature-rich, robust, easy-to-use control panel and billing system. A "self-branding" web hosting management system. No DRZES branding. Both the admin and customer can control multiple plans/servers from one centrali [ more ] [ reply ] Mobile Antivirus Researchers Assoc. Call for White Papers 2005-12-07 contact removethis removethis mobileav org ### Call for White Papers ### The Journal of Computer Virology in association with the Mobile Antivirus Researchers Assoc. invites authors to discuss the state of the art of malware and anti-malware technologies and security issues for mobile environments. Authors are invited to submit full techni [ more ] [ reply ] Advisory 24/2005: libcurl URL parsing vulnerability 2005-12-07 Stefan Esser (sesser hardened-php net) [SECURITY] [DSA 916-1] New Inkscape packages fix arbitrary code execution 2005-12-07 joey infodrom org (Martin Schulze) SugarSuite Open Source <= 4.0beta Remote code execution 2005-12-07 retrogod aliceposta it SugarSuite Open Source <= 4.0beta Remote code execution software: site: http://www.sugarcrm.com/crm/ i) vulnerable code in acceptDecline.php at lines 81-82 ... $bean = $beanList[$_REQUEST['module']]; require_once($beanFiles[$bean]); ... if register_globals on & allow_url_fopen on in php.ini, [ more ] [ reply ] SimpleBBS <= v1.1 remote commands execution in c by: unitedasia security crew 2005-12-07 unitedasia unitedasia com /* SimpleBBS <= v1.1 remote commands execution in c coded by: unitedasia v.Dec.7.2005 greetz: iloveyouma http://geography.about.com/library/maps/blrasia.htm http://www.lib.utexas.edu/maps/middle_east_and_asia/asia_pol00.jpg $ gcc -o bbs bbs.c Usage ./bbs [host] [/folder/] [cmd] $ ./bbs www.so [ more ] [ reply ] [KAPDA::#15] - ThWboard multiple vulnerabilities 2005-12-07 alireza hassani (trueend5 yahoo com) KAPDA New advisory Vendor: http://www.thwboard.de Vulnerable Version: 3 beta 2.8 Bug: HTML Injection , XSS , SQL Injection Exploitation: Remote with browser Description: -------------------- ThWboard is a freely available German PHP-based message board program that uses a MySQL database. Vulnerab [ more ] [ reply ] Advisory 25/2005: phpMyAdmin Variables Overwrite Vulnerability 2005-12-07 Stefan Esser (sesser hardened-php net) Critical Myspace.com Vulnerabilites 2005-12-07 silentproducts gmail com (Is there a rule I am breaking in the scope of this advisory??) http://www.silent-products.com/advisory12.5.05.txt Critical Myspace Vulnerabilities Leave Every Active Account Exploitable Reported December 5th, 2005 Introduction ------------ In this advisory we will be detailing some very recent ho [ more ] [ reply ] [USN-225-1] Apache 2 vulnerability 2005-12-06 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-225-1 December 06, 2005 apache2 vulnerability CVE-2005-2970 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubunt [ more ] [ reply ] [USN-224-1] Kerberos vulnerabilities 2005-12-06 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-224-1 December 06, 2005 krb4, krb5 vulnerabilities CVE-2005-0468, CVE-2005-0469, CVE-2005-1174, CVE-2005-1175, CVE-2005-1689 =========================================================== A security issue affects [ more ] [ reply ] iDefense Security Advisory 12.05.05: Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability 2005-12-06 iDEFENSE Labs (labs-no-reply idefense com) Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability iDefense Security Advisory 12.05.05 www.idefense.com/application/poi/display?id=344&type=vulnerabilities December 5, 2005 I. BACKGROUND Xpdf is an open-source viewer for Portable Document Format (PDF) files. II. DESCRIPTION Local [ more ] [ reply ] iDefense Security Advisory 12.05.05: Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability 2005-12-06 iDEFENSE Labs (labs-no-reply idefense com) Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability iDefense Security Advisory 12.05.05 www.idefense.com/application/poi/display?id=345&type=vulnerabilities December 5, 2005 I. BACKGROUND Xpdf is an open-source viewer for Portable Document Format (PDF) files. II. DESCRIPTION Loca [ more ] [ reply ] |
|
Privacy Statement |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Patch Notification: Multiple critical vulnerabilities in MyBB
Name: TKPN2005-12-001
Revision: 1.0
Release Date: 2005/12/09
Last Modified: 2005/12/09
Date Reported: 2005/11/07
Author:
[ more ] [ reply ]