|
|
Colapse all |
Post message
Malware Removal and Prevention Procedure 2005-11-11 Paul Laudanski (zx castlecops com) We would like to introduce visitors to an exciting and valuable new resource available at CastleCops called the Malware Removal and Prevention procedure. This procedure is designed to enable users to either partially, or fully clean their systems without the direct aid of an expert. It provides inst [ more ] [ reply ] Cyphor (Release: 0.19) Sql injection 2005-11-13 s2b hotmail com Hello This is sql injection in cyphor Discovered by : HACKERS PAL Greets For Devil-00 - Abducter - Almaster -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- injected vresions :- Cyphor (Release: 0.19) and all Versions Up To now -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- injected File show.php -=-=-=-=-=-=-=-=-=-=-=-=-= [ more ] [ reply ] Beta product testing 2005-11-14 Bill Stout (bill stout greenborder com) Hello, I'm looking to get blunt feedback from security analysts on beta product releases, but before I describe the product or make a call for beta testers I have a few general questions: * Who are the leading contracted security testing companies, and what's the advantage of using them? * Who are [ more ] [ reply ] List of Security-oriented Fairs/Events/Conferences? 2005-11-14 Rainer Duffner (rainer ultra-secure de) [security bulletin] HPSBUX02075 SSRT051074 - HP-UX Running xterm Local Unauthorized Access 2005-11-14 security-alert hp com MD4 and MD5 collision generators 2005-11-14 sflist digitaloffense net I am releasing my collision generators for MD4 and MD5. They have significant time improvements over the ones described in the papers by Wang, et al. MD4 collisions can be generated almost instantly, MD5 can be generated in approximately 45 minutes on my p4 1.6ghz (on average). http://www.stach [ more ] [ reply ] [KAPDA::#12] - ekinboard XSS and HTML Injection 2005-11-14 alireza hassani (trueend5 yahoo com) [KAPDA::#12] - ekinboard XSS and HTML Injection KAPDA New advisory Vendor: http://www.ekinboard.com Vulnerable Version: 1.0.3 Bug: XSS and HTML Injection Exploitation: Remote with browser Description: -------------------- ekinboard is an open source forum software designed and programmed by ekind [ more ] [ reply ] Cisco Security Advisory: Multiple Vulnerabilities Found by PROTOS IPSec Test Suite 2005-11-14 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities Found by PROTOS IPSec Test Suite Advisory ID: 68158 http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml Revision 1.0 For Public Release 2005 November 14 1100 GMT (UTC) - ------------- [ more ] [ reply ] Advisory 22/2005: Multiple vulnerabilities in phpSysInfo 2005-11-13 Christopher Kunz (christopher kunz hardened-php net) iDefense Security Advisory 11.11.05: Multiple Vendor Lynx Command Injection Vulnerability 2005-11-11 labs-no-reply (at) idefense (dot) com [email concealed] (labs-no-reply idefense com) Multiple Vendor Lynx Command Injection Vulnerability iDefense Security Advisory 11.11.05 www.idefense.com/application/poi/display?id=338&type=vulnerabilities November 11, 2005 I. BACKGROUND Lynx is a fully-featured WWW client for users running cursor- addressable, character-cell display devices s [ more ] [ reply ] [SECURITY] [DSA 893-1] New acidlab packages fix SQL injection 2005-11-14 joey infodrom org (Martin Schulze) DMA[2005-1112a] - 'Veritas Storage Foundation VCSI18N_LANG buffer overflow' 2005-11-12 Kevin Finisterre (kf digitalmunition com) [FLSA-2005:152848] Updated glibc packages fix security issues 2005-11-14 Marc Deslauriers (marcdeslauriers videotron ca) fipsCMS light - vulnerable to script injection. 2005-11-14 preben watchcom no fipsCMS lights is a freeware product of fipsasp.com. If you log on as admin, you can generate new pages in the CMS system. If you inject the "headline" field with scriptingcode like <script>alert(?code executed?)</script>, this will automaticly launch when a users visits that site. Please credit t [ more ] [ reply ] [ GLSA 200511-11 ] linux-ftpd-ssl: Remote buffer overflow 2005-11-13 Thierry Carrez (koon gentoo org) [ GLSA 200511-10 ] RAR: Format string and buffer overflow vulnerabilities 2005-11-13 Thierry Carrez (koon gentoo org) XOOPS 2.2.3 Final arbitrary local inclusion / XOOPS WF-Downloads module v 2.05 SQL Injection 2005-11-12 retrogod aliceposta it 11.04 12/11/2005 [1]XOOPS 2.2.3 Final arbitrary local inclusion [2]XOOPS WF-Downloads module v 2.05 SQL Injection / Administrative credentials disclousre / Remote commands execution software: site: http://www.xoops.org/ description: "XOOPS is an extensible, OO (Object Oriented), easy to use dynam [ more ] [ reply ] PHPCalendar (and some more codegrrl.com products) arbitrary code execution 2005-11-13 r verton gmail com PHPCalendar (and some more codegrrl.com products) arbitrary code execution ======================================================================== == Software: PHPCalendar, PHPClique, PHPFanBase, PHPCurrently, PHPQuotes Severity: Arbitrary code execution Risk: High Author: Robin Verton [ more ] [ reply ] Multiple Bugs in MyBB 1.0 PR2 Rev 686(Updated Nov 1, 2005) 2005-11-14 syini666 gmail com Description: MyBB is a powerful, efficient and free forum package developed in PHP and MySQL. MyBB has been designed with the end users in mind, you and your subscribers. Full control over your discussion system is presented right at the tip of your fingers, from multiple styles and themes to the ul [ more ] [ reply ] MDKSA-2005:211 - Updated lynx packages fix critical vulnerability 2005-11-12 Mandriva Security Team (security mandriva com) SQL injection in phpWebThing 1.4.4 2005-11-11 A 1 M Hotmail com Vulnerable: phpWebThings 1.4.4 website : http://phpwebthings.org The bug in download.php ThE Exploit : http://www.target.com/download.php?file=|SQL ThE Error: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ' [ more ] [ reply ] ZRCSA-200502 - phpAdsNew SQL Injection Vulnerabilities 2005-11-11 Siegfried (siegfri3d gmail com) ZRCSA-200502 - phpAdsNew SQL Injection Vulnerabilities Zone-H Research Center Security Advisory 200502 http://www.zone-h.fr Date of release: 11/11/2005 Software: phpAdsNew (www.phpadsnew.com) Affected versions: <= 2.0.6 2.0.7rc1 (latest CVS snapshot) Risk: Medium Discovered by: Kevin Fernandez "Si [ more ] [ reply ] [SECURITY] [DSA 895-1] New uim packages fix privilege escalation 2005-11-14 joey infodrom org (Martin Schulze) High Risk Flaw in RealPlayer 2005-11-11 NGSSoftware Insight Security Research (nisr nextgenss com) John Heasman of NGSSoftware has discovered a high risk vulnerability in RealPlayer. Versions affected include: RealPlayer 10.5 (6.0.12.1040-1235) RealPlayer 10 (Note: RealOne Player v1 & v2, RealPlayer 8 and RealPlayer Enterprise have also been updated to resolve issues reported by other securit [ more ] [ reply ] [EEYEB-20050701] - RealPlayer Zipped Skin File Buffer Overflow II 2005-11-10 Advisories eeye com RealPlayer Zipped Skin File Buffer Overflow II Release Date: November 10, 2005 Date Reported: June 26, 2005 Severity: High (Code Execution) Vendor: RealNetworks Systems Affected: Windows: RealPlayer 10.5 (6.0.12.1040-1235) RealPlayer 10 RealOne Player v2 RealOne Player v1 RealPlayer 8 Overview [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA256
Federal Efforts to Improve Security and Reliability of Electronic Voting
Systems Are Under Way, but Key Activities Need to Be Completed
...
the complete report is available here -
http://www.gao.gov/new.items/d05956.pdf
included below is the "Res
[ more ] [ reply ]