SecurityFocus

[ TZO-012005 ] F-Prot/Frisk Anti Virus bypass - ZIP Version Header 2005-11-02
Thierry Zoller (Thierry sniff-em com)

_______________________________________________________________________

F-Prot/Frisk Anti Virus bypass - ZIP Version Header
_______________________________________________________________________

Ref : TZO-012005-Fprot
Author : Thierry Zoller / Security Engineer
WWW : http://thi

[ more ] [ reply ]

Buffer-overflow and crash in FlatFrag 0.3 2005-11-02
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: FlatFrag
http://www.tzi.de/~jfk/projects/flatfrag/
Versions: <= 0.3
Platforms: Windows, Linux and more
Bugs: A] buffer-overflow

[ more ] [ reply ]

Socket termination in Battle Carry .005 2005-11-02
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: Battle Carry
http://www.battlecarry.com
Versions: <= .005
Platforms: Windows
Bug: socket termination
Exploitation: remote, versus server

[ more ] [ reply ]

Black Hat Federal and Europe CFP and Registration now open 2005-11-03
Jeff Moss (jmoss blackhat com)

Things have been busy at Black Hat, and I would like to make some brief announcements about our Call For Papers (CFP), Registration, RSS + Pod casts, and legal battles.

BLACK HAT FEDERAL 2006 Trainings and Briefings
January 23rd to the 26th Sheraton Crystal City, Washington D.C.
- Call For Papers

[ more ] [ reply ]

Stack Overflow Basics 2005-11-03
Nish securityfocus com, "[a-t]" securityfocus com,security securityfocus com, compass securityfocus com,dot securityfocus com, com securityfocus com

Hi,

Some articles on Writing Stack Based Overflows for Windows has been released by securitycompass. The articles released this week introduce basic concepts of of memory management, and assembly. Next week the next two articles will be released which cover writling local exploits, writing shellco

[ more ] [ reply ]

CuteNews 1.4.1 remote code execution 2005-11-03
retrogod aliceposta it

CuteNews 1.4.1 Arbitrary file inclusion / remote code execution exploit

software:
site: http://cutephp.com/
description: "Cute news is a powerful and easy for using news management system that
use flat files to store its database. It supports comments, archives, search function,
image uploading, b

[ more ] [ reply ]

MDKSA-2005:204 - Updated wget packages fix vulnerability 2005-11-01
Mandriva Security Team (security mandriva com)

[OpenPKG-SA-2005.023] OpenPKG Security Advisory (openvpn) 2005-11-02
OpenPKG (openpkg openpkg org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ] [ reply ]

[SECURITY] [DSA 879-1] New gallery packages fix privilege escalation 2005-11-02
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 879-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
November 2nd, 2005

[ more ] [ reply ]

MDKSA-2005:202 - Updated squirrelmail packages fix vulnerability 2005-11-01
Mandriva Security Team (security mandriva com)

MDKSA-2005:203 - Updated gda2.0 packages fix string format vulnerability 2005-11-01
Mandriva Security Team (security mandriva com)

[SECURITY] [DSA 880-1] New phpmyadmin packages fix several vulnerabilities 2005-11-02
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 880-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
November 2nd, 2005

[ more ] [ reply ]

[security bulletin] SSRT051029 rev.0 - HP OpenVMS Local Denial of Service (DoS) 2005-11-02
security-alter hp com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

HP SECURITY BULLETIN

HPSBOV01239 REVISION: 0

SSRT051029 rev.0 - HP OpenVMS Local Denial of Service (DoS)

NOTICE:
The information in this Security Bulletin should be acted upon
as soon as possible.

INITIAL RELEASE:
31 October 2005

POTENTIAL SECU

[ more ] [ reply ]

Simple PHP Blog: Multiple XSS Vulnerabilities 2005-11-02
enji infosys tuwien ac at

===========================================================
Simple PHP Blog: Multiple XSS Vulnerabilities
===========================================================
Technical University of Vienna Security Advisory
TUVSA-0511-001, November 2, 2005
====================================================

[ more ] [ reply ]

Cisco Security Advisory: Cisco Airespace Wireless LAN Controllers Allow Unencrypted Network Access 2005-11-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: IOS Heap-based Overflow Vulnerability in System Timers 2005-11-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IPS MC Malformed Configuration Download Vulnerability 2005-11-01
Cisco Systems Product Security Incident Response Team (psirt cisco com)

HYSA-2005-009 Elite Forum 1.0.0.0 XSS Vulnerability 2005-11-01
h4cky0u org gmail com

------------------------------------------------------
HYSA-2005-009 h4cky0u.org Advisory 009
------------------------------------------------------
Date - Tue Nov 1 2005

TITLE:
======

Elite Forum 1.0.0.0 XSS Vulnerability

SEVERITY:
=========

Medium

SOFTWARE:
=========

Elite Forum 1.0

[ more ] [ reply ]

VUBB XSS & path disclosure Vulnerabilities 2005-11-01
alireza hassani (trueend5 yahoo com)

[KAPDA::#10] - VUBB XSS & path disclosure
vulnerabilities
KAPDA New advisory

Vendor: http://www.vubb.com
Version: vubb alpha rc1
Bug: XSS & path disclosure
Exploitation: Remote with browser
Discussion:
--------------------
VuBB is a Free PHP/MySQL forum/bulletin board system.

Vulnerability:
----

[ more ] [ reply ]

[tool] multispoof - parallel spoofing for throughput increase 2005-11-01
Pawel Pokrywka (publicpp gmail com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am pleased to announce multispoof, a tool that demonstrates
effectiveness of automated mass mac-spoofing in Ethernet networks.
- From the web page:

What is multispoof?

Multispoof is an application, which exploits weak, address based
authentication v

[ more ] [ reply ]

APPLE-SA-2005-10-31 Mac OS X v10.4.3 2005-10-31
noreply securityfocus com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2005-10-31 Mac OS X v10.4.3

Mac OS X v10.4.3 and Mac OS X Server v10.4.3 are now available and
deliver the following security enhancements:

Finder
CVE-ID: CVE-2005-2749
Available for: Mac OS X v10.4.2, Mac OS X Server v10.4.2
Impact: File

[ more ] [ reply ]

SQL IN FORUM.PHP 2005-10-30
ABDUCTER_MINDS YAHOO COM

Class: Input Validation Error
CVE: CVE-MAP-NOMATCH
Remote: Yes
Discovered BY ABDUCTER & Expliot BY DEVIL-00
ABDUCTER_MINDS (at) S4A (dot) CC [email concealed] (OR) ABDUCTER_MINDS (at) YAHOO (dot) COM [email concealed]
Vulnerable:powered by oaboard 1.0
//////////////////////////////////
info:- FOR INFORMATION VISIT http://oaboard.mys

[ more ] [ reply ]

mwcollect v3.0.0 Release 2005-10-30
Georg Wicherski (georg-wicherski pixel-house net)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The Honeynet Project and Research Alliance are pleased to announce the
release of mwcollect v3.0.0 on http://www.mwcollect.org/ .

What's new?

The core has been completly rewritten. It is now even more modularized
and has prooven to be very stable. In

[ more ] [ reply ]

SQL In Invision Gallery 2.0.3 2005-10-30
almaster hotmail com

Credit: By aLMaSTeR HaCKeR [ almaster (at) hotmail (dot) com [email concealed]]

Vulnerable: Invision Gallery 2.0.3

EXPLIOT:

http://www.site.com/index.php?automodule=gallery&cmd=sc&cat=26&sort_key=
date&order_key=DESC&prune_key=30&st=|aLMaSTeR

The Error:

mySQL query error: SELECT i.*, m.members_display_name AS name, m.id AS

[ more ] [ reply ]

[ GLSA 200510-25 ] Ethereal: Multiple vulnerabilities in protocol dissectors 2005-10-30
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200510-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[ GLSA 200510-26 ] XLI, Xloadimage: Buffer overflow 2005-10-30
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200510-26
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

Advisory 17/2005: phpBB Multiple Vulnerabilities 2005-10-31
Stefan Esser (sesser hardened-php net)

OpenVPN[v2.0.x]: foreign_option() formart string vulnerability. 2005-10-31
v9 (v9 fakehalo us)

v9 (at) fakehalo (dot) us [email concealed]: OpenVPN[v2.0.x]: foreign_option() format string vulnerability.

1. BACKGROUND

OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which
can be used to securely link two or more private networks using an encrypted tunnel over
the Internet. OpenVPN's princ

[ more ] [ reply ]

Advisory 18/2005: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo() 2005-10-31
Stefan Esser (sesser hardened-php net)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hardened-PHP Project
www.hardened-php.net

-= Security Advisory =-

Advisory: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo()
Release Date: 2005/10/31
Last Modified

[ more ] [ reply ]