|
|
Prev week |
Colapse all |
Post message
[ GLSA 200509-09 ] Py2Play: Remote execution of arbitrary Python code 2005-09-17 Thierry Carrez (koon gentoo org) Re: PHP Nuke <= 7.8 Multiple SQL Injections 2005-09-16 Paul Laudanski (zx castlecops com) On Fri, 16 Sep 2005, Matthias Jim Knopf wrote: > What do you gain from that? In what way would you think your advice did > ANYTHING GOOD? > You did neither issue a "addslashes()" as appropriate for SQL-commands, > nor did you explain, why a variable set by a POST or a COOKIE could be > worse than [ more ] [ reply ] Re: PHP Nuke <= 7.8 Multiple SQL Injections 2005-09-16 Daniel Bonekeeper (thehazard gmail com) I made some tests and seems to me that just environments where magic_quotes_gpc = 'Off' are affected (which is not default on php). When magic_quotes_gpc = On, the query that is sent to database is interpreted as: SELECT active, view FROM nuke_modules WHERE title='\' OR 1=2 /*' Which is properly s [ more ] [ reply ] Possible memory corruption problems in Apple Safari 2005-09-17 Jonathan Rockway (jon jrock us) Hello, I was playing around with Safari the other day and noticed that it crashes solid if you convince it to visit: data://<h1>crash</h1> Typing it into the address bar is sufficient for testing and crashes the browser completely. I loaded up Safari in gdb to see where it crashes and got the fo [ more ] [ reply ] [BuHa-Security] Multiple vulnerabilities in (admincp/modcp of) vBulletin 3.0.8/9 2005-09-18 bugtraq morph3us org Dumb Question 2005-09-19 Sean Warnock (swarnock removeme warnocksolutions com) First of all I want to say hello to the few people that I meet at Toorcon 2005. For my first security conference you guys helped make it magical. Also greets go out to the guys from the San Fernando Linux users group. You guys are great and I'll have to make it your way one of these days. [ more ] [ reply ] Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure 2005-09-16 3APA3A (3APA3A SECURITY NNOV RU) Dear contact (at) airscanner (dot) com [email concealed], Wow! Local information leak for Pocket PC ;) The problem is exploitation is not trivial - it requires local attacker to be able to install software, because (as far as I know) there is no default application for Windows for Mobile to browse registry. Because Win [ more ] [ reply ] Web Application Security Analyzer for PHP-Nuke/phpBB CMS 2005-09-17 Paul Laudanski (zx castlecops com) With all the discussions surrounding the PHP-Nuke CMS wrapping phpBB2 as its forums, I've released an application called Analyzer (version 2.0) available from Download.com. It checks the following versions and reports if newer versions exist: mysql php apache phpnuke phpbb It also checks certai [ more ] [ reply ] Alstrasoft Epay Pro 2.0 and prior Directory Traversal Vulnerability 2005-09-19 h4cky0u gmail com ------------------------------------------------------ HYA-2005-008 h4cky0u.org Advisory 008 ------------------------------------------------------ Date - Mon Sep 19 2005 TITLE: ====== Alstrasoft Epay Pro 2.0 and prior Directory Traversal Vulnerability SEVERITY: ========= Medium SOFTWA [ more ] [ reply ] [Full-disclosure] killbits? should have named them kibbles and bits 2005-09-19 Ill will (xillwillx gmail com) Background: Killbits are used to block certain activex controls from running within windows It is possible using certain methods to bypass this remotely. This goes out to my favorite company in the whole world Microsoft. Thanks for the upcoming vacation. :) MS security department head (Hi Terry) wi [ more ] [ reply ] [ GLSA 200509-12 ] Apache, mod_ssl: Multiple vulnerabilities 2005-09-19 Thierry Carrez (koon gentoo org) Antigen 8.0 for Exchange/SMTP Rule Vulnerability 2005-09-19 Alan Monaghan (AlanM Gardnerweb com) ====================================================================== - Sybari Antigen for SMTP / Exchange Rule / Attachment Pass through - ====================================================================== 1) Affected Software Sybari Antigen v8.0 SR2 for Exchange/SMTP Other versions may als [ more ] [ reply ] router worms and International Infrastructure [was: Re: IOS exploit] 2005-09-19 Gadi Evron (ge linuxbox org) The text below is an email I just sent to the North American Network Operators Group. I believe asking for bugtraq's opinion is also critical. Thanks, Gadi. Michael.Dillon (at) btradianz (dot) com [email concealed] wrote: > Reading through the original Russian posting here > http://www.securitylab.ru/news/240415.php&direc [ more ] [ reply ] ERRATA: [ GLSA 200507-20 ] Shorewall: Security policy bypass 2005-09-17 Thierry Carrez (koon gentoo org) CuteNews 1.4.0 remote code execution 2005-09-17 retrogod aliceposta it CuteNews 1.4.0 (possibly prior versions) remote code execution software: site: http://cutephp.com/ description: "Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports comments, archives, search function, image uploading, backup [ more ] [ reply ] CuteNews 1.4.0 remote code execution 2005-09-17 retrogod aliceposta it CuteNews 1.4.0 (possibly prior versions) remote code execution software: site: http://cutephp.com/ description: "Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports comments, archives, search function, image uploading, backup [ more ] [ reply ] [ GLSA 200509-11 ] Mozilla Suite, Mozilla Firefox: Buffer overflow 2005-09-18 Thierry Carrez (koon gentoo org) [ GLSA 200509-10 ] Mailutils: Format string vulnerability in imap4d 2005-09-17 Thierry Carrez (koon gentoo org) Cisco IOS hacked? 2005-09-19 ciscoioshehehe (ciscoioshehehe yandex ru) today news on SecurityLab.ru (only in russian): http://www.securitylab.ru/news/240415.php * break CRC on CISCO IOS * Desgin Mechanism of cross-platform worm for IOS device. * Run IRC server on 2600 CISCO. * Found more vulnerabilities in EIGRP protocol. and some more... Online translate from Rus [ more ] [ reply ] Re: [Full-disclosure] FireFox Host: Buffer Overflow is not just exploitable on FireFox 2005-09-16 milw0rm Inc. (milw0rm gmail com) This problem also effects Thunderbird (tested) and im guessing Netscape's Mail client (untested) which it really can't do much except cause Thunderbird/Netscape to crash without javascript. Include the linked source in an email for your testing. http://www.milw0rm.com/down.php?id=1204 /str0ke On [ more ] [ reply ] Re: worring about YaST in SuSE 9.3 and maybe lower 2005-09-16 Marcus Meissner (meissner suse de) On Fri, Sep 16, 2005 at 09:01:19AM -0000, innate (at) gmx (dot) de [email concealed] wrote: > author: l0om > email: email:l0om | a7 | excluded d07 org > page: www.excluded.org > > worring about YaST in SuSE 9.3 and maybe lower > > iam wondering about the installation routine from SuSE linux 9.3 and maybe some lower veris [ more ] [ reply ] Greyhats Security back online 2005-09-16 pvnick gmail com It's been a while, but I have decided that because a lot of valuable information is hosted on greyhatsecurity.org, that it is within everyone's best interest to share the material. Some things that have changed: - The layout. The navigation system looks a lot cooler now (IMHO) and is easier to fol [ more ] [ reply ] Re: [Full-disclosure] FireFox Host: Buffer Overflow is not just exploitable on FireFox 2005-09-16 Juha-Matti Laurio (juha-matti laurio netti fi) > This problem also effects Thunderbird (tested) and im guessing > Netscape's Mail client (untested) which it really can't do much except > cause Thunderbird/Netscape to crash without javascript. > > Include the linked source in an email for your testing. > > http://www.milw0rm.com/down.php?id=120 [ more ] [ reply ] RE: [Full-disclosure] FireFox Host: Buffer Overflow is not justexploitable on FireFox 2005-09-15 Juha-Matti Laurio (juha-matti laurio netti fi) > Hi Juha! > > > I have informed the vendor Netscape being affected on 9th > > September 2005. > > I did the same on the 10th of September - still no reply nor official > statement from Netscape which makes me a little worried. Good to know. It seems that's their way to act. They had a coverage [ more ] [ reply ] Re: PHP Nuke <= 7.8 Multiple SQL Injections 2005-09-15 Paul Laudanski (zx castlecops com) On 14 Sep 2005 evaders99 (at) gmail (dot) com [email concealed] wrote: > I'd just like to report as a solution: the Nuke Patched files. These are being developed to cover all the latest vulnerabilities, and to fix issues with previous versions of phpNuke. > > These changes will be implemented to our CVS and package downloads [ more ] [ reply ] Re: PHP Nuke <= 7.8 Multiple SQL Injections 2005-09-15 Matthias Jim Knopf (jim users de) What do you gain from that? In what way would you think your advice did ANYTHING GOOD? You did neither issue a "addslashes()" as appropriate for SQL-commands, nor did you explain, why a variable set by a POST or a COOKIE could be worse than anything you could give any URL by appending '?name=...' o [ more ] [ reply ] Re: PHP Nuke <= 7.8 Multiple SQL Injections 2005-09-15 Paul Laudanski (zx castlecops com) On Fri, 16 Sep 2005, Matthias Jim Knopf wrote: > What do you gain from that? In what way would you think your advice did > ANYTHING GOOD? > You did neither issue a "addslashes()" as appropriate for SQL-commands, > nor did you explain, why a variable set by a POST or a COOKIE could be > worse than [ more ] [ reply ] Re: PHP SESSION MODIFICATION 2005-09-16 David N Murray (dmurray jsbsystems com) Why is this news? From the PHP docs on Session Handling Functions: <quote> Sessions and Security Using sessions, does not mean, you can be absolutely sure, that the session data can only be viewed by that user. This is important to keep in mind, when storing and displaying sensitive information. [ more ] [ reply ] |
|
Privacy Statement |
Gentoo Linux Security Advisory GLSA 200509-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
[ more ] [ reply ]