SecurityFocus

[ GLSA 200508-13 ] PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability 2005-08-24
Thierry Carrez (koon gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200508-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

unload event in ie/mozilla/opera 2005-08-23
Tobias Boonstoppel (boonstoppel gmail com) (1 replies)

in nearly all browsers* you can overwrite the window location in the
"onunload" event.

that means you can "keep" the user on a site. when you type a new url
in the address-bar, javascript overwrites it. thats a paradies for
fishers, porn-site-hoster etc......

here the html/javascript code:

<html>

[ more ] [ reply ]

RE: unload event in ie/mozilla/opera 2005-08-24
David Gillett (gillettdavid fhda edu)

RE: Remote IIS 5.x and IIS 6.0 Server Name Spoof 2005-08-24
Sacha Faust (sfaust spidynamics com)

That's correct. Back in 2000-2001 I reported to Microsoft that they were using SERVER_NAME variable in some of their sample application which made some site even more vulnerable. Any server variable should be considered untrusted and validated like any other user input. This is the reason why our S

[ more ] [ reply ]

Foojan PHP Weblog Information Disclosure - Refferer Html Injection 2005-08-24
ali202 fastermail com

Vendor : http://foojan.soltoononline.com
A complete Persian PHP Weblog (WMS)

Example Information Disclosure:
http://[target]/[foojan]/adminmodules/daylinks/index.php
http://[target]/[foojan]/index.php?daylinkspage=-1

Refferer Html Injection

Where : in gmain.php

$Weblog-> query ("INSERT INTO `v

[ more ] [ reply ]

LeapFTP .lsq Buffer Overflow Vulnerability 2005-08-24
Sowhat . (smaillist gmail com)

LeapFTP .lsq Buffer Overflow Vulnerability

by Sowhat

Last Update:2005.08.24

http://secway.org/advisory/AD20050824.txt

Vendor:

LeapWare Inc.

Product Affected:

LeapFTP < 2.7.6.612

Overview:

LeapFTP is the award-winning shareware FTP client that combines an
intuitive interface with one of the

[ more ] [ reply ]

[SECURITY] [DSA 783-1] New mysql packages fix insecure temporary file 2005-08-24
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 783-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
August 24th, 2005

[ more ] [ reply ]

Re: Beehive Forum Multiple Vulnerabilities 2005-08-24
wibble wobble securityfocus com

These vulnerabilities are fixed in the current release (version 0.6.1)

[ more ] [ reply ]

Secunia Research: HAURI Anti-Virus ACE Archive Handling BufferOverflow 2005-08-24
Secunia Research (vuln secunia com)

======================================================================

Secunia Research 24/08/2005

- HAURI Anti-Virus ACE Archive Handling Buffer Overflow -

======================================================================
Table of Contents

Affected Software....

[ more ] [ reply ]

PaFileDB 3.1 - SQL-Injection 2005-08-24
astovidatu security-project org

[SePro Advisory #5] PaFileDB 3.1 - SQL-Injection
===========================================================

Vendor: PhpArena
URL: http://www.phparena.net/
Date: 17.08.05

App.: PaFileDB
Version: 3.1
Type: SQL-Injection
Risc: High

Credits:
================================
Newang

[ more ] [ reply ]

Secunia Research: SqWebMail Attached File Script InsertionVulnerability 2005-08-24
Secunia Research (vuln secunia com)

======================================================================

Secunia Research 24/08/2005

- SqWebMail Attached File Script Insertion Vulnerability -

======================================================================
Table of Contents

Affected Software...

[ more ] [ reply ]

Cross-site scripting vulnerability in BEA WebLogic administration console 2005-08-24
GomoR (bugtraq gomor org)

I. DESCRIPTION

A cross-site scripting issue affects the display of error events in the
'View Error Log' feature of BEA WebLogic Administration console.

II. AFFECTED PRODUCTS

BEA WebLogic 8.1 SP4 and previous.

III. HOW TO VERIFY

1. Make a HTTP request containing XSS code to a target Web

[ more ] [ reply ]

New Whitepaper - The Pharming Guide 2005-08-24
NGSSoftware Insight Security Research (nisr nextgenss com)

NGS Insight Security Research (NISR) are pleased to announce the
publication of a new whitepaper - "The Pharming Guide", which can be
downloaded from

http://www.ngssoftware.com/papers/ThePharmingGuide.pdf

Abstract:

Exploiting well known flaws in DNS services and the way in which
hostnames are

[ more ] [ reply ]

[RLSA_01-2005] QNX inputtrap arbitrary file read vulnerability 2005-08-24
julio rfdslabs com br

*** rfdslabs security advisory ***

Title: QNX inputtrap arbitrary file read vulnerability [RLSA_01-2005]
Versions: QNX RTOS 6.3, 6.1.0 (possibly others)
Vendor: http://www.qnx.com
Date: Feb 22 2005

Author: Julio Cesar Fort <julio *NO_SPAM* rfdslabs com br>

1. Introduction

[ more ] [ reply ]

Multiple Vulnerabilities in Home Ftp Server 1.0.7 2005-08-24
Donato Ferrante (fdonato autistici org)

Donato Ferrante

Application: Home Ftp Server
http://downstairs.dnsalias.net/homeserver.html

Version: 1.0.7 b45

Bugs: Multiple Vulnerabilities

Date: 24-Aug-2005

Author: Donato Ferrante
e-mail: fdonato@autistici.

[ more ] [ reply ]

MDKSA-2005:147 - Updated slocate packages fix vulnerability 2005-08-23
Mandriva Security Team (security mandriva com)

ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users 2005-08-23
kozan spyinstructors com (1 replies)

/*================================================================

ZipTorrent 1.3.7.3 Local Proxy Password Disclosure Exploit by Kozan

Discovered & Coded by Kozan
Credits to ATmaCA
Web: www.spyinstructors.com
Mail: kozan (at) spyinstructors (dot) com [email concealed]

Application:
--------------------
ZipTorrent 1.3.7.3 (and

[ more ] [ reply ]

Re: ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users 2005-08-24
Allen Parker (infowolfe gmail com)

[USN-173-1] PCRE vulnerability 2005-08-23
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-173-1 August 23, 2005
pcre3 vulnerability
CAN-2005-2491
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu

[ more ] [ reply ]

[USN-172-1] lm-sensors vulnerability 2005-08-23
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-172-1 August 23, 2005
lm-sensors vulnerabilities
https://bugzilla.ubuntu.com/show_bug.cgi?id=13887
===========================================================

A security issue affects the following Ubuntu rel

[ more ] [ reply ]

Mercora IMRadio 4.0.0.0 Discloses Passwords to Local Users 2005-08-23
kozan spyinstructors com

/*================================================================

Mercora IMRadio 4.0.0.0 password disclosure local exploit by Kozan

Discovered & Coded by: Kozan
Credits to ATmaCA
Web: www.spyinstructors.com
Mail: kozan (at) spyinstructors (dot) com [email concealed]

=====[ Application ]=====================================

[ more ] [ reply ]

[ GLSA 200508-12 ] Evolution: Format string vulnerabilities 2005-08-26
Stefan Cornelius (dercorny gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200508-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

Oracle Password Checker 2005-08-23
ak red-database-security com

Hello Bugtraq-Reader

we have implemented a free dictionary based Oracle password checker
for Oracle databases called checkpwd 1.0. This is a useful tool for DBAs to
identify Oracle accounts with weak or default passwords.

Details & Download
http://www.red-database-security.com/software/checkpwd.

[ more ] [ reply ]

Server crash in Ventrilo 2.3.0 2005-08-23
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: Ventrilo
http://www.ventrilo.com
Versions: <= 2.3.0 and >= 2.1.2
Platforms: Windows (x86), Linux (x86), Solaris (SPARC), Solaris
(x8

[ more ] [ reply ]

Re: ELM < 2.5.8 Remote Exploit POC 2005-08-23
skulls_phantoms_1 securityfocus com

/*

Exploit code for the bug posted by Ulf Harnhammar (metaurtelia.com)
http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html

Probably you will need to change SYSLOC and STRLOC to work on your box

*/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

[ more ] [ reply ]

MDKSA-2005:148 - Updated vim packages fix vulnerability 2005-08-23
Mandriva Security Team (security mandriva com)

MDKSA-2005:146 - Updated php-pear packages fix more PEAR XML-RPC vulnerabilities 2005-08-23
Mandriva Security Team (security mandriva com)

Re: Interspire ArticleLive 2005 (php version) is vulnerable to XSS 2005-08-23
eddie interspire com

This has been patched.

[ more ] [ reply ]

[SECURITY] [DSA 782-1] New bluez-utils packages fix arbitrary command execution 2005-08-23
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 782-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
August 23rd, 2005

[ more ] [ reply ]

[SECURITY] [DSA 781-1] New Mozilla Thunderbird packages fix several vulnerabilities 2005-08-23
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 781-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
August 23rd, 2005

[ more ] [ reply ]