|
|
Colapse all |
Post message
Re: FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution 2005-08-13 colin funkboard co uk Serious flaw in Linksys wireless AP password security 2005-08-15 Steve Scherf (bugtraq moonsoft com) It appears that firmware version 4.50.6 for the Linksys WRT54GS (hardware version 1) wireless router allows wireless clients to connect and use the network without actually authenticating. With WPA Personal/TKIP authentication enabled, the unit allows both clients using encryption with the correct s [ more ] [ reply ] Technical Note by Amit Klein: Detecting and Preventing HTTP Response Splitting and HTTP Request Smuggling Attacks at the TCP Le 2005-08-15 Amit Klein (AKsecurity) (aksecurity hotpop com) [SECURITY] [DSA 775-1] New Mozilla packages fix frame injection spoofing vulnerability 2005-08-15 joey infodrom org (Martin Schulze) drone armies C&C report - July/2005 2005-08-15 Gadi Evron (gadi tehila gov il) Below is a periodic public report from the drone armies / botnets research and mitigation mailing list. For this report it should be noted that we base our analysis on the data we have accumulated from various sources. According to our incomplete analysis of information we have thus far, we now pub [ more ] [ reply ] [SECURITY] [DSA 761-2] New heartbeat packages fix insecure temporary files 2005-08-15 joey infodrom org (Martin Schulze) Vulnerability found in CPAINT Ajax Toolkit 2005-08-15 wiley14 gmail com I am the original author of the CPAINT Ajax Toolkit (http://cpaint.sourceforge.net/). Last night we found a vulnerability affecting all versions of CPAINT prior to v1.3-SP (which is the patched version of the software) that can allow a user with malicious intent to execute server or ASP/PHP command [ more ] [ reply ] [ GLSA 200508-06 ] Gaim: Remote execution of arbitrary code 2005-08-15 Sune Kloppenborg Jeppesen (jaervosz gentoo org) Advisory 14/2005: PEAR XML_RPC Remote PHP Code Injection Vulnerability 2005-08-15 Stefan Esser (sesser hardened-php net) Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability 2005-08-15 Stefan Esser (sesser hardened-php net) [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue 2005-08-15 Uwe Hermann (uwe hermann-uwe de) SQL in PHPTB Topic Boards 2.0 2005-08-13 almaster hotmail com Class: Input Validation Error CVE: CVE-MAP-NOMATCH Remote: Yes Local: Yes Credit: aLMaSTeR HaCKeR [almaster[at]hotmail[dot]com] {}{}{}{}{}{}{}{}{}{}{}{} Vulnerable: Powered by PHPTB Topic Boards 2.0 ITHINK WORK IN ALL VERSION {}{}{}{}{}{}{}{}{}{}{}{} info PHPTB BOARD IS VERY NICE BOARD U [ more ] [ reply ] JaguarControl Activex Buffer Overflow 2005-08-13 Tacettin Karadeniz (tacettinkaradeniz yahoo com) Vendor: http://www.isemarket.com Bug: JaguarControl can crash Internet Explorer Found: Tacettin Karadeniz E-Mail: tacettinkaradeniz _at_ yahoo.com Vendor Status: Reported The exploit can cause Internet Explorer to crash and(or) the execution of arbitrary code on the user's computer. <object classi [ more ] [ reply ] Low security hole affecting Mentor's ADSLFR4II router 2005-08-13 Tim Brown (securityfocus machine org uk) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've found a number of low risk issues with Mentor's ADSLFR4II router. I initially spoke to them on the 20th July, passing them full details of my findings on the 21st of July. I then emailed them again on the 4th of August asking for an update and noti [ more ] [ reply ] Grandstream Budge Tone 101/102 DoS Vulnerability 2005-08-12 Kroma Pierre (kroma syss de) - ------------------------------------------------------------------- SySS-Advisory: Grandstream Budge Tone 101/102 DoS Vulnerability - ------------------------------------------------------------------- Problem discovered: July 20th 2005 Vendor contacted: July 21th 2005 Advisory will publish [ more ] [ reply ] Bluetooth: Theft of Link Keys for Fun and Profit? 2005-08-12 KF (lists) (kf_lists digitalmunition com) [USN-168-1] Gaim vulnerabilities 2005-08-12 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-168-1 August 12, 2005 gaim vulnerabilities CAN-2005-2102, CAN-2005-2103, CAN-2005-2370 =========================================================== A security issue affects the following Ubuntu releases: Ubun [ more ] [ reply ] Privilege escalation in Linksys WLAN Monitor v2.0 2005-08-12 Reed Arvin (reedarvin gmail com) Privilege escalation in Linksys WLAN Monitor v2.0 (http://www.linksys.com/) Details: The Linksys WLAN Monitor service (WLSVC) that is used to configure settings for various Linksys wireless network cards runs under the context of the LocalSystem account. It is possible to manipulate the administrat [ more ] [ reply ] Insecure directory permissions of default installation of Kaspersky Anti-Virus for Unix/Linux File Servers will lead to local root exploit 2005-08-12 Dr. Peter Bieringer (pbieringer aerasec de) FYI, a new version is already available and a proposed workaround is described at the end of the advisory. Peter URLs for this document: ftp://ftp.aerasec.de/pub/advisories/kav4unix/kav4unix-local-root-exploit .txt (TXT) (P) & (C) 2005 AERAsec Network Services and Security GmbH The inform [ more ] [ reply ] FW: Updated Version & Exploit - Privilege escalation in Nortel Contivity VPN Client V05_01.030 2005-08-12 Jeff Peadro (jeff peadro gmail com) Updated to add additional version & exploit details. Reps to Crime Dog Vulnerable Versions: Nortel Contivity VPN Client V05_01.100 Patches/Workarounds: Good question Exploit: 1. With the Contivity client open click go into "Group Authentication Options" 2. Select "Challenge Response Token" opt [ more ] [ reply ] (MS05-039) Microsoft Windows Plug-and-Play Service Remote Overflow (Universal Exploit + no crash shellcode) 2005-08-12 houseofdabus (houseofdabus inbox ru) (MS05-039) Microsoft Windows Plug-and-Play Service Remote Overflow (Universal Exploit + no crash shellcode) exploit attached. Description: A remote code execution and local elevation of privilege vulnerability exists in Plug and Play that could allow an attacker who successfully exploited this vu [ more ] [ reply ] [SECURITY] [DSA 774-1] New fetchmail packages fix arbitrary code execution 2005-08-12 joey infodrom org (Martin Schulze) Xoops 2.2.1 Full Path Disclosure 2005-08-12 none none com (1 replies) Xoops 2.2.1 Full Path Disclosure !!! http://[target]/include/registerform.php [code] Warning: main(XOOPS_ROOT_PATH/class/xoopslists.php): failed to open stream: No such file or directory in /home/public_html/site/include/registerform.php on line 28 Warning: main(): Failed opening 'XOOPS_ROOT_PATH/ [ more ] [ reply ] My Bulletin Board RC 4 Vulnerabilities 2005-08-12 phuket (phuket bugtraq gmail com) SQL Injection Vulnerabilities in MyBB RC 4 (+Security Patch) Vendor: MyBB Group Version: MyBulletinBoard 1.00 RC4+ Security Patch Risk: High if magic_quotes_gpc = Off URL: http://www.mybboard.com ************************************************************************ ********************** "MyBB [ more ] [ reply ] Windows 2000 universal exploit for MS05-039 2005-08-11 sl0ppy hush ai /* Windows 2000 universal exploit for MS05-039 -\x6d\x35\x6c\x30\x6e\x6e\x79- */ #define WIN32_LEAN_AND_MEAN #include <windows.h> #include <winnetwk.h> #include <winsock.h> #include <Rpc.h> #include <wchar.h> #include <stdio.h> #include <stdlib.h> #pragma comment(lib, "mpr") #pragma comment(lib, [ more ] [ reply ] MDKSA-2005:136 - Updated gpdf packages fix vulnerability 2005-08-11 Mandriva Security Team (security mandriva com) [FLSA-2005:157701] Updated Apache httpd packages fix security issues 2005-08-10 Marc Deslauriers (marcdeslauriers videotron ca) MDKSA-2005:134 - Updated xpdf packages fix vulnerability 2005-08-11 Mandriva Security Team (security mandriva com) [FLSA-2005:157696] Updated gzip package fixes security issues 2005-08-10 Marc Deslauriers (marcdeslauriers videotron ca) |
|
Privacy Statement |
[ more ] [ reply ]