-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Burton Strauss wrote:
> At best the SCOTUS Grokster opinion bounces the case back to the lower
> courts saying "You erred in dismissing under Betamax".
>
> It's also pretty clear that the Supremes said "Oh, and from looking at the
> facts of this c

[ more ]  [ reply ]

this is probably a hoax or an error, the system command is not executed, it's invisibile and inside the html... :) you can put a javascript instead and steal cookies. This is my proof of concept exploit:

http://www.rgod.altervista.org/upbgold196poc.php.txt

(if you have troubles with this script se

[ more ]  [ reply ]

On Sunday 17 July 2005 21:52, Klaus Schwenk wrote:
> I had some similar thoughts on that topic recently and do agree with you
> that the current habit of installation handling has several problems.
>
> First of all (at least on MS-based OS's) it's pretty hard to tell what
> exactly is done by the in

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

========================================================================
=====
FreeBSD-SA-05:17.devfs Security Advisory
The FreeBSD Project

Topic: de

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Security Notice: Anonymous Web Attacks via Dedicated Mobile Services
Security Risk: UNKNOWN
Publish Data: 2005 July 16

Security Researcher: Petko Petkov
Contact Information: ppetkov (at) gnucitizen (dot) org [email concealed]
PGP Key: http://pdp.gnucitizen.org/ppetkov.asc

Synops

[ more ]  [ reply ]

Folks,

It seems worthless to try to explain over and over again how trivial it is
to perform ICMP-based attacks against TCP. So I have posted on my web site
(http://www.gont.com.ar/tools/icmp-attacks) the same tools that vendors
were supposed to use to audit their systems, and test their patches

[ more ]  [ reply ]

---------------------------- Original Message ----------------------------
Subject: phpBB 2.0.17 released
From: "phpBB list" <noreply (at) phpbb (dot) com [email concealed]>
Date: Wed, July 20, 2005 12:08 am
To: security (at) verloren-im (dot) net [email concealed]
------------------------------------------------------------------------
--

Hi e

[ more ]  [ reply ]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Product: PHPNews
Version: 1.2.5 Release, bugfix 1.2.6 (and previous)
URL: http://newsphp.sourceforge.net/
VULNERABILITY CLASS: SQL injection
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[PRODUCT DESCRIPTION]
PHPNews is a popular script for ne

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200507-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

PatchAdvisor, Inc. www.patchadvisor.com

PATCHADVISOR VULNERABILITY ALERT

Cisco CallManager CTI Manager Remote Denial Of Service Vulnerability

VULNERABILITY NAME
==================
Cisco CallManager CTI Manager Remote Denial Of Service Vulnerability

PUBLISHED DATE
====

[ more ]  [ reply ]

Folks,

Another trivial ICMP-based attack. We'll use the tool icmp-mtu, available
at http://www.gont.com.ar/tools/icmp-attacks

We'll perform the blind performance-degrading attack described in
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html as the "Attack
against the Path-MTU Discove

[ more ]  [ reply ]

-----------------------------------------------------------
Multiple Vulnerabilities in PHP Surveyor version 0.98 stable
------------------------------------------------------------

Summary:

PHP Surveyor is vulnerable to many sql injections, cross site scriptings, and path disclosures.

Details:

[ more ]  [ reply ]

> List: bugtraq
> Subject: SiteMinder Multiple Vulnerabilities
> From: c0ntexb () gmail ! com
> Date: 2005-07-08 14:03:11
> Message-ID: 20050708140311.20979.qmail () securityfocus ! com
>
> $ An open security advisory #10 - Siteminder v5.5 Vulnerabilities

[...]

> I have conta

[ more ]  [ reply ]

Dear Bugtraq Reader

3 months ago (15-april-2005) I informed the Oracle Security Team (secalert_us (at) oracle (dot) com [email concealed]) that I will publish bug details if the bugs are not fixed with the next critical patch update (CPU July 2005). I know that Oracle products are complex and a good patch quality need some tim

[ more ]  [ reply ]

You might try re-using the rather large effort that went into the CERT
taxonomy:
http://www.cert.org/research/taxonomy_988667.pdf

You'll note the complete lack of "local" and "remote" in the taxonomy.

The email example of "rm -r /*" being executed would be:
Attack:
Tool: Information Exchange
Vul

[ more ]  [ reply ]

Dear Bugtraq Reader

3 months ago (15-april-2005) I informed the Oracle Security Team (secalert_us (at) oracle (dot) com [email concealed]) that I will publish bug details if the bugs are not fixed with the next critical patch update (CPU July 2005). I know that Oracle products are complex and a good patch quality need some tim

[ more ]  [ reply ]

||
|| [ISR]
|| Infobyte Security Research
|| www.infobyte.com.ar
|| 07.19.2005
||

.:: SUMMARY

Novell Groupwise WebAccess Cross-Site Scripting

Version: GroupWise 6.5 SP4, It is suspected that all previous versions of
Groupwise WebAccess
are vulnerable.

.:: BACKGROUND

GroupWise WebAccess i

[ more ]  [ reply ]

Hi

I noticed that very recently, the whitepapers section of
www.sanctuminc.com was removed (possibly as part of phasing out
the www.sanctuminc.com website). So here are few links to
mirrored resources (there are many more mirrors; those listed
below seem most stable):

*** long links may be word wr

[ more ]  [ reply ]

On Sun, 2005-07-17 at 01:58 -0700, Crispin Cowan wrote:
> Yet none of them capture the distinction Derek pointed out, and so
> perhaps we need a new term. We could say that attacks against connected
> programs like BIND and Gaim are "synchronous" and attacks that involve
> sending now for impact lat

[ more ]  [ reply ]

I think you are wrong. Suppose you do create that (mythical) complete set
of actions inside the package manager.

You can't add security - by definition if you run an rpm-type install you
are root, so there's nothing new.

You can't use something like SELinux unless you split the package in two (a

[ more ]  [ reply ]

On Tue, Jul 19, 2005 at 14:01:01 +1000, Tim Nelson wrote:
> My suggested solution would be to:
> 1. Build in to RPM (or whatever) any relatively harmless features
> which are regularly used (eg. reload)

That's a double-edged sword. On the one hand, a "standard library" of
useful installation acti

[ more ]  [ reply ]

Tim Nelson wrote:
> On Sun, 17 Jul 2005, John Richard Moser wrote:
>> Yes, you hit the nail on the head with a jackhammer. One discussion on
>> autopackage was that the devs don't want to limit the API and thus want
>> the prepare, install, and uninstall to be a bash script supplied by the
>> packa

[ more ]  [ reply ]

Name: CIRT.DK WebRoot - Bruteforcing tool
Version: 1.7
Author/Developer: Dennis Rand - CIRT.DK
Website: http://www.cirt.dk
Copyright: (c)2005 by Dennis Rand
Remember: This program may NOT be used, published or downloaded by
any Danish company, unles

[ more ]  [ reply ]

Dear Bugtraq Reader

3 months ago (15-april-2005) I informed the Oracle Security Team (secalert_us (at) oracle (dot) com [email concealed]) that I will publish bug details if the bugs are not fixed with the next critical patch update (CPU July 2005). I know that Oracle products are complex and a good patch quality need some tim

[ more ]  [ reply ]

Dear 3APA3A,

On 19 Jul 2005 at 13:35, 3APA3A wrote:

> Dear Amit Klein (AKsecurity),
>
>
>
> --Monday, July 18, 2005, 9:40:32 PM, you wrote to bugtraq (at) securityfocus (dot) com [email concealed]:
>
> AKA> NTLM HTTP Authentication
> AKA> (and possibly other connection-oriented
> AKA>

[ more ]  [ reply ]

> List: bugtraq
> Subject: SiteMinder Multiple Vulnerabilities
> From: c0ntex <c0ntexb () gmail ! com>
> Date: 2005-07-08 14:03:11
>
> $ An open security advisory #10 - Siteminder v5.5
> Vulnerabilities
>
> [...]

This issue is NOT present in out-of-the-box installations of
S

[ more ]  [ reply ]