|
|
Colapse all |
Post message
Solaris 9/10 ld.so fun 2005-06-27 Przemyslaw Frasunek (venglin freebsd lublin pl) (1 replies) Re: [Full-disclosure] Solaris 9/10 ld.so fun 2005-06-27 Przemyslaw Frasunek (venglin freebsd lublin pl) [USN-145-1] wget vulnerabilities 2005-06-28 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-145-1 June 28, 2005 wget vulnerabilities CAN-2004-1487, CAN-2004-1488, CAN-2004-2014 =========================================================== A security issue affects the following Ubuntu releases: Ubun [ more ] [ reply ] [Fwd: phpBB 2.0.16 released] 2005-06-28 Christian Boenning (security verloren-im net) ---------------------------- Original Message ---------------------------- Subject: phpBB 2.0.16 released From: "phpBB list" <noreply (at) phpbb (dot) com [email concealed]> Date: Mon, June 27, 2005 8:34 pm To: security (at) verloren-im (dot) net [email concealed] ------------------------------------------------------------------------ -- Hi ev [ more ] [ reply ] Cross-Site Scripting (CSS) in Hosting Controller All Version and hot fix it hehe ;) 2005-06-28 ActionSpider securityfocus com, "[at]" securityfocus com,linuxmail securityfocus com, "[dot]" securityfocus com,org securityfocus com High Risk Vulnerability in RealPlayer for Windows 2005-06-27 NGSSoftware Insight Security Research (nisr nextgenss com) John Heasman of NGSSoftware has discovered a high risk vulnerability in RealPlayer for Windows. Versions affected include: RealPlayer 10.5 (6.0.12.1040-1069) RealPlayer 10 RealOne Player v2 RealOne Player v1 RealPlayer 10.5 (6.0.12.1212) is NOT affected. The flaw permits the overwriting of a lo [ more ] [ reply ] Re: [ECHO_ADV_20$2005] Full path disclosure JAF CMS 2005-06-26 Steven M. Christey (coley mitre org) Two of these "full path disclosure" error messages suggest a much more serious problem: http://localhost/jaf-cms/index.php?page=forum&category=general&id=3/* Warning: fopen(module/files/3/*): failed to open stream: No such file or directory in /var/www/html/jaf-cms/module/forum/inc/csvfil [ more ] [ reply ] [USN-144-1] dbus vulnerability 2005-06-27 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-144-1 June 27, 2005 dbus vulnerability CAN-2005-0201 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The fol [ more ] [ reply ] [ GLSA 200506-23 ] Clam AntiVirus: Denial of Service vulnerability 2005-06-27 Sune Kloppenborg Jeppesen (jaervosz gentoo org) M4DR007-07SA (security advisory): Multiple vulnerabilities in ASP Nuke 0.80 2005-06-26 Alberto Trivero (trivero jumpy it) M4DR007-07SA (security advisory): Multiple vulnerabilities in ASP Nuke 0.80 Published: 26 16 2005 Released: 26 16 2005 Name: ASP Nuke Affected Systems: <= 0.80 Issue: Cross-Site Scripting, HTTP Response Splitting, SQL Injection Author: Alberto Trivero Vendor: http://www.aspnuke.com/ Software Des [ more ] [ reply ] [USN-143-1] Linux amd64 kernel vulnerabilities 2005-06-27 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-143-1 June 27, 2005 linux-source-2.6.10, linux-source-2.6.8.1 vulnerabilities CAN-2005-1762, CAN-2005-1765 =========================================================== A security issue affects the following [ more ] [ reply ] Nokia Symbian 60 "BLUETOOTH NICKNAME" Remote Restart 2005-06-27 Qnix bsdmail org (1 replies) When i was playing with my bluetooth device, i found that if you add in your nickname " 09 0a " in hex, it will cause that every one who search for available bluetooth devices and find your nickname his nokia phone will restart. you should add a nicname like that, [something][09 0a in hex][just add [ more ] [ reply ] Denial of Service Vulnerability in True North Software, Inc. IA eMailServer Corporate Edition Version: 5.2.2. Build: 1051. 2005-06-27 Reed Arvin (reedarvin gmail com) Summary: Denial of Service Vulnerability in True North Software, Inc. IA eMailServer Corporate Edition Version: 5.2.2. Build: 1051. (http://www.tnsoft.com/) Details: Input to the IMAP4 LIST command is not properly checked and/or filtered. Issuing a single character '%x' as the second argument to th [ more ] [ reply ] aspnuke is vulnerable to sql injection 2005-06-27 oil_karchack yahoo com *******description********* aspnuke is web portal system written in asp . site : www.aspnuke.com ********POC************ It's possible to inject htttp://host/module/article/article/article.asp?articleid=1' for example you can change the admin username and password with this querry : http://host/mod [ more ] [ reply ] SUSE Security Announcement: RealPlayer remote buffer overflow (SUSE-SA:2005:037) 2005-06-27 Marcus Meissner (meissner suse de) Re: Phishing - feature or flaw 2005-06-27 David A. Wheeler (dwheeler ida org) Secure Science Corporation Bugtraq <bugtraq (at) securescience (dot) net [email concealed]> said: > Regarding certain vulnerabilities that are being discovered such as > http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test > > Are these really features, or are they flaws now because of the phishing > threat [ more ] [ reply ] Re: Bluetooth SIG Denial of Service vulnerability 2005-06-25 next securityfocus com, at securityfocus com,hysteria securityfocus com, dot securityfocus com,cz securityfocus com I just checked it out with my Nokia 6310i, firmware 5.51 (an old firmware, I know). a) if the phone is not paired with the BT dongle I used, it asks for pairing b) even though the screen shows "connecting" with the moving bar, I can use one of the blue buttons to cancel this screen a do something [ more ] [ reply ] Phishing - feature or flaw 2005-06-24 Secure Science Corporation Bugtraq (bugtraq securescience net) (1 replies) Hi, Regarding certain vulnerabilities that are being discovered such as http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test Are these really features, or are they flaws now because of the phishing threat vector. Originally javascript/DHTML/DOM is pretty powerful and can do a l [ more ] [ reply ] Phishing Solutions (was: Phishing - feature or flaw) 2005-06-27 Chris Brenton (cbrenton chrisbrenton org) MDKSA-2005:104 - Updated squid packages fix vulnerability 2005-06-24 Mandriva Security Team (security mandriva com) MDKSA-2005:105 - Updated dbus packages fix vulnerability 2005-06-24 Mandriva Security Team (security mandriva com) Re: Solaris 10 /usr/sbin/traceroute vulnerabilities 2005-06-24 "Fermín J. Serna" (fjserna ngsec com) Hello, Please note his tests were on X86, SPARC needs double ret in order to successfuly xploit/segfault the vulnearable program due to register windows layout on stack. Its like xfont (x-something, don't remember) issues on old solaris, exploitable (segfault) on x86 but not on SPARC because it [ more ] [ reply ] Re: [Full-disclosure] Solaris 10 /usr/sbin/traceroute vulnerabilities 2005-06-24 Przemyslaw Frasunek (venglin freebsd lublin pl) adam stevens napisa³(a): > [root@nexus:~] traceroute -s 1.1.1.1. 127.0.0.1 > traceroute: 1.1.1.1. is an invalid IPv4 source address > [root@nexus:~] uname -a > SunOS nexus 5.10 s10_54 sun4u sparc SUNW,Sun-Blade-100 On my box (generic unpatched Solaris 10 on amd64), segfault strongly depends on stac [ more ] [ reply ] Infopop UBB Threads Multiple Vulnerabilities 2005-06-24 GulfTech Security Research (security gulftech org) ########################################################## # GulfTech Security Research June 23rd, 2005 ########################################################## # Vendor : Infopop Corporation # URL : http://www.ubbcentral.com/ubbthreads/ # Version : All Versions Prior To 6.5.2 Be [ more ] [ reply ] |
|
Privacy Statement |
running s[ug]id binaries, allowing to run arbitrary code with elevated
privileges. Well, I can't belive, that such trivial vulnerability exists in
modern OS...
The following PoC code was tested on:
- SunOS 5.10 Generic i8
[ more ] [ reply ]