SecurityFocus

[Scan Associates Advisory] Neteyes Nexusway multiple vulnerability 2005-05-11
pokley (pokleyzz scan-associates net)

Product : Neteyes Nexusway (http://www.neteyes.com.tw)
Description: Neteyes Nexusway multiple vulnerability
Severity: Very High

Description
===========
The NexusWay is a Multiservice Border Gateway that provides the
Multiaccess and Multiservice capabilities in the border segment of an
enterprise n

[ more ] [ reply ]

Commonly used disk imaging and wiping tools can be tricked to miss parts of a disk 2005-05-11
Arne Vidström (arne vidstrom foi se)

Hello,

Device Configuration Overlays (DCO) is a not so well known optional
feature set in the ATA-6 standard and forwards. It is supported by a lot
of, but not all, modern disks. Using DCO it is possible to tell a disk
that it should appear smaller than it really is, thus hiding an
arbitrarily

[ more ] [ reply ]

[HSC Security Group] MaxWebPortal - Multiple SQL injection/XSS 2005-05-11
Zinho (zinho hackerscenter com)

Hackers Center Security Group (http://www.hackerscenter.com/)
Zinho's Security Advisory

Desc: Maxwebportal 1.3.5 and prior
Risk: High

MaxWebPortal is probably the most spread ASP based web portal script.
I've found multiple XSS and Sql injection that could easily lead to password streali

[ more ] [ reply ]

Cisco Security Advisory: FWSM URL Filtering Solution TCP ACL Bypass Vulnerability 2005-05-11
Cisco Systems Product Security Incident Response Team (psirt cisco com)

MDKSA-2005:083 - Updated ethereal packages fix multiple vulnerabilities 2005-05-11
Mandriva Security Team (security mandriva com)

Linux kernel ELF core dump privilege elevation 2005-05-11
Paul Starzetz (ihaquer isec pl)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

since it became clear from the discussion in January about the uselib()
vulnerability, that the Linux community prefers full, non-embargoed
disclosure of kernel bugs, I release full details right now. However to
follows at least some of the resp

[ more ] [ reply ]

Metasploit Framework v2.4 2005-05-11
H D Moore (sflist digitaloffense net)

The Metasploit Framework is an advanced open-source exploit
development platform. The 2.4 release includes three user interfaces,
72 exploits and 75 payloads.

The Framework will run on any modern operating system that has a working
Perl interpreter. The Windows installer includes a slimmed-down ver

[ more ] [ reply ]

remote root security bug in ethereal 0.9.13 >= and <= 0.10.10 2005-05-09
suresec advisories (advisories suresec org)

Hi,
A while ago we discovered a bufferoverflow in ethereal.
It's now fixed in 0.10.11.

More information can be found in the attached pdf file.

Regards,
The suresec team.

[ more ] [ reply ]

WowBB view_user.php SQL Injection Vulnerability 2005-05-10
Megasky (magasky hotmail com)

An attacker can exploit this vulnerability to gain admin username and password.

http://www.wowbb.com/

Vulnerable versions: 1.6
1.61
1.62

Proof of concept:
http://www.example.com/wowbb/view_user.php?list=1&letter=&sort_by='[SQL Injection]

[ more ] [ reply ]

CAIF 1.2 released 2005-05-10
Oliver Goebel (Goebel CERT Uni-Stuttgart DE)

Dear all,

for your information:

The Common Announcement Interchange Format (CAIF) specification version
1.2 has been released.

A new version of the draft, reflecting all the changes made has been
released too.

All relevant documents are available from the CAIF home page.

CAIF Home:
htt

[ more ] [ reply ]

Gamespy cd-key validation system: "Cd-key in use" DoS versus many games 2005-05-10
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: Gamespy cd-key validation system
http://www.gamespy.net
Games: The amount of games that use this system is really huge,
a small list

[ more ] [ reply ]

[ GLSA 200505-08 ] HT Editor: Multiple buffer overflows 2005-05-10
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200505-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[ GLSA 200505-07 ] libTIFF: Buffer overflow 2005-05-10
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200505-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

Firefox Crash?? 2005-05-10
orebla Orebla (info orebla it) (1 replies)

I have found this script in turn for the net and it sends to me in crash Firefox:

<!--PROOF OF CONCEPT
The vulnerability can be exploited with the following 2 lines of code:

<iframe id="pocframe" name="pocframe" src="about:blank"></iframe>
<script type="text/javascript">window.frames.pocframe

[ more ] [ reply ]

Re: Firefox Crash?? 2005-05-10
Joxean Koret (joxeankoret yahoo es)

TCP/IP implementations do not adequately validate ICMP error messages 2005-05-10
Alok Menghrajani - Ilion Security SA (alok ilionsecurity ch) (1 replies)

Hi,

I was playing around with the ICMP error messages DOS attack (I found an
exploit on securityfocus.org bid 13214), and I noticed the following
work around:

when I add the following rule to iptables, the linux server (Kernel
2.4.29-grsec) is no longer vulnerable to the DOS:
iptables -I INPUT

[ more ] [ reply ]

Re: TCP/IP implementations do not adequately validate ICMP error messages 2005-05-11
Peter Keel (security cyberlink ch)

TSLSA-2005-0021 - squid 2005-05-10
Trustix Security Advisor (tsl trustix org)

New Macromedia Security Zone Bulletin Posted 2005-05-10
securityzone macromedia com (Macromedia Security Zone)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
IMPORTANT:

A new security bulletin describes a configuration problem
that may affect ColdFusion installations.

To learn about this new issue and what actions you can take
to address it, please visit the Macromedia Security Zone:

[ more ] [ reply ]

Crash in Zoidcom 1.0 beta 4 2005-05-10
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: Zoidcom
http://www.zoidcom.com
Versions: <= 1.0 beta 4
Platforms: Windows and Linux
Bug: access to unallocated memory
Exploitation: remot

[ more ] [ reply ]

Esqo advisory: GeoVision Digital Video Surveillance System - Multiple authentication issues 2005-05-10
Tirath Rai (tirath esqo com)

Esqo
www.esqo.com

Security Advisory

Advisory Name: GeoVision Digital Video Surveillance System ? Multiple
authentication issues
Release Date: 10-05-2005
Application: GeoVision D

[ more ] [ reply ]

[ GLSA 200505-06 ] TCPDump: Decoding routines Denial of Service vulnerability 2005-05-09
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200505-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[ GLSA 200505-05 ] gzip: Multiple vulnerabilities 2005-05-09
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200505-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

Viruses can evade Sophos Anti-Virus 2005-05-09
xerces8 (xerces8 butn net)

Hi!

Product : Sophos Anti-Virus v3.93 (Client)
(SAV from now on)
OS : Microsoft Windows
Vendor informed ? : CCed on this post

What : Infected files can evade detection and be executed

Procedure :

- install SAV in client mode.
- download an infected file (http://www.eicar.org/download/eicar.co

[ more ] [ reply ]

Easy Message Board Directory Traversal and Remote Command 2005-05-08
SoulBlack Group (soulblacktm gmail com)

============================================================

============================================================
Title: Easy Message Board Directory Traversal and Remote Command Execution
Vulnerability discovery: SoulBlack - Security Research -
http://soulblack.com.ar
Date: 08/05/2005
Seve

[ more ] [ reply ]

Advanced Guestbook 2.3.1 2005-05-08
Spy Hat (spyhat spyhat com)

There is an SQL Injection in Advanced Guestbook 2.3.1

For Example:

http://www.(yourdomain).com/(yourguestbookdirectory)/index.php?entry='

or

http://www.(yourdomain).com/(yourguestbookdirectory)/index.php?entry=%27

Yours,
SpyHat

[ more ] [ reply ]

phpbb 2.0.15 released - patches high critical vuln 2005-05-08
Paul Laudanski (zx castlecops com)

I don't normally send an email about updated packages, but this one fixes
a potentially serious issue.

re: http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=288194

A high risk bbcode.php vulnerability is patched with this version, at the
very least please patch it via the link above. It was discov

[ more ] [ reply ]

[SecurityLab] Ethereal 0.10.10 SIP Dissector Overflow 2005-05-08
Ejovi Nuwere (ejovi securitylab net)

Advisory Name: Ethereal 0.10.10 SIP Dissector Overflow
Release Date: 05/07/05
Application: Ethereal 0.10.10 and Prior
Platform: Multiple
Severity: A remote attacker can execute arbitrary commands
Author: Ejovi Nuwere <ejovi{AT}securitylab.net>
Vendor Status: Vendor has published

[ more ] [ reply ]

Announcement: The Web Security Mailing List 2005-05-08
contact webappsec org

The Web Application Security Consortium (WASC) is proud to present 'The Web Security Mailing List'.

What is The Web Security Mailing List?
The Web Security Mailing List is an open information forum for discussing topics relevant to
web security. Topics include, but are not limited to, industry ne

[ more ] [ reply ]