SecurityFocus

[USN-106-1] Gaim vulnerabilities 2005-04-05
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-106-1 April 05, 2005
gaim vulnerabilities
CAN-2005-0965, CAN-2005-0966
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty

[ more ] [ reply ]

[USN-105-1] PHP4 vulnerabilities 2005-04-05
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-105-1 April 05, 2005
php4 vulnerabilities
CAN-2005-0524, CAN-2005-0525
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty

[ more ] [ reply ]

[USN-107-1] racoon vulnerability 2005-04-05
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-107-1 April 05, 2005
ipsec-tools vulnerability
CAN-2005-0398
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

[ more ] [ reply ]

iDEFENSE Labs Releases OllyDbg Breakpoint Manager 2005-04-05
iDEFENSE Labs (labs-no-reply idefense com)

An internal iDEFENSE Labs tool, OllyDbg Breakpoint Manager, has been
released as open source and is available for download from:

http://labs.idefense.com

Authored by Pedram Amini, iDEFENSE Labs is releasing OllyDbg Breakpoint
Manager, an OllyDbg plug-in developed to address some shortcomings of
th

[ more ] [ reply ]

TSLSA-2005-0011 - kernel 2005-04-05
Trustix Security Advisor (tsl trustix org)

Sanboxed browsing and authentication credentials 2005-04-05
Max Moser (max moser gmail com)

Hi there,

i just have to take a look on possible solutions to provide a good
"Sandboxed browsing" solution to beeing able to authenticate various
hotel dsl lines and hotspots. After successful authentication the VPN
client will take over from here.

So i got two questions for you all:
1. What Tools

[ more ] [ reply ]

[SECURITYREASON.COM] Full path disclosure and XSS in PHPNuke part 3 2005-04-05
sp3x (sp3x securityreason com)

-=[ Full path disclosure and XSS in PHPNuke ]=-

Author: sp3x
Date: 5. April 2004

In Memory of John Poul II :
===========================

"Love converts hearts and gives peace," - John Poul II
"To milosc nawraca serca i daruje pokoj ludzkosci, ktora wydaje się czasem zagubiona i zdominowana

[ more ] [ reply ]

Logics Software BS2000 Host to Web Client ALL PLATFORMS 2005-04-05
Román Ramírez (rramirez chasethesun es)

Logics Software Filetransfer from BS2000 Host to Web Client

* Release Date:
April 4, 2005

* Date noticed:
March 11, 2005

* Severity:
High (verified read access to any file and to-be-verified write access)

* Vendor:
Logics Sofware http://www.logics.de (http://www.logics.de/bs2000.htm)

* Systems

[ more ] [ reply ]

FreeBSD Security Advisory FreeBSD-SA-05:02.sendfile 2005-04-05
FreeBSD Security Advisories (security-advisories freebsd org)

SQL INJECTION in LinksLinks Pro. PHPBB Mod. 2005-04-04
rock master (rock_mask hotmail com)

SQL Injection was found in the Variable $id in : LinksLinks Pro Mod
vulnerable system :
phpBB 2.0.x
exploit :
links.php?func=show&id='[SQL Injection]

Bug Found by : LovER BOY

SecurityGurus Team
www.securitygurus[d0t]Net

[ more ] [ reply ]

SQL INJECTION in DLMan Pro. PHPBB Mod. 2005-04-04
rock master (rock_mask hotmail com)

SQL Injection was found in the Variable $file_id in : DLMan Pro' Mod
vulnerable system :
phpBB 2.0.x
exploit :
dlman.php?func=file_info&file_id='[SQL Injection]

Bug Found by : LovER BOY

SecurityGurus Team
www.securitygurus[d0t]Net

[ more ] [ reply ]

gzip TOCTOU file-permissions vulnerability 2005-04-04
Imran Ghory (imranghory gmail com)

[This bug is caused by essentially the same coding issue as the bzip2
issue (bugtraq id 12954) - the file is extracted and file descriptor
closed before the file is chmod'ed]

================================
gzip TOCTOU file-permissions vulnerability
================================

Software: gzip

[ more ] [ reply ]

Authenticaion bypass, Directory transversal and XSS vulnerabilities in PayProCart 3.0 - Profitcode Software 2005-04-04
dcrab (dcrab hackerscenter com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dcrab 's Security Advisory
[Hsc Security Group] http://www.hackerscenter.com/
[dP Security] http://digitalparadox.org/

Get Dcrab's Services to audit your Web servers, scripts, networks, etc. Learn more at http://www.digitalparadox.org/services.ah

S

[ more ] [ reply ]

RE: PayPal "security" measures 2005-04-04
McAllister, Andrew (McAllisterA umsystem edu)

I followed up with Mr Rasmussen privately. I've been getting phishing
spam that looks to be from PayPal (nothing new there), but strangely
enough has NO visible attack vector. The phishing spam directs me to a
legitimate paypal page. I know it is a scam because, e-mail headers
indicate the mail has

[ more ] [ reply ]

phpMyAdmin Cross-site Scripting Vulnerability 2005-04-04
Oriol Torrent Santiago (oriol torrent gmail com)

==========================================================
Title: phpMyAdmin Cross-site Scripting Vulnerability

Application: phpMyAdmin
Vendor: http://www.phpmyadmin.net
Vulnerable Versions: <=2.6.2-beta1
Corrected: phpMyAdmin versions after 2.6.2-beta1
Bug: Cross-site Scripting
Date: 3-Apr-2005
Au

[ more ] [ reply ]

Disclosure of AS/400 user accounts via the FTP server 2005-04-04
Shalom Carmel (shalom venera com)

Disclosure of AS/400 user accounts via the FTP server

Overview
---------
AS/400 servers support FTP in two modes, legacy mode and IFS mode,
and supports switching between both modes by a special FTP command.
When in IFS mode, it is possible to create a special symbolic link
file and retrieve the

[ more ] [ reply ]

[ GLSA 200504-03 ] Dnsmasq: Poisoning and Denial of Service vulnerabilities 2005-04-04
Thierry Carrez (koon gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200504-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[USN-104-1] unshar vulnerability 2005-04-04
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-104-1 April 04, 2005
sharutils vulnerability
https://bugzilla.ubuntu.com/show_bug.cgi?id=8459
===========================================================

A security issue affects the following Ubuntu release

[ more ] [ reply ]

ArGoSoft FTP Server is still vuln + PoC exploit code (IHSTeam) 2005-04-03
c0d3r ihsteam com

see the attached file for more information .
c0d3r of IHS

[ more ] [ reply ]

[CLA-2005:946] Conectiva Security Announcement - MySQL 2005-04-04
Conectiva Updates (secure conectiva com br)

Full path disclosure and XSS in PHPNuke 2005-04-03
SecurityReason (sp3x securityreason com)

-=[ SecurityReason-2005-SRA#04 ]=-

-=[ Full path disclosure and XSS in PHPNuke ]=-

Author: sp3x
Date: 3. April 2005

In Memory of John Poul II :
===========================

"Love converts hearts and gives peace," - John Poul II [The Great]
"To miłość nawraca serca i daruje pokój

[ more ] [ reply ]

[SECURITY] [DSA 704-1] New remstats packages fix several vulnerabilities 2005-04-04
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 704-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
April 4th, 2005

[ more ] [ reply ]

SonicWALL SOHO/10 - XSS vulnerability 2005-04-04
Oliver Karow (Oliver Karow gmx de)

SonicWALL SOHO/10 - XSS and Code Injection vulnerability
========================================================

Product:
========

SonicWall SOHO/10 is the 2nd generation Internet Security Appliance from
Sonicwall, with firewall-, vpn-, contentfiltering- and other capabilities.

Vulnerability:

[ more ] [ reply ]