|
|
Colapse all |
Post message
[SECURITYREASON.COM] PhpNuke 7.6=>x Multiple vulnerabilities cXIb8O3.12 2005-04-04 Maksymilian Arciemowicz (max jestsuper pl) Re: Solaris 10 Containers / Zones Security Flaw 2005-04-04 jim allan (intehnet gmail com) In-Reply-To: <424EC41F.2060901 (at) cox (dot) net [email concealed]> agreed Robert, there are many easy ways to limit this, my research was more about whether Sun had implemented sanity limits in virtual memory and cpu usage as a default. which they hadn't. it's a sad state, but most admins wouldn't use ulimit or set maxuprc [ more ] [ reply ] Microsoft Windows Internet Name Service (WINS) Remote Heap Overflow Exploit 2005-04-04 class101 (at) HAT-SQUAD (dot) com [email concealed] (class101 hat-squad com) SUSE Security Announcement: kernel local privilege escalation (SUSE-SA:2005:021) 2005-04-04 Marcus Meissner (meissner suse de) [SECURITY] [DSA 705-1] New wu-ftpd packages fix denial of service 2005-04-04 joey infodrom org (Martin Schulze) [ GLSA 200504-02 ] Sylpheed, Sylpheed-claws: Buffer overflow on message display 2005-04-02 Thierry Carrez (koon gentoo org) How to write remote exploits ( V. 1.1) 2005-04-02 Sumy (sanandres gmail com) How to write remote exploits ( V. 1.1) 1. Introduction Hi welcome to my first english tutorial, and my first tutorial about exploit coding, on the next pages, I want to show you the basics of remote exploits writing. In order to understand the following, I hope that you know "socket programming i [ more ] [ reply ] Yet Another Forum.net XSS vulnerabilities 2005-04-02 maty siman (maty checkmarx com) OVERVIEW ========= "Yet Another Forum.net (http://www.yetanotherforum.net/) is a opensource discussion forum or bulletin board system for web sites running ASP.NET. It is ASP.NET based with a MS SQL backend database. The full C# source code is available licensed as GPL. " Several Cross Site Scri [ more ] [ reply ] AlstraSoft EPay Pro v2.0 has file include and multiple xss vulnerabilities 2005-04-02 dcrab (dcrab hackerscenter com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dcrab 's Security Advisory [Hsc Security Group] http://www.hackerscenter.com/ [dP Security] http://digitalparadox.org/ Severity: High Title: AlstraSoft EPay Pro v2.0 has file include and multiple xss vulnerabilities Date: 02/04/2005 Vendor: AlstraSo [ more ] [ reply ] MDKSA-2005:065 - Updated ImageMagick packages fix multiple vulnerabilities 2005-04-01 Mandrakelinux Security Team (security linux-mandrake com) MDKSA-2005:066 - Updated grip packages fix vulnerability 2005-04-01 Mandrakelinux Security Team (security linux-mandrake com) RE: Microsoft Windows Server 2003 "Shell Folders" Directory Traversal Vulnerability 2005-04-02 Eiji James Yoshida (ptrs-ejy bp iij4u or jp) This problem (BugtraqID:7826) was corrected in Windows Server 2003 Service Pack 1. Microsoft Windows Server 2003 "Shell Folders" Directory Traversal Vulnerability http://www.securityfocus.com/archive/1/340666 Microsoft Internet Explorer %USERPROFILE% File Execution Weakness http://www.securityfocu [ more ] [ reply ] In-game server crash in Call of Duty 1.5b and United Offensive 1.51b 2005-04-02 Luigi Auriemma (aluigi autistici org) In-game server buffer-overflow in Jedi Academy 1.011 2005-04-02 Luigi Auriemma (aluigi autistici org) Re: bzip2 TOCTOU file-permissions vulnerability 2005-04-03 Steve Grubb (linux_4ever yahoo com) (1 replies) In-Reply-To: <7389fc4b0503301338f74a428 (at) mail.gmail (dot) com [email concealed]> >================================ >bzip2 TOCTOU file-permissions vulnerability >================================ > >Software: bzip2 >Version: 1.0.2 >Software URL: <http://sources.redhat.com/bzip2/> >Platform: Unix, Linux. >Vulnerability type [ more ] [ reply ] Re: bzip2 TOCTOU file-permissions vulnerability 2005-04-02 Jason V. Miller (jmiller securityfocus com) [ GLSA 200504-01 ] telnet-bsd: Multiple buffer overflows 2005-04-01 Thierry Carrez (koon gentoo org) (Paper) Programming: The Heart of Web Security 2005-04-01 Sumy (sanandres gmail com) Information and data transmission system security holds a place of ever-growing importance in today's world. The expansion of the Web has provided businesses with an ideal platform for introducing and promoting their products and services. The Web is accessible to all, being both easy to use and wi [ more ] [ reply ] DMA[2005-0401a] - 'IVT BlueSoleil Directory Transversal' 2005-04-01 KF (Lists) (kf_lists digitalmunition com) [USN-103-1] Linux kernel vulnerabilities 2005-04-01 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-103-1 April 01, 2005 linux-source-2.6.8.1 vulnerabilities CAN-2005-0400, CAN-2005-0749, CAN-2005-0750, CAN-2005-0815, CAN-2005-0839 =========================================================== A security issu [ more ] [ reply ] multiple remote denial of service vulnerabilities in Gaim 2005-04-01 Jean-Yves Lefort (jylefort brutele be) I. Synopsis Gaim (http://gaim.sourceforge.net) is a multi-protocol instant messaging client. I have identified several remote denial of service vulnerabilities affecting Gaim 1.2.0, and probably older versions as well. II. Problems 1. Buffer overread in gaim_markup_strip_html() A programming [ more ] [ reply ] Solaris 10 Containers / Zones Security Flaw 2005-04-01 jim allan (intehnet gmail com) (2 replies) all, thought i'd share something from a bit of home research. It's a bit trivial, and the "hole" (so to speak) is easily patched up, but it defies the claims of Sun in regards to Solaris 10 security. Solaris 10 contains a feature called containers, or zones, which are kind of like a "VMware" [ more ] [ reply ] |
|
Privacy Statement |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[PhpNuke 7.6=>x Multiple vulnerabilities cXIb8O3.12]
Author: Maksymilian Arciemowicz (cXIb8O3)
Date: 3.3.2005
from securityreason.com TEAM
- --- 0. For ---
This adv. is only for John Poul II, Polish Pope.
Peace!
- --- 1.Description ---
PHP-Nuke is
[ more ] [ reply ]