- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-28
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-99-2 March 24, 2005
php4 vulnerabilities
CAN-2004-1064
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The f

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On (24/03/05 11:34), mikx didst pronounce:
>
> __Proof-of-Concept
>
> http://www.mikx.de/firescrolling2/
>
Does nothing here -- Mozilla/5.0 (X11; U; Linux x86_64; en-US;
rv:1.7.6) Gecko/20050307 Firefox/1.0.1 (Debian package 1.0.1-2)

I immediately n

[ more ]  [ reply ]

In-Reply-To: <20050321182737.81B6B15F507 (at) mail.ngssoftware (dot) com [email concealed]>

>Resource metering through client-side computationally intensive "electronic
>payments" can provide an alternative strategy in defending against brute
>force guessing attacks.

The first question I had was,
Why not just use a turing

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-100-1 March 24, 2005
cdrtools vulnerability
http://bugs.debian.org/291376
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (War

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______

SUSE Security Announcement

Package: mysql
Announcement-ID: SUSE-SA:2005:019
Date: Thu, 24 Mar

[ more ]  [ reply ]

__Summary

Even though Firefox 1.0.1 patched one of the key bugs behind my
firescrolling exploit (the ability of plugins to load chrome files in a
hidden frame) the ability to hijack a drag and drop operation and open a
privileged xul file is still available.

The demo opens "chrome://global/cont

[ more ]  [ reply ]

Oracle Reports Server 10g (9.0.4.3.3) Vulnerable to Cross Site Scripting

#####################

http://paolo/reports/examples/Tools/test.jsp?repprod&desname='<script
>alert(document.cookie);</script>

http://paolo/reports/examples/Tools/test.jsp?repprod"<script>alert
(document.co

[ more ]  [ reply ]

On 2005-03-23 21:25:03 -0000, Gunter Ollmann (NGS) wrote:
> > You claim that hashcash "has already proven to positively reduce the
> > success" of spammers. Is there any example of hashcash being
> > deployed in e-mail systems? I don't know any and I can't even
> > offhand think of any feasible meth

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______

SUSE Security Announcement

Package: kernel
Announcement-ID: SUSE-SA:2005:018
Date: Thu, 24 Mar

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello BugTraq readers,

I would like to make some brief announcements regarding upcoming Black Hat events.

Our European show is coming to Amsterdam, March 31-April 1. Our on-line registration will be closing this Thursday, March 24. If you wish to regi

[ more ]  [ reply ]

*********************************************************************
* CODEBUG Labs
* Advisory #8
* Title: Multiple vulnerabilities in Topic Calendar 1.0.1 for phpBB
* Author: Alberto Trivero
* English Version: Alberto Trivero
* Product: Topic Calendar 1.0.1
* Type: Multiple Vulnerabilities
* Web:

[ more ]  [ reply ]

On Wed, Mar 23, 2005 at 11:24:14AM -0500, Arndt.WA (at) forces.gc (dot) ca [email concealed] wrote:
> > Nonsense. Absurd, ridiculous nonsense.
> >
> > There is only one party who has any say over what code gets
> > executed by a CPU: the owner of that physical property.
> >
> > Everyone else can go fly a kite.
>
> Hold on.

[ more ]  [ reply ]

Eitan

What you have described is an ongoing issue at least since Version 7 of the
Symantec Corporate Edition antivirus product. I have personally talked with
Symantec about it as well. However it does not pose the security risk that
you appear to believe it does. In my personal opinion, it poses

[ more ]  [ reply ]

>-----Original Message-----
>From: Jay Libove [mailto:libove (at) felines (dot) org [email concealed]]

>I think Simple Nomad wrote an excellent analysis of the problem of a COTS
>vendor (in this case, Sybase) "requesting" (make legal threats) against a
>security research firm to not disclose the details of a discovered vuln

[ more ]  [ reply ]

Jason Coombs wrote:
>
> David Gillett wrote:
> > are the various rights of the owner
> > of the CPU, the *operator* of the
> > CPU, and the owner of the *data*,
> > each of whom may have a more or
> > less legitimate say in what code
> > actually gets executed.
>
> Nonsense. Absurd, ridiculous non

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[phpSysInfo 2.3 Multiple vulnerabilities cXIb8O3.11]

Author: Maksymilian Arciemowicz (cXIb8O3)
Date: 22.3.2005
from SECURITYREASON.COM TEAM

- --- 0.Description ---
PHPSysInfo 2.3 is a customizable PHP Script that parses /proc, and formats informati

[ more ]  [ reply ]

According to Sun's Java Web Start FAQ
http://java.sun.com/products/javawebstart/faq.html and other resources, a
JNLP can still specify and deliver a vulnerable JRE even after upgrading
your local copy. I'm no JNLP expert, but it looks like this could be
successfully applied to expose victims to prev

[ more ]  [ reply ]

Perhaps the disabling of raw sockets in SP2 is the cause of this problem.
Try this.

Net stop SharedAccess

Then try running the Python code and see if it still crashes.

Afterwards you can restart the SharedAccess service. Cheers.

-----Original Message-----
From: azurIt [mailto:azurit (at) pobox (dot) sk [email concealed]]
S

[ more ]  [ reply ]

Vortex Portal Multiples Bugs

Vendor: http://www.VortexPortal.net
Contact: Brian Price Email: VGChatter (at) shaw (dot) ca [email concealed]

I. Remote File Inclusion:

content.php -->

...
if (!isset($act)) {
require_once("main.php");
} else {
require_once("$act.php");
...
?>

index.php -->
...
require_once($root_di

[ more ]  [ reply ]

Well I can't realize about wich version you're talking ! maybe you're
talking about 1.0 ?

On 22 Mar 2005 16:32:05 -0000, Megasky <magasky (at) hotmail (dot) com [email concealed]> wrote:
>
>
> there is allready a post on this that have
> file_manager.php?action=download&filename=../../../../../../etc/passwd

So first admin s

[ more ]  [ reply ]

Can you please confirm my suggestion that:

Interspire ArticleLive 2005 (php version) is vulnerable to XSS:

e.g.

http://localhost/articles/newcomment?ArticleId="><script>alert('hi
')</script>

// best wishes, mircia [mircia (at) security.talte (dot) net [email concealed]]

[ more ]  [ reply ]

So I take it those weren't "Crunch Berries" in your cereal this morning? A
bit over the top, man... Comments in-line:

> David Gillett wrote:
>> are the various rights of the owner
>> of the CPU, the *operator* of the
>> CPU, and the owner of the *data*,
>> each of whom may have a more or
>> less

[ more ]  [ reply ]

Anyone have a Win 2003 box they can test this on?

On Tue, 22 Mar 2005 23:05:51 +0100, azurIt <azurit (at) pobox (dot) sk [email concealed]> wrote:
>
>
> > On Tue, Mar 22, 2005 at 12:21:18PM -0000, liquid (at) cyberspace (dot) org [email concealed]
> wrote:
> > > Start Python and type (of course x.x.x.x should be replaced with
> > > IP address):
> > >
>

[ more ]  [ reply ]

Notacon is the second iteration of an annual technology event held in
Cleveland, OH. The event will run from the morning of Friday, April 8th
through Sunday, April 10th. This years focus is on community and
technology. However, we have a number of interesting presentations and
tracks geared t

[ more ]  [ reply ]

I think Simple Nomad wrote an excellent analysis of the problem of a COTS
vendor (in this case, Sybase) "requesting" (make legal threats) against a
security research firm to not disclose the details of a discovered
vulnerability.

<IMHONSFME - In My Humble Opinion Not Speaking For My Employer mo

[ more ]  [ reply ]

On 2005-03-22 15:38:51 -0500, sean wrote:
> Another question, how can one prove that it was found by disassembling the code?

In the EU, reverse engineering is explicitely allowed if it is done to
ensure interoperability. (Is an exploit an interoperable program? :-))

> What if it were found by brut

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______

SUSE Security Announcement

Package: ImageMagick
Announcement-ID: SUSE-SA:2005:017
Date: Wed, 2

[ more ]  [ reply ]

In-Reply-To: <20050322122118.16702.qmail (at) www.securityfocus (dot) com [email concealed]>

I would like to add few things:

1. bug has nothing to do with Python, I deeply apologise to Python developers (which is my favorite piece of software)

2. here is an example in C with same effect:

#include <winsock2.h>

void main() {

[ more ]  [ reply ]

What constitutes the 'technical details'. Have the little lawyer spell
that out in black and white, then work around it. Once that person who
practices law commits to their defintion, give us the indvidual's name so
that we can both chuckle and avoid 'renting' them in the future.

--
http://ww

[ more ]  [ reply ]