|
|
Colapse all |
Post message
Re: Few remote bugs in zPanel 2005-03-20 Kris Anderson (kanderson zee-way com) In-Reply-To: <Pine.LNX.4.61.0503151230240.718 (at) dom (dot) no [email concealed]> The bugs listed here have been addressed and a fix will be released in beta 11. Zee-Way Services was not notified of these bugs directly. In the future, please e-mail support (at) zee-way (dot) com [email concealed] with bugs that are potentially dangerous. Thank you for [ more ] [ reply ] [ GLSA 200503-26 ] Sylpheed, Sylpheed-claws: Message reply overflow 2005-03-20 Luke Macken (lewk gentoo org) Symantec Antivirus client locally created scheduled scan is not running if the local console is logged off 2005-03-19 Eitan Caspi (eitancaspi yahoo com) Suggested Risk Level: Low. Type of Risk: Security check not performed. Affected Software: Symantec antivirus (SAV) client (checked versions) application version 9.0.0.338 scan engine: 1.4.0.11 Earlier versions are most likely to have the same behavior - but that should be checked separately. [ more ] [ reply ] [ GLSA 200503-24 ] LTris: Buffer overflow 2005-03-20 Sune Kloppenborg Jeppesen (jaervosz gentoo org) [ GLSA 200503-23 ] rxvt-unicode: Buffer overflow 2005-03-20 Sune Kloppenborg Jeppesen (jaervosz gentoo org) OllyDbg long process Module debug Vulnerability 2005-03-19 ATmaCA ATmaCA (atmaca atmacasoft com) Vendor: Oleh Yuschuk Application: OllyDbg http://home.t-online.de/home/Ollydbg/ Introduction: OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. Affected Versions: 1 [ more ] [ reply ] [PersianHacker.NET 200503-10]PHP-Fusion v5.01 Html Injection Vulnerability 2005-03-19 PersianHacker Team (pi3ch yahoo com) [PersianHacker.NET 200503-10]PHP-Fusion v5.01 Html Injection Vulnerability Date: 2005 March Bug Number: 10 PHP-Fusion a light-weight open-source content management system (CMS) written in PHP. It utilises a mySQL database to store your site content and includes a simple, comprehensive adminstrati [ more ] [ reply ] Ciamos Highlight.php Security Hole(IHS) 2005-03-19 Majid NT (NT ihsteam com) ******************************************** IHS Iran Hackers Sabotage Public advisory by : NT NT (at) ihsteam (dot) com [email concealed] ******************************************** If You Have CIAMOS Installation Address You Can Use highligh.php Hole And Get DataBase Configuration(Name,User,Password) Tes [ more ] [ reply ] Ciamos Installation path(IHS) 2005-03-19 Majid NT (NT ihsteam com) ******************************************** IHS Iran Hackers Sabotage Public advisory by : NT NT (at) ihsteam (dot) com [email concealed] ******************************************** I Would Change A Default Value In CIAMOS,By Change A value In Viewcat.php I Get An Error On It Show CIAMOS Installation Path [ more ] [ reply ] [ GLSA 200503-22 ] KDE: Local Denial of Service 2005-03-19 Sune Kloppenborg Jeppesen (jaervosz gentoo org) IceCast up to v2.20 multiple vulnerabilities 2005-03-18 Patrick (patrickthomassen gmail com) These are tested on IceCast v2.20. This software can be freely obtained from http://www.icecast.org. "Icecast is a streaming media server which currently supports Ogg Vorbis and MP3 audio streams. It can be used to create an Internet radio station or a privately running jukebox and many things [ more ] [ reply ] Re: SAV9 Functionality Hole - misses virus files 2005-03-18 secure symantec com In-Reply-To: <20050315062647.21534.qmail (at) www.securityfocus (dot) com [email concealed]> >Date: 15 Mar 2005 06:26:47 -0000 >Message-ID: <20050315062647.21534.qmail (at) www.securityfocus (dot) com [email concealed]> >Content-Type: text/plain >Content-Disposition: inline >Content-Transfer-Encoding: binary >MIME-Version: 1.0 >X-Mailer: MIME-tools 5.411 [ more ] [ reply ] [phpbb <= 2.0.13 full path disclosure & directory listing] 2005-03-18 JoCaNoR SeCuRiTy TeaM (jocanor gmail com) (1 replies) [phpbb <= 2.0.13 full path disclosure & directory listing] Author: Jocanor Date= 18-03-2k5 1. -----------introduction-------- phpbb is an high-customizable bulletin board writed in php. Oficial page: http://www.phpbb.com 1. ------------Full path disclossure------------ This error is non crit [ more ] [ reply ] RE: [phpbb <= 2.0.13 full path disclosure & directory listing] 2005-03-18 Paul S. Owen (paul0x01 starstreak net) Java Web Start argument injection vulnerability 2005-03-18 Jouko Pynnonen (jouko iki fi) OVERVIEW ======== Java Web Start is a technology for easy client-side deployment of Java applications. "Using Java Web Start technology, standalone Java software applications can be deployed with a single click over the network" (from Sun Microsystems's website). Java Web Start is installed w [ more ] [ reply ] PHP-Post Exploit 2005-03-18 Terencentanio Enache (terencentanio root32 com) ~ PHOX: PHP-Post Exploit ~ ### # Content ### - Credits - BICWAE - Solution - Contact ### # Credits ### Exploit discovered by Phoxpherus (Phorce), Phox (R&P), Terencentanio (Root32) Thanks to SilentWolf for the name (BICWAE) ... lmao ### # BICWAE - Bypassing Input Check With Alternate Entr [ more ] [ reply ] runcms highlight.php hole 2005-03-18 Majid NT (NT ihsteam com) ******************************************** IHS Iran Hackers Sabotage Public advisory by : NT NT (at) ihsteam (dot) com [email concealed] ******************************************** If You Have RUNCMS Installation Address You Can Use highligh.php Hole And Get DataBase Configuration(Name,User,Password) Te [ more ] [ reply ] runcms installation path 2005-03-18 Majid NT (NT ihsteam com) ******************************************** IHS Iran Hackers Sabotage Public advisory by : NT NT (at) ihsteam (dot) com [email concealed] ******************************************** I Would Change A Default Value In RUNCMS,By Change A value In Viewcat.php I Get An Error On It Show RUNCMS Installation Pat [ more ] [ reply ] [USN-99-1] PHP4 vulnerabilities 2005-03-18 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-99-1 March 18, 2005 php4 vulnerabilities CAN-2004-1018, CAN-2004-1063, CAN-2004-1064 =========================================================== A security issue affects the following Ubuntu releases: Ubun [ more ] [ reply ] Re: SAV9 Functionality Hole - misses virus files 2005-03-18 patrickwm71 yahoo com In-Reply-To: <423728D4.2090504 (at) krellinst (dot) org [email concealed]> Creating an MSI package for distribution http://service1.symantec.com/SUPPORT/ent-security.nsf/529c2f9adcf33a1088 256e22005026f1/d637ed0f601f9f8388256e7d006a79eb?OpenDocument&prod=Symant ec%20AntiVirus%20Corporate%20Edition&ver=9.0&src=ent&pcode=sav_ce&d [ more ] [ reply ] possible SQL injection in Subdreamer 2005-03-18 GHC team (foster ghc ru) //*==========================================*// \\ GHC -> Subdreamer <- ADVISORY // Product: Subdreamer \\ Version: Subdreamer Light // URL: www.subdreamer.com \\ VULNERABILITY CLASS: SQL injection //*==========================================*// [Product Description] "Powered by PHP and MySQL, [ more ] [ reply ] myPHP Forum v1, 2 & 3 2005-03-18 Terencentanio Enache (terencentanio root32 com) ~ PHOX: myPHP Forum v1, 2 & 3 Exploits ~ ### # Content ### - Credits - SMFDBPWNOCS - Solution - Contact ### # Credits ### Exploit discovered by Phoxpherus (Phorce), Phox (R&P), Terencentanio (Root32) ### # SMFDBPWNOCS - Stupid Mofo Database Spamming When No One Can See ### In short, foru [ more ] [ reply ] [PersianHacker.NET 200503-09]PHPOpenChat v3.x XSS Multiple Vulnerability 2005-03-18 PersianHacker Team (pi3ch yahoo com) [PersianHacker.NET 200503-09]PHPOpenChat v3.X XSS Multiple Vulnerability Date: 2005 March Bug Number: 09 PHPOpenChat is a high performance php-based chat server software for a live chat-room or -module on every php-based site. More info @: http://phpopenchat.org/ Discussion: ------------------- [ more ] [ reply ] Security Contact at RSA? 2005-03-18 Gary O'leary-Steele (garyo sec-1 com) Does anyone know a security contact at RSA? Kind Regards, Gary Oleary-Steele Sec-1 www.sec-1.com ************************************************************************ ************************************************************************ ****************** NEW: Sec-1 Hacking Training - Learn t [ more ] [ reply ] Social Engineering: You Have Been A Victim 2005-03-18 Paul Laudanski (zx castlecops com) (1 replies) by Darren W. Miller, aka defendingthenet, CastleCops Staff Writer March 14, 2005 Monday morning, 6am; the electric rooster is telling you it's time to start a new work week. A shower, some coffee, and you're in the car and off. On the way to work you're thinking of all you need to accomplished [ more ] [ reply ] Re: [Full-disclosure] Social Engineering: You Have Been A Victim 2005-03-18 Ron DuFresne (dufresne winternet com) |
|
Privacy Statement |
BetaParticle (bp) is a ASP CMS ( Blog + Gallery ).
I found 2 vulnerabilities in BetaParticle.
* http://example.com/bp : is BP path !
1) BP Database Disclosure
For version < 3.0
Database path : http://example.com/bp/database/dbBlogMX.mdb
you can download it and disclose the administrator usern
[ more ] [ reply ]