SecurityFocus

Linux ISO9660 handling flaws 2005-03-17
Michal Zalewski (lcamtuf dione ids pl)

Good morning,

There appears to be a fair number of kernel-level range checking flaws in
ISO9660 filesystem handler (and Rock Ridge / Juliet extensions) in Linux
up to and including 2.6.11. These bugs range from DoS conditions to
potentially exploitable memory corruption - all this whenever a specia

[ more ] [ reply ]

Kevin Walsh: LimeWire Gnutella client two vulnerabilities 2005-03-16
Ill will (xillwillx gmail com)

using limewire version 4.4.1 on windows
192.168.1.2:6346/gnutella/res/c\:boot.ini
works perfectly fine
the magnet request
192.168.1.2/magnet10/../../../../../Windows/Win.ini?Simple-test
forwards you to a "fix" that they are using to patch all the new
version.. the simply put an index.html that meta

[ more ] [ reply ]

[USN-98-1] OpenSLP vulnerabilities 2005-03-17
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-98-1 March 17, 2005
openslp vulnerabilities
http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032534.htm
l
===========================================================

A security issue affects the

[ more ] [ reply ]

Another includer.cgi problem? 2005-03-17
cout cyberspace org

Hello to everyone

I'm sorry if this was already posted but if it wasn't have a look at it.
It seems that includer.cgi will do a very nice directory traversal for you
but I don't know what version or other specific details but the vuln.
is very high.I tried only a couple of them and it was enoug

[ more ] [ reply ]

MDKSA-2005:058 - Updated kdelibs packages fix multiple vulnerabilities 2005-03-16
Mandrakelinux Security Team (security linux-mandrake com)

PHP mcNews arbitrary file inclusion 2005-03-17
Jonathan Whiteley (jon whiteley gmail com)

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
BadRoot Security Advisory 2005-#0x01
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Thu Mar 17 2005 - 00:46 am GMT +1

Product: mcNews <=1.3 (successfully exploited on 1.3)
Vendor: http://www.phpforums.net/index.php?dir=dld (Home Page)
Type:

[ more ] [ reply ]

XSS in ACS blog 2005-03-17
farhad koosha (farhadkey yahoo com)

XSS vulnerability exist in the ACS blog ( ASP WEBLOG SYSTEM ).

Vulnerable :

ACS Blog v 0.8
ACS Blog v 0.9
ACS Blog v 1.0
ACS Blog v 1.1b

Code :

/search.asp?search=%22%3Cbr%3E%3Ciframe+src%3D%22http%3A%2F%2Fgoogle.com
%22%3E%3C%2Fiframe%3E

or goto /search.asp and copy this code :
" <iframe s

[ more ] [ reply ]

Windows 2000 GDI32.DLL GetEnhMetaFilePaletteEntries() API specially crafted EMF file DOS vulnerability 2005-03-17
Hongzhen Zhou (felix__zhou hotmail com)

Windows 2000 GDI32.DLL GetEnhMetaFilePaletteEntries() API specially crafted EMF file DOS vulnerability

1. Description

Windows 2000 GDI32.DLL GetEnhMetaFilePaletteEntries() API
doesn't process the EMF file properly, a application which calls
the API will crash when it reads some specially

[ more ] [ reply ]

LLSSRV Redux 2005-03-17
Dave Aitel (dave immunitysec com)

With regards to the LLSSRV advisory Immunity published yesterday, we
would like to issue a clarification. There are two ways to get SP4 onto
a Windows 2000 Advanced Server machine, as follows:
1. Download SP4 from microsoft.com via networked or express install
2. Obtain and install a Windows 2000

[ more ] [ reply ]

See-security Advisory: Format string vulnerability in MailEnable 1.8 2005-03-17
a a (tal see-security com)

##################################################################
# #
# See-security Technologies ltd.

[ more ] [ reply ]

[ GLSA 200503-21 ] Grip: CDDB response overflow 2005-03-17
Luke Macken (lewk gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[CLA-2005:937] Conectiva Security Announcement - cyrus-imapd 2005-03-17
Conectiva Updates (secure conectiva com br)

MDKSA-2005:059 - Updated evolution packages fix crasher 2005-03-16
Mandrakelinux Security Team (security linux-mandrake com)

LLSSRV Clarifications <Immunity> 2005-03-16
Dave Aitel (dave immunitysec com)

Immunity is happy to announce the release from VSC of a new paper to our
public website regarding the technical details of the llssrv
vulnerability Microsoft released on February 8th, 2005. Along with this
paper, we've released a reliable, language-independant exploit to the
CANVAS distribution.

[ more ] [ reply ]

Re: GoodTech Telnet Server Buffer Overflow Vulnerability [EXPLOIT] 2005-03-16
cybertronic gmx net

In-Reply-To: <42372CEE.1010003 (at) altervista (dot) org [email concealed]>

/*
*
* cybertronic[at]gmx[dot]net
*
*
* [ cybertronic @ GoodTech ] $ gcc -o goodtech
goodtech.c
* [ cybertronic @ GoodTech ] $ ./goodtech
*
* Usage
* -----
* [ Bindshell ] ./goodtech <host>
* [ Reverseshell ] ./goodtech <host>

[ more ] [ reply ]

[USN-96-1] mySQL vulnerabilities 2005-03-16
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-96-1 March 16, 2005
mysql-dfsg vulnerabilities
CAN-2005-0709, CAN-2005-0710, CAN-2005-0711
===========================================================

A security issue affects the following Ubuntu releases:

[ more ] [ reply ]

RE: Denial of Service Vulnerability in MySQL Server for Windows 2005-03-16
BugTrap (bugtrap InterCept Net)

Cisco threat response 2.0.5.138 for Cisco's IDS Appliances is vulnerable
to this.

Thanks,
Michael Brown

-----Original Message-----
From: Luca Ercoli [mailto:io (at) lucaercoli (dot) it [email concealed]]
Posted At: Tuesday, March 15, 2005 1:47 PM
Posted To: BugTrap
Conversation: Denial of Service Vulnerability in MySQL Serv

[ more ] [ reply ]

[ GLSA 200503-19 ] MySQL: Multiple vulnerabilities 2005-03-16
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

ASPjar Tell-a-Friend 2005-03-16
farhad koosha (farhadkey yahoo com)

A XSS vulnerability exist in the ASPjar Tell-a-Friend.

Code:
"> XSS<!--

You can put the code in "Your Name Text".

But this company is no longer exist and the software is no longer being updated .

[ more ] [ reply ]

SAV9 Functionality Hole - misses virus files 2005-03-16
secure symantec com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Symantec is aware and currently investigating this posting.

Symantec Product Security Team
Symantec takes the security of our products seriously and is a
responsible disclosure company. You can view our response policies
at http://www.symantec.com/s

[ more ] [ reply ]

Servers Alive: Local Privilege Escalation 2005-03-16
Michael Starks (secure michaelstarks com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

#######################################################################
Advisory information:

Title: Servers Alive - Privilege Escalation
CVE Candidate Number: CAN-2005-0352
Application: Servers Alive
Versions known affected: 4.1, 5.0; other versions n

[ more ] [ reply ]

Re: [Full-disclosure] Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning 2005-03-16
Rodrigo Barbosa (rodrigob suespammers org) (1 replies)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Mar 15, 2005 at 09:06:05PM +0000, Nigel Horne wrote:
> > > # unzip -l mixed-eicar.zip
> > > Archive: mixed-eicar.zip
> > > Length Date Time Name
> > > -------- ---- ---- ----
> > > 308 03-10-05 12:00 Test^G^[[2J^[[2;5m

[ more ] [ reply ]

Re: [Full-disclosure] Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning 2005-03-17
Tomasz Papszun (tomek-bug lodz tpsa pl)

[USN-97-1] libxpm vulnerability 2005-03-16
Martin Pitt (martin pitt canonical com)

===========================================================
Ubuntu Security Notice USN-97-1 March 16, 2005
xfree86 vulnerability
CAN-2005-0605
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The

[ more ] [ reply ]

[ GLSA 200503-20 ] curl: NTLM response buffer overflow 2005-03-16
Sune Kloppenborg Jeppesen (jaervosz gentoo org)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ] [ reply ]

[CLA-2005:934] Conectiva Security Announcement - kdenetwork 2005-03-16
Conectiva Updates (secure conectiva com br)

Re: Av issues 2005-03-16
bipin gautam (visitbipin yahoo com)

There have been lot of noise and confusion regarding
all the issues reported lately... So, let me sum them
up.
________________________________________________________________________
___________
Multiple Vendor Antivirus Products Malformed ZIP
Attachment Scan Evasion Vulnerability

Affected Product:

[ more ] [ reply ]