|
|
Colapse all |
Post message
UBB.threads 6 SQL Injection 2005-03-11 kre0n mail ru ADZ Security Team =================== Info Program: UBB.threads Version: 6 Module: editpost.php Bug type: SQL Injection Vendor site: http://www.ubbcentral.com/ubbthreads/ =================== Bug discription at editpost.php we can see this code: // START $Cat = get_input("Cat","get"); $Board = g [ more ] [ reply ] iDownload/iSearch responds to Spyware Critics 2005-03-09 Paul Laudanski (zx castlecops com) Slashdot ran two stories earlier on how iDownload/iSearch sent letters to anti-spyware companies/websites telling them to [ http://yro.slashdot.org/article.pl?sid=05/02/23/1830243&from=rss ] stop listing their brand as spyware or malware. The spyware critics [ http://yro.slashdot.org/article.pl?sid [ more ] [ reply ] RE: Windows Server 2003 and XP SP2 LAND attack vulnerability 2005-03-08 Evans, Arian (Arian Evans fishnetsecurity com) FWIW in addition to all the SP2 responses note: cannot replicate on 2000 SP4 or XP SP1 using exact packets that work on SP2. -ae >----- Original Message ----- >From: "Jon O." <jono (at) networkcommand (dot) com [email concealed]> >To: "Dejan Levaja" <dejan (at) levaja (dot) com [email concealed]> >Cc: <bugtraq (at) securityfocus (dot) com [email concealed]> >Sent: Monday, March 07, [ more ] [ reply ] RE: Windows Server 2003 and XP SP2 LAND attack vulnerability 2005-03-08 Detection Services - IS Security (secdet nwa com) My Microsoft Tech Support liason (TAM) confirms this to be true, but has no further information at this time. -----Original Message----- From: Jon O. [mailto:jono (at) networkcommand (dot) com [email concealed]] Sent: Monday, March 07, 2005 3:56 PM To: Dejan Levaja Cc: bugtraq (at) securityfocus (dot) com [email concealed] Subject: Re: Windows Server 200 [ more ] [ reply ] Wfsection 1.07 vulnerabilities 2005-03-08 kreon (kre0n mail ru) Program: wfsections Verion: 1.07 Bug Type: SQL Injection Bug Discription: ================================= In file class/wfsfiles.php, we can see this function: //START function getAllbyArticle($articleid) { $db =& Database::getInstance(); $table = $db->prefix("wfs_files"); $ret = array(); $sql [ more ] [ reply ] iDEFENSE Security Advisory 03.10.05: Ipswitch Collaboration Suite IMAP EXAMINE Buffer Overflow Vulnerability 2005-03-10 iDEFENSE Labs (labs-no-reply idefense com) Ipswitch Collaboration Suite IMAP EXAMINE Buffer Overflow Vulnerability iDEFENSE Security Advisory 03.10.05 www.idefense.com/application/poi/display?id=216&type=vulnerabilities March 10, 2005 I. BACKGROUND Ipswitch Collaboration Suite (ICS) is a comprehensive communication and collaboration sol [ more ] [ reply ] Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. 2005-03-10 Bipin Gautam (visitbipin hotmail com) Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. Affected Product: AntiVir 6.30.0.5 AVG 718 Sybari (Antigen for M$ exchange) 7.5.1314 Symantec 8.0 McAfee 4442 BitDefender 7.0 POC: http://www.geocities.com/visitbipin/happy-crc.zip Description: if you create a zip archive with inva [ more ] [ reply ] [Updated][FLSA-2005:2344] Updated php packages fix security issues 2005-03-10 Marc Deslauriers (marcdeslauriers videotron ca) Update: MS05-011 EEYE: Windows SMB Client Transaction Response Handling Vulnerability 2005-03-09 Marc Maiffret (mmaiffret eeye com) Windows NT 4.0 was found to be vulnerable to bugs resolved in the MS05-011 patch. Microsoft will not be releasing a public Windows NT 4.0 patch due to the products end of life. Microsoft has however created a private patch for customers whom have paid for extended Windows NT 4.0 support. For more in [ more ] [ reply ] [Security Bulletin] SSRT4891 rev.0 HP Tru64 UNIX message queue local denial of service (DoS) 2005-03-09 Boren, Rich (SSRT) (rich boren hp com) [USN-94-1] Perl vulnerability 2005-03-09 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-94-1 March 09, 2005 perl vulnerability CAN-2005-0448 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The fol [ more ] [ reply ] RE: Ethereal remote buffer overflow - addon 2005-03-09 LSS Security (exposed lss hr) Just a little trick to overflow more stack memory in Ethereal. It is possible to overflow stack with more than 255 - 2 bytes. If radius_len is set to 1, in strncpy() line it is subtracted by two and it will be -1 (0xffffffff -> 4294967295 (unsigned long)). packet-3g-a11.c: ---------------- #de [ more ] [ reply ] [USN-93-1] Squid vulnerability 2005-03-08 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-93-1 March 08, 2005 squid vulnerability CAN-2005-0626 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The fo [ more ] [ reply ] [FLSA-2005:2404] Updated less package fixes security issue 2005-03-08 Marc Deslauriers (marcdeslauriers videotron ca) Ethereal remote buffer overflow 2005-03-08 LSS Security (exposed lss hr) (2 replies) Re: Windows Server 2003 and XP SP2 LAND attack vulnerability 2005-03-09 caldcv students fccj org In-Reply-To: <20050307215532.GA24251 (at) logos.microshaft (dot) org [email concealed]> >All: > >I would like to hear from someone who can reproduce this. If you can, please send >details with OS, patches installed, pcaps, etc. not a report of what tools you used >to create the packet, sniff and replay the results. I've tested [ more ] [ reply ] [SECURITY] [DSA 692-1] New kppp packages fix privileged file descriptor leak 2005-03-08 joey infodrom org (Martin Schulze) failles dans ProjectBB v0.4.5.1 2005-03-09 benji (at) www.securityfocus (dot) com [email concealed],[hacktinium]@securityfocus.com (at) www.securityfocus (dot) com [email concealed] (benjilenoob hotmail com) Sorry it's in French but i don't have the time to translate... It has been published on SecurityTracker to (for people who can't read French). Logiciel: ProjectBB v0.4.5.1 ********* Auteur: Benjilenoob ******* E-mail: benjilenoob (at) hotmail (dot) com [email concealed] ******* !-------------------! ! II. XSS [ more ] [ reply ] Multiple vulnerabilities in paFileDB 2005-03-08 sp3x securityreason com -=[ SecurityReason-2005-SRA#01 ]=- -=[ Multiple vulnerabilities in paFileDB ]=- Author: sp3x Date: 8. March 2005 Affected software : =================== paFileDB version : => 3.1 Description : ============= paFileDB is designed to allow webmasters have a database of files for download on [ more ] [ reply ] [CLA-2005:931] Conectiva Security Announcement - squid 2005-03-08 Conectiva Updates (secure conectiva com br) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ -- CONECTIVA LINUX SECURITY ANNOUNCEMENT - ------------------------------------------------------------------------ -- PACKAGE : squid SUMMARY : Fixes for multiple squid vuln [ more ] [ reply ] |
|
Privacy Statement |
on-line. I thought it would be of interest to
readers of this list. --dr)
CanSecWest Security Masters Dojo
----------------------------------------
Dates: Morning/Afternoon May 3 and Morning May 4
(Immediately preceeding CanSecWest/core05)
Venu
[ more ] [ reply ]