- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-92-1 March 07, 2005
lesstif1-1 vulnerabilities
CAN-2005-0605
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

[ more ]  [ reply ]

-- == -- == -- == -- == -- == -- == -- == -- == -- == --
Name: phpWebLog
Version: <= 0.5.3
Homepage: http://phpweblog.org/

Author: Filip Groszynski (VXSfx)
Date: 7 March 2005
-- == -- == -- == -- == -- == -- == -- == -- == -- == --

Vulnerable code in include/init.inc.php:

[ more ]  [ reply ]

-- == -- == -- == -- == -- == -- == -- == -- == -- == --
Name: PHP mcNews
Version: 1.3
Homepage: http://www.phpforums.net/index.php?dir=dld

Author: Filip Groszynski (VXSfx)
Date: 7 March 2005
-- == -- == -- == -- == -- == -- == -- == -- == -- == --

Vulnerable code in mcNew

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--

PACKAGE : kernel
SUMMARY : Kernel fixes
DATE : 200

[ more ]  [ reply ]

Argeniss Security Advisory

Name: Oracle Database Server Directory transversal
Affected Software: Oracle Database Server versions 8i
and 9i
Severity : Medium
Remote exploitable: Yes (Authentication to Database
Server is needed)
Credits: Cesar Cerrudo
Date: 03/07/05
Advisory Number: ARG0305

[ more ]  [ reply ]

##################################################################
# #
# See-security Technologies ltd. #
# #
# http://www.se

[ more ]  [ reply ]

In-Reply-To: <41EAA8C8.6050600 (at) iname (dot) com [email concealed]>

>phpGiftReq doesn't validate the parameters. This allows SQL Injection
>and modification of data in the database.
>
>This vulnerability has been tested with phpGiftReq 1.4.0

Fixed these flaws and many others in 1.5.0b1.

[ more ]  [ reply ]

Below is a periodic public report from the drone armies / botnets
research and mitigation mailing list.
For this report it should be noted that we base our analysis on the data
we have accumulated from various sources.

According to our incomplete analysis of information we have thus far, we
now pub

[ more ]  [ reply ]

I found an exploit in the current version of php-fusion which allows you to input XSS in the [IMG] tag. I reported it already to php-fusion and they created a fix for this. Here it goes:

By converting the text (ie. javascript:alert('test')) to their ascii values, the strings between the [img][/im

[ more ]  [ reply ]

This one goes for all phpBB versions up to 2.0.13. While applying and testing the patch for the autologin bug I found that phpBB2 doesn't reset the $userdata['user_level'] variable after a failed autologin.

This is the vulvernable code in sessions.php:

if ( $user_id != ANONYMOUS )
{
$auto_lo

[ more ]  [ reply ]

Greetings,

It seems there is a variant of perl.Santy going around that has been altered to exploit all versions of vBulletin below 3.0.6. Jelsoft has released 3.0.7 last week. So it is best to upgrade your forums or use the supplied patch available on www.vbulletin.com/forum/

The worm source: h

[ more ]  [ reply ]

#!/usr/bin/perl -w

# Remote Testing SocialMPN Remote File Inclusion by y3dips [for testing only]
# Bug find by zer0-c00l ,
# Bug published at http://waraxe.us/ftopic-542-0-days0-orderasc-.html

print " * Remote Testing File Inclusion for SocialMPN by y3dips *\n";

require LWP::UserAgent;

if

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

after unsuccessfully attempting to find contact information of anyone who
can address or correct this, here's a public disclosure.

Vulnerability Name
Lingo VoIP ATA / UTStarcom iAN-02EX remote access vulnerability

Overview
the UTStarcom iAN-0

[ more ]  [ reply ]

In-Reply-To: <20050304163537.GA24606 (at) c9x (dot) org [email concealed]>

The bugzilla entry is http://bugzilla.gnome.org/show_bug.cgi?id=169113

The vendor has reponsed:
------- Additional Comment #2 From sven (at) gimp (dot) org [email concealed] 2005-03-03 12:51 -------
Added a sanity check in CVS HEAD. I don't consider this worth to be backported
to

[ more ]  [ reply ]

Gene6 FTP Server Local Privilege Escalation Vulnerability

By Sowhat
03.Mar.2005
http://secway.org/Advisory/ad20050303.txt

Product:
Gene6 FTP Server

Vendor:
Gene6 Sarl Inc.

(1) Introduction

Gene6 FTP Server is a popular FTP Server for Microsoft Windows platforms.
For more information: www.G6

[ more ]  [ reply ]

Hi security community,

this is my first publication I post on Bugtraq, so please be patient with me.

Since the recent problems with IDN, I wanted to clear up my thoughts on
homograph attacks, so I sorted everything in an article which also contains
what I believe to be an easy and general soluti

[ more ]  [ reply ]

Just a simple Perl Script for this exploit.
I hope it is usefull for some of you

------------------------------------------------------------------------
------------------------

#!/usr/bin/perl

# phpBB 2.0.12 Session Handling Administrator Authentication
# Bypass EXPLOIT
# written by ph

[ more ]  [ reply ]

===========================================================
Ubuntu Security Notice USN-91-1 March 07, 2005
libexif vulnerabilities
https://bugzilla.ubuntulinux.org/7152
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu

[ more ]  [ reply ]

[badroot security] PHP Form Mail Script <= 2.3 arbitrary file inclusion
POC exploit

=- Description -=

A simple POC exploit for PHP Form Mail Script <= 2.3 arbitrary file
inclusion vulnerability discovered by Filip Groszynski.

=- Exploit -=

#!/usr/bin/python
# Form Mail Script (FS) remote file

[ more ]  [ reply ]

This is a POC for Real's Realplayer 10 .smil file local buffer
overflow vulnerability.
Code Attached.

[ more ]  [ reply ]

---------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated php packages fix security issues
Advisory ID: FLSA:2344
Issue date: 2005-03-07
Product: Red Hat Linux, Fedora Core
Keywords:

[ more ]  [ reply ]

The security flaw
When sending a large amount of data to the SentinelLM service, it will
result in a buffer overflow
where the Extended Instruction Pointer are overwritten, allowing arbitrary
code being run on the server,
with the rights of the service.

About SafeNet inc.
SafeNet provides complet

[ more ]  [ reply ]

POC Exploit for vulnerability discovered by eEye.com (http://eeye.com/html/research/advisories/AD20050302.html).

/*
Computer-Associates, License Client Service Stack Overflow

Homepage: ca.com
Affected version: v1.61 and below (in eTrust, Unicenter, BrightStor, etc..)
Patched version: hotfix
Lin

[ more ]  [ reply ]

---------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated subversion packages fix security issues
Advisory ID: FLSA:1748
Issue date: 2005-03-07
Product: Red Hat Linux
Keywords: Bugfi

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]