BugTraq Mode:
(Page 1380 of 1748)  < Prev  1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385  Next >
RE: AWStats <= 6.4 Multiple vulnerabilities - can't reproduce in 6.3? 2005-02-15
William Pratt (wpratt megapath net)
Same thing here on both 6.3 and 6.4. I am unable to reproduce this.

Error: Can't locate object method "BuildFullHTMLOutput_print" via package "systemid" (perhaps you forgot to load "systemid"?) at (eval 1) line 1.

Setup ('/usr/local/apache/root/billpratt_net/cgi-bin/awstats/awstats.conf' file, we

[ more ]  [ reply ]
[NOBYTES.COM: #3] osCommerce 2.2-MS2 - XSS Vulnerability 2005-02-15
John Cobb (johnc nobytes com)
Hello All,

I have discovered XSS vulnerability in: osCommerce 2.2-MS2

Authors Site: http://www.oscommerce.com/

+-[Example:]--------------------------------------------------+

XSS:

http://www.victimsite.com/contact_us.php?&name=1&email=1&enquiry=%3C/tex
tare
a%3E%3Cscript%3Ealert('w00t');%3C/scr

[ more ]  [ reply ]
Scottsave.com Trade History Exploit 2005-02-15
Ben Efros (befros gmail com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

************************************************************************
*****
SCOTTSAVE.COM TRADE HISTORY EXPLOIT
************************************************************************
*****
RISK TO CUSTOMER
Extremely High

******

[ more ]  [ reply ]
Scottrader Application Exploit 2005-02-15
Ben Efros (befros gmail com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

************************************************************************
*****
SCOTTRADER APPLICATION EXPLOIT
************************************************************************
*****
RISK TO CUSTOMER
Extremely High

*******

[ more ]  [ reply ]
RE: Microsoft Baseline Security Analyzer not seeing KB887742 and KB88 6185 Correction 2005-02-15
James Lay (jlay ameriben com)
Ok....so it's actually KB887472 which was the other one....which is an MSN
Security Update. Yea...MS needs to fix this ASAP for MBSA.

James

-----Original Message-----
From: James Lay [mailto:jlay (at) ameriben (dot) com [email concealed]]
Sent: Monday, February 14, 2005 11:24 AM
To: BuqtraqNT (E-mail); BugtraqSecurity (E-mai

[ more ]  [ reply ]
Re: eBay Account Phishing with eBay Redirect 2005-02-15
Jay Calvert (jcalvert habaneronetworks com)


The flaw still exists, there is a demo and description of the redirect URL at http://habaneronetworks.com/viewArticle.php?ID=136

Ebay has been notified and is aware of the problem.

--
Jay Calvert
http://habaneronetworks.com

[ more ]  [ reply ]
IE6 SP1 - Click N Crash 2005-02-15
ViPeR (viper31337 yahoo co in) (1 replies)
hi,

Affected Software : Microsoft Internet Explorer
Vulnerability : Remote DOS / Crash
Tested On : MS IE 6.0 SP1, Win2K SP4, [up-to-date]
according to windowsupdate.com

Discovered by : Gregory R. Panakkal

HomePage : http://www.crapware.tk

Details
=======
Pointing a link to the URI -> file://!:\

[ more ]  [ reply ]
Re: IE6 SP1 - Click N Crash is old news 2005-02-15
Berend-Jan Wever (skylined edup tudelft nl)
MDKSA-2005:037 - Updated mailman packages fix directory traversal vulnerability 2005-02-15
Mandrakelinux Security Team (security linux-mandrake com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: mailman
Advisory ID:

[ more ]  [ reply ]
[SECURITY] [DSA 682-1] New awstats packages fix arbitrary command execution 2005-02-15
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 682-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
February 15th, 2005

[ more ]  [ reply ]
ASPjar Guestbook login.asp not official patch 2005-02-15
CorryL (corryl sitoverde com)
..::x0n3-h4ck.org Italian Security Team::..

ASPjar Guestbook login.asp not official patch

Application: Aspjar Guestbook
Version: 1.0
Bug: Sqj injection
Vendor : not attainable

DETAILS

Supply in the password field ' or ''=', this should allow you to bypass
the authentication process used by AS

[ more ]  [ reply ]
[SECURITY] [DSA 683-1] New postgresql packages fix arbitrary code execution 2005-02-15
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 683-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
February 15th, 2005

[ more ]  [ reply ]
[ GLSA 200502-19 ] PostgreSQL: Buffer overflows in PL/PgSQL parser 2005-02-14
Sune Kloppenborg Jeppesen (jaervosz gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200502-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
(Page 1380 of 1748)  < Prev  1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus