BugTraq Mode:
(Page 1411 of 1748)  < Prev  1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416  Next >
php unserialize 2004-12-15
Martin Eiszner (martin websec org)

==============================================================
SEC-CONSULT Security Advisory PHP - 4.3.9 unserialize function
======================OOOOOOOOOOOO============================

Product: PHP 4.3.9 (Win32/Unix)
Remarks: no other Versions tested but very likely vulnerable

V

[ more ]  [ reply ]
CSS in phpBB 1.4.4 2004-12-15
SandI] (agent050 sama ru)
I found a bug in quite old forum system phpBB 1.4.4

phpBB 1.4.4 is vulnerable to Cross Site Scripting Attack.

[Vulnerable]

You can put vbscript in [img] bbcode tags.
For example:

[img]vbscript: alert(document.cookie)[/img]

Author: Gurjanov Ilia or Net
agent050 (at) sama (dot) ru [email concealed]

[ more ]  [ reply ]
STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWiki 2004-12-15
advisory stgsecurity com


STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files

with multiple extensions in MoniWiki

Revision 1.0

Date Published: 2004-12-15 (KST)

Last Update: 2004-12-15

Disclosed by SSR Team (advisory (at) stgsecurity (dot) com [email concealed])

Summary

========

MoniWiki is a wiki web application us

[ more ]  [ reply ]
iwebnegar is vulnerable to all kind of sql injections 2004-12-15
shervin khaleghjou (oil_karchack yahoo com)


----------------www.karchack.com----------------

----------------www.karchack.net----------------

describtion :

iwebnegar is farsi weblog software written in php

http://iwebnegar.co.sr

---------

vulnerabilities :

all files seems to be vulnerable such as comments.php , index.php and als

[ more ]  [ reply ]
Cisco Security Advisory: Default Administrative Password in Cisco Guard and Traffic Anomaly Detector 2004-12-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Default Administrative Password in Cisco Guard
and Traffic Anomaly Detector

Revision 1.0

For Public Release 2004 December 15 1900 UTC (GMT)

- ----------------------------------------------------------------------

Contents
==

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Unity Integrated with Exchange Has Default Passwords 2004-12-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=================================================================
Cisco Security Advisory: Cisco Unity Integrated with Exchange Has
Default Passwords
=================================================================

Revision 1.0: FINAL

For Public Rel

[ more ]  [ reply ]
Advisory 01/2004: Multiple vulnerabilities in PHP 4/5 2004-12-15
Stefan Esser (sesser php net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hardened-PHP Project
www.hardened-php.net

-= Security Advisory =-

Advisory: Multiple vulnerabilities within PHP 4/5
Release Date: 2004/12/15
Last Modified: 2004/12/15

[ more ]  [ reply ]
STG Security Advisory: [SSA-20041214-14] GNUBoard PHP injection vulnerability 2004-12-15
advisory stgsecurity com


STG Security Advisory: [SSA-20041214-14] GNUBoard PHP injection

vulnerability

Revision 1.0

Date Published: 2004-12-14 (KST)

Last Update: 2004-12-14

Disclosed by SSR Team (advisory (at) stgsecurity (dot) com [email concealed])

Summary

========

GNUBoard is one of widely used web BBS applications in Korea. Because of

[ more ]  [ reply ]
MSIE DHTML Edit Control Cross Site Scripting Vulnerability 2004-12-15
Paul (paul greyhats cjb net)


Note: This vulnerability as well as many more can be seen at http://freehost07.websamba.com/greyhats/

MSIE DHTML Edit Control Cross Site Scripting Vulnerability

[Tested]

IEXPLORE.EXE file version 6.0.2900.2180

MSHTML.DLL file version 6.00.2800.1400

Microsoft Windows XP Home SP2

[Dis

[ more ]  [ reply ]
Re: rpcl_icmpdos.c 2004-12-15
x90c (jyj9782 kornet net)
In-Reply-To: <20041214173439.24838.qmail (at) www.securityfocus (dot) com [email concealed]>

/*

* RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability Exploit.

* DATE: 12.15.2004

* Vuln Advisory : Hongzhen Zhou<felix__zhou _at_ hotmail _dot_ com>

* Exploit Writer : x90c(Kyong Joo)@www.chollian.net/~jyj9782

*

[ more ]  [ reply ]
[ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines 2004-12-15
Thierry Carrez (koon gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
[OpenPKG-SA-2004.052] OpenPKG Security Advisory (vim) 2004-12-15
OpenPKG (openpkg openpkg org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
openpkg-security (at) openpkg (dot) org [email concealed]

[ more ]  [ reply ]
3cdaemon tftp server DOS vulnerability 2004-12-15
Wang Ning (nwang scn com cn)


AUTHOR:

(Fortinet, inc)

Ning Wang<nwang_at_scn_com_cn>

DATE:

15/12/2004

PRODUCTS:

3cdaemon version 2.0 revision 10

Description:

3com product 3cdaemon is one of the most popular used tools to achieve files backup and upgrade.

Detail:

3com tftp daemon exist a vulnerability, wh

[ more ]  [ reply ]
[ GLSA 200412-09 ] ncpfs: Buffer overflow in ncplogin and ncpmap 2004-12-15
Thierry Carrez (koon gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
*nix data wipe tools 2004-12-15
Thomas C. Greene (thomas greene theregister co uk)
I've posted the final versions of a few simple, free shell scripts that i've
been working on to make data hygiene more convenient on *nix systems. Thanks
to list members who helped test them and contributed improvements.

Download them at http://basicsec.org/tools.html The file is called
LinuxW

[ more ]  [ reply ]
Re: RICOH Aficio 450/455 PCL 5e Printer ICMP DOS vulnerability 2004-12-15
Hongzhen Zhou (felix__zhou hotmail com)
In-Reply-To: <20041214173439.24838.qmail (at) www.securityfocus (dot) com [email concealed]>

Sorry, I forgot something. The below is the correct description.

---------------------------------------

If it receives a icmp packet that:

1. icmp total length is bigger than 28(8 header + 20 data)

2. icmp[0] == 3 (or 4, 11 , 12

[ more ]  [ reply ]
Security Advisory for CVS Slash 2004-12-15
Jamie McCarthy (jamie slashdot org)
There has been a security issue in CVS Slash code for the last
couple of years which was found recently. This is something that
site administrators should be concerned about.

Slash is the CMS "blog" software which runs Slashdot.org and
numerous other websites. Slashdot, and the other Slash websit

[ more ]  [ reply ]
Asante FM2008 10/100 Ethernet switch backdoor login 2004-12-15
Joe Philipps (secfocus joe philipps us)


The Asante FM2008 is an 8 port managed Ethernet 10/100 switch. It may be managed, like many others in its device class, by Telnet, by serial port, by HTTP, or by SNMP. Also like most similar devices, the serial port, HTTP, and Telnet access methods require one to provide username/password creden

[ more ]  [ reply ]
Multiple phpGroupWare Vulnerabilities [ phpGroupWare 0.9.16.003 && Earlier ] 2004-12-15
GulfTech Security (security gulftech org)


##########################################################
# GulfTech Security Research December 14th, 2004
##########################################################
# Vendor : phpGroupWare
# URL : http://www.phpgroupware.org
# Version : phpGroupWare 0.9.16.003
# Risk : Multiple Vu

[ more ]  [ reply ]
HyperTerminal - Buffer Overflow In .ht File 2004-12-14
Brett Moore (brett moore security-assessment com)
========================================================================

= HyperTerminal - Buffer Overflow In .ht File
=
= MS Bulletin posted:
= http://www.microsoft.com/technet/security/bulletin/MS04-043.mspx
=
= Affected Software:
= Microsoft Windows NT Server 4.0 SP 6a
= Microsoft Win

[ more ]  [ reply ]
[USN-38-1] Linux kernel vulnerabilities 2004-12-14
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-38-1 December 14, 2004
linux-source-2.6.8.1 vulnerabilities
CAN-2004-0814, CAN-2004-1016, CAN-2004-1056, CAN-2004-1058,
CAN-2004-1068, CAN-2004-1069, CAN-2004-1137, CAN-2004-1151
==============================

[ more ]  [ reply ]
[Correction For]: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory 2004-12-14
Secure Network Operations, Inc. (advisory secnetops com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Greetings List,
All Symantec 2005 versions of the retail product shipped with
LiveUpdate v2.5 are not vulnerable to the elevation of privilege
attack identified in SRT2004-12-14-0322. These corrections have been
made to the advisory which will be po

[ more ]  [ reply ]
iDEFENSE Security Advisory 12.13.04: Adobe Reader 6.0 .ETD File Format String Vulnerability 2004-12-14
customer service mailbox (customerservice idefense com)
Adobe Reader 6.0 .ETD File Format String Vulnerability

iDEFENSE Security Advisory 12.13.04
www.idefense.com/application/poi/display?id=163&type=vulnerabilities
December 14, 2004

I. BACKGROUND

Adobe Acrobat Reader is a program for viewing Portable Document Format
(PDF) documents. More information

[ more ]  [ reply ]
(Page 1411 of 1748)  < Prev  1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus