BugTraq Mode:
(Page 1424 of 1748)  < Prev  1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429  Next >
SQL Injection in phpBT (bug.php - Add) 2004-11-12
Jérôme ATHIAS (jerome athias fr)


_ _ ______ _

| | | | | _ \ | |

| |_| | _____ __ | | | |__ _ _ __| | __

| _ |/ _ \ \ /\ / / | | | / _` | '__| |/ /

| | | | (_) \ V V / | |/ / (_| | | | <

\_| |_/\___/ \_/\_/ |___/ \__,_|_| |_|\_

http://www.howdark.com

[ more ]  [ reply ]
IPSwitch-IMail-8.13 Stack Overflow in the DELETE Command 2004-11-12
Jérôme ATHIAS (jerome athias fr)


#!/usr/bin/perl -w

###################################

#

# IPSwitch-IMail-8.13-DELETE

#

# Discovered by : Muts

# Coded by : Zatlander

# WWW.WHITEHAT.CO.IL

#

##################################

#

# Plain vanilla stack overflow in the DELETE command

# Restrictions:

# - Need valid authe

[ more ]  [ reply ]
TWiki search function allows arbitrary shell command execution 2004-11-12
Hans Ulrich Niedermann (hun bawue de)
VULNERABLE SOFTWARE VERSIONS

TWiki http://twiki.org/

- TWiki 20030201 (e.g. Debian Sarge)
- probably later versions

- Subversion repository at
<http://ntwiki.ethermage.net:8181/svn/twiki/trunk>
at least until revision 3224 (including)

ATTACK VECTORS

HTTP GET requests towards the Wiki serve

[ more ]  [ reply ]
Eudora 6.2 attachment spoof 2004-11-13
psz maths usyd edu au (Paul Szabo)
Eudora 6.2 (==6.2.0.14) for Windows was released on 8 Nov 04. The release
notes

http://www.eudora.com/download/eudora/windows/6.2/RelNotes.txt

say:

> SECURITY
> --------
> Fixed cases where attachments could be spoofed via base64 or quoted-printable
> encoded (plain-text, inline) MIME parts.

S

[ more ]  [ reply ]
phpBB Code EXEC (v2.0.10) 2004-11-13
jessica soules (admin howdark com)


_ _ ______ _

| | | | | _ \ | |

| |_| | _____ __ | | | |__ _ _ __| | __

| _ |/ _ \ \ /\ / / | | | / _` | '__| |/ /

| | | | (_) \ V V / | |/ / (_| | | | <

\_| |_/\___/ \_/\_/ |___/ \__,_|_| |_|\_http://www.howdark.com

[ more ]  [ reply ]
SQL Injection in phpBT (bug.php) 2004-11-13
jessica soules (admin howdark com)


_ _ ______ _

| | | | | _ \ | |

| |_| | _____ __ | | | |__ _ _ __| | __

| _ |/ _ \ \ /\ / / | | | / _` | '__| |/ /

| | | | (_) \ V V / | |/ / (_| | | | <

\_| |_/\___/ \_/\_/ |___/ \__,_|_| |_|\_http://www.howdark.com

[ more ]  [ reply ]
Crash in Secure Network Messenger 1.4.2 2004-11-12
Luigi Auriemma (aluigi autistici org)

#######################################################################

Luigi Auriemma

Application: Secure Network Messenger
http://www.networkmessengers.com/msg/
Versions: <= 1.4.2
Platforms: Windows
Bug: crash
Exploitation: remote
Date

[ more ]  [ reply ]
Sudo version 1.6.8p2 now available (fwd) 2004-11-12
je sekure net

---------- Forwarded message ----------
Date: Fri, 12 Nov 2004 09:21:07 -0700
From: Todd C. Miller <Todd.Miller (at) courtesan (dot) com [email concealed]>
To: sudo-announce (at) sudo (dot) ws [email concealed]
Subject: [sudo-announce] Sudo version 1.6.8p2 now available

Sudo version 1.6.8, patchlevel 2 is now available. It includes a fix
for a security

[ more ]  [ reply ]
Vulnerability not with vBulletin 2004-11-12
Kier Darby (kier vbulletin com)
The vulnerability listed here is in a third-party 'hack' script, which is
not part of vBulletin itself, and is beyond the control of the vBulletin
developers.

___________________________
Kier Darby
Product Manager, vBulletin

>From: "Dr. Death"
>To: bugtraq (at) securityfocus (dot) com [email concealed]
>Subject: SQL injectio

[ more ]  [ reply ]
[SECURITY] [DSA 592-1] New ez-ipupdate packages fix format string vulnerability 2004-11-12
joey infodrom org (Martin Schulze)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 592-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
November 12th, 2004

[ more ]  [ reply ]
Security flaw in ALCATEL/THOMSON Speed Touch Pro ADSL modems 2004-11-12
Gregory Duchemin (c3rb3r sympatico ca)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

TITLE: Security flaw in ALCATEL/THOMSON Speed Touch Pro ADSL modems
(http://www.speedtouchdsl.com/)

TYPE: DNS poisonning over DHCP

QUOTE from http://www.speedtouchdsl.com/:

It's all about the bottom line, isn't it? That's why your competitors
are i

[ more ]  [ reply ]
[USN-24-1] openssl script vulnerability 2004-11-11
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-24-1 November 11, 2004
openssl script vulnerability
CAN-2004-0975
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog

[ more ]  [ reply ]
[USN-23-1] apache2 vulnerability 2004-11-11
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-23-1 November 11, 2004
apache2 vulnerability
CAN-2004-0942
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The

[ more ]  [ reply ]
[ GLSA 200411-21 ] Samba: Remote Denial of Service 2004-11-11
Matthias Geerdsen (vorlon gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200411-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
Unofficial Internet Explorer FRAME/IFRAME fix 2004-11-12
Thomas Rogg (tr-lists cherryware de)
Hello list,

http://www.cherryware.de/framefix/

This is a program, which patches the FRAME/IFRAME vulnerability
described on the mailing list SecurityFocus
<http://www.securityfocus.com/archive/1/380175>
(http://www.securityfocus.com/archive/1/380175) on Windows 2000 and XP.
This vulnerability

[ more ]  [ reply ]
Contact in HP related to OpenView / Coda 2004-11-11
Noam Rathaus (noamr beyondsecurity com)
Hi,

Does anyone know a point of contact in HP related to their OpenView / Coda
programs?

--

Noam Rathaus
CTO
Beyond Security Ltd.

http://www.beyondsecurity.com
http://www.securiteam.com

[ more ]  [ reply ]
[USN-22-1] samba vulnerability 2004-11-10
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-22-1 November 10, 2004
samba vulnerability
CAN-2004-0930
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The fo

[ more ]  [ reply ]
RE: Evidence Mounts that the Vote Was Hacked 2004-11-11
David Hayden (dahayden clubhayden com)
It is not a statistical deviation when compared to the two previous
elections in the same areas. The article simply wrote that off as
probable fraud then too. Hardly objectivism nor computer news worthy. It
also neglected to mention when quoting Dick Morris that the exit poll
sampling of women was w

[ more ]  [ reply ]
RE: Norton AntiVirus Script Blocking Exploit -- Symantec's response 2004-11-11
Daniel Milisic (dmilisic myrealbox com)
Hello,

This is regarding my post on FD from a couple of days ago:
Unfortunately it got bounced by Bugtraq.

Norton AntiVirus 2004/2005 Scripting Vulnerability Pt.3
http://seclists.org/lists/fulldisclosure/2004/Nov/0160.html

I slapped together a flash movie of the NAV Vulnerability in action so
an

[ more ]  [ reply ]
[ GLSA 200411-22 ] Davfs2, lvm-user: Insecure tempfile handling 2004-11-11
Sune Kloppenborg Jeppesen (jaervosz gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200411-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
Re: New URL spoofing bug in Microsoft Internet Explorer 2004-11-11
http-equiv (at) excite (dot) com [email concealed] (1 malware com)


Since we're going the whole nine yards here, let's toss in the following
as well:

1. This will of course give a different reading in the status bar
2. More importantly it will bypass the so-called 'popup blocker' in IE XP
SP2

It's a hand-made Excel spreadsheet using OWC11 for Office 2003. One

[ more ]  [ reply ]
[ GLSA 200411-18 ] Apache 2.0: Denial of Service by memory consumption 2004-11-10
Matthias Geerdsen (vorlon gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200411-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
[USN-21-1] libgd vulnerabilities 2004-11-09
Martin Pitt (martin pitt canonical com)
===========================================================
Ubuntu Security Notice USN-21-1 November 09, 2004
libgd vulnerabilities
CAN-2004-0990
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The

[ more ]  [ reply ]
(Page 1424 of 1748)  < Prev  1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus