|
|
Colapse all |
Post message
Re: IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] ) in computed field/text, allowing XSS 2004-10-18 Juan C Calderon (juan calderon ge com) In-Reply-To: <20041018184817.32681.qmail (at) www.securityfocus (dot) com [email concealed]> Regarding the Trivial example I sent: >>http://www.SomeLotusSite.com/FormReflectingURLValue?OpenForm&Field=[&l t;script>.....</script>] Please replace < with "Less Than" character and > with "greater than" character [ more ] [ reply ] [SECURITY] [DSA 568-1] New cyrus-sasl-mit packages fix arbitrary code execution 2004-10-16 joey infodrom org (Martin Schulze) [SECURITY] [DSA 556-2] New netkit-telnet packages really fix denial of service 2004-10-18 joey infodrom org (Martin Schulze) [FLSA-2004:1237] Updated gaim package resolves security issues 2004-10-16 Marc Deslauriers (marcdeslauriers videotron ca) [FLSA-2004:2072] Updated CUPS packages fix security vulnerability 2004-10-16 Marc Deslauriers (marcdeslauriers videotron ca) IBM Lotus Notes/Domino fails to encode Square Brackets ( [ ] ) in computed field/text, allowing XSS 2004-10-18 Juan C Calderon (juan calderon ge com) Software: IBM Lotus Notes/Domino Affected Version(s): Tested in R6 should work in prior versions as well. Author: Juan C Calderon Description: An attacker can bypass native Lotus Notes HTML encoding in a computed value by adding square brackets to the beginning and end of a field of t [ more ] [ reply ] Re: Norton AntiVirus 2004 Script Blocking Failure (Includes PoC and rant) 2004-10-18 secure symantec com In-Reply-To: <416F7ABB.8070502 (at) myrealshoebox (dot) com [email concealed]> Symantec is aware of this posting. Symantec engineers are reviewing this issue. If it is validated we will respond accordingly. Symantec takes the security of our products seriously. We are a responsible disclosure organization. We would lik [ more ] [ reply ] Re: Directory traversal in Yak! 2.1.2 2004-10-16 bil (bil_912 coolgoose com) In-Reply-To: <20041015193318.3257e4eb.aluigi (at) autistici (dot) org [email concealed]> ======================================================================== === in a previous post i reported this issue. http://www.securityfocus.com/bid/8581/ http://cert.uni-stuttgart.de/archive/bugtraq/2003/11/msg00222.html i'm NOT s [ more ] [ reply ] Re: EEYE: Windows VDM #UD Local Privilege Escalation 2004-10-14 Jim Hatfield (subscriber insignia com) On Wed, 13 Oct 2004 05:45:50 +0100, in local.bugtraq you wrote: >This vulnerability is located in a portion of the Windows kernel that >handles some low-level aspects of executing 16-bit code inside a Virtual >DOS Machine (VDM). A certain invalid opcode byte sequence is used in >the 16-bit DOS emu [ more ] [ reply ] Re: [IE 6 SP2] Possible URL Spoofing 2004-10-16 http-equiv (at) excite (dot) com [email concealed] (1 malware com) <!-- javascript:document.write("<iframe src='http://www.google.com' width='100%' height='100%'></iframe>"); --> This is representative of a generic cross-site-scripting situation. The homepage idea is a good one, but to date it seems impossible to break the silly security warning. From a [ more ] [ reply ] [SECURITY] [DSA 569-1] New netkit-telnet-ssl packages fix denial of service 2004-10-18 joey infodrom org (Martin Schulze) iDEFENSE Security Advisory 10.18.04: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability 2004-10-18 customer service mailbox (customerservice idefense com) Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability iDEFENSE Security Advisory 10.18.04 www.idefense.com/application/poi/display?id=153&type=vulnerabilities October 18, 2004 I. BACKGROUND This vulnerability affects multiple anti-virus vendors including McAfee, Computer Associates, [ more ] [ reply ] [FLSA-2004:1804] Updated kernel resolves security vulnerabilities 2004-10-18 Dominic Hargreaves (dom earth li) cPanel hardlink chown issue 2004-10-18 Karol Wiêsek (appelast drumnbass art pl) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: cPanel Vendor URL: http://www.cpanel.net Author: Karol Wiêsek <appelast (at) drumnbass.art (dot) pl [email concealed]> Date: July 31, 2004 Issue: cPanel allows logged in users to change ownership of any file to their uid:gid. Description: cPanel is a next generation [ more ] [ reply ] cPanel hardlink backup issue 2004-10-18 Karol Wiêsek (appelast drumnbass art pl) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: cPanel Vendor URL: http://www.cpanel.net Author: Karol Wiêsek <appelast (at) drumnbass.art (dot) pl [email concealed]> Date: July 19, 2004 Issue: cPanel backup feature allows logged in users to read any file, including they have not permission to read to. Descript [ more ] [ reply ] cPanel symlink chmod issue 2004-10-18 Karol Wiêsek (appelast drumnbass art pl) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: cPanel Vendor URL: http://www.cpanel.net Author: Karol Wiêsek <appelast (at) drumnbass.art (dot) pl [email concealed]> Date: September 30, 2004 Issue: cPanel allows logged in users to change permission of any file to 755. Description: cPanel is a next generation web [ more ] [ reply ] Mutiple AntiVirus Reserved Device Name Handling Vulnerability 2004-10-18 Sowhat . (smaillist gmail com) Mutiple AntiVirus Reserved Device Name Handling Vulnerability Author:Sowhat Date:October,9th,2004 http://secway.org/Advisory/Ad20041009.txt Vendor: AntiVir www.hbedv.com Twister www.filseclab.com Protector plus 2000 www.pspl.com Overview: As many popular AV's "Reserved Device Name Handling Vu [ more ] [ reply ] Web browsers - a mini-farce 2004-10-18 Michal Zalewski (lcamtuf ghettot org) Good morning, I wanted to file a vague report a couple of potentially exploitable vulnerabilities and DoS conditions in popular browsers, announce a useful web browser testing tool, and stir some controversy - all in one short post. Let me know how I doing. 1) Background - the tool In my spare [ more ] [ reply ] ms04-031 pre-auth ?? 2004-10-18 Sinan Eren (sinan eren immunitysec com) http://www.microsoft.com/technet/security/bulletin/ms04-031.mspx We have located the vulnerable function and just recently wrote the CANVAS module for it but all our tests showed that the NetDDE vulnerability can not be exploited with a NULL session a.k.a with "Anonymous Logon" credentials. He [ more ] [ reply ] Re: Format String Vulnerability in Valve's CS-Source 2004-10-15 Some One (mc iglo ddclan de) In-Reply-To: <20041014192836.47e3964d.aluigi (at) autistici (dot) org [email concealed]> Hi, This is way to technical for me, but i dont think so i just found out, that not only the own client and the server crashes, if my name is '%n'! even all other conencted clients crash > >If this is the same bug I reported over o [ more ] [ reply ] Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory 2004-10-15 marco correnti (correntim mail com) Hi John I have done a check for the asycpict.dll in 4 different XP system and i did not found it. A search done at the Microsoft web site shows that this dll is installed only with Frontpage 97 and 98. http://support.microsoft.com/default.aspx?scid=kb;en-us;144190 http://support.microsoft.com/defaul [ more ] [ reply ] [Powie's PSCRIPT Forum] Multiple SQL-Injection Vulnerabilities 2004-10-15 Christoph Jeschke (ponders arcor de) IISShield and ASP.NET canonicalization 2004-10-13 Tiago Halm (thalm void my-bulldog com) All, A lot of fuzz has come around the canonicalization issue found with IIS and ASP.NET forms authentication. One of the main worries has been if IISShield is an effective measure to prevent this kind of exploit. So, is it effective? Yes! Since ISAPI Filters will be the main topic, here goes. IS [ more ] [ reply ] |
|
Privacy Statement |
Gentoo Linux Security Advisory GLSA 200410-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
[ more ] [ reply ]