Description:
============

This vulnerability, are based on the equal characteristics discovered by the
company GreyMagic Software of Israel in some of the versions of the
navigator Opera.

This bug also is available in the popular MS Internet Explorer, which could
be operated by a remote user to ac

[ more ]  [ reply ]

---Software---

Hastymail is a web based IMAP client written in PHP4 released under the
GNU GPL. More information about Hastymail can be found at our homepage:

http://hastymail.sourceforge.net

---Problem---

A problem was discovered yesterday regarding the use of the "download"
link to down

[ more ]  [ reply ]

WebAPP is advertised as the internet's most feature rich,

easy to run PERL based portal system.

Its home site is at http://www.web-app.org/

Some features are :

-Easy to Install on standard Unix servers!

(Windows user-supported only!)

-User Profiles

-Message forums

-Pr

[ more ]  [ reply ]

Most people i talked to consider the Internet Explorer drag and drop
vulnerability found by http-equiv not as a serious problem, because it
requires some user interaction and the press pushes this topic way to much
as the "first security problem in SP2". In an article on BetaNews even
Microsoft

[ more ]  [ reply ]

Letter sent to Webroot a few weeks back, no response as of yet:

Hi,

I'm currently writing a tech paper on the recovery of information from

used hard drives.

And after doing some experimenting with different types of security/privacy software I found that your product, Window Washer 5.5,

[ more ]  [ reply ]

A while ago I "discovered" that CMD.EXE would launch renamed executables. I
felt that this was a security problem because until fairly recently most
virus scanners would be checking .exe, .com, .pif etc for viruses but would
not bother scanning .txt files, and of course email attachment filtering
wo

[ more ]  [ reply ]

Hi,

I've sent this "advisory" to the suphp author over 2 weeks ago and to
the suphp mailinglist more than 1 week ago.
Until now, I didn't get a reply so I'm assuming noone could care less.

This information is intended for people who plan to use suphp as a
replacement for the standard PHP module in

[ more ]  [ reply ]

____ ____ __ __
/ \ / \ | | | |
----====####/ /\__\##/ /\ \##| |##| |####====----
| | | |__| | | | | |
| | ___ | __ | | | | |
------======######\ \/ /#| |#

[ more ]  [ reply ]

+-------[ Software ]--------------+

Hafiye [1.0] "POSIX-compliant, customizable TCP/IP packet sniffer."

+-------[ Tested Versions ]--------------+

Hafiye[1.0]
Tested on:Linux(Hafiye compiled from tarball)
FreeBSD 4.7 (Installed from CD)

+-------[ Vulnera

[ more ]  [ reply ]

Yahoo! E-mail Service Vulnerability

Release Date:

August 23, 2004

Severity:

Critical (Potential web-based e-mail worm)

Systems Affected:

Other web-based e-mail systems may be vulnerable.

Internet Explorer and any software application used for reading Yahoo

e-mail messages.

(The

[ more ]  [ reply ]

Hi,

i don't remember to have seen this info here...

If information is knowledge and knowledge is power, then Google must be all powerful. I say this because of the thing you can find on Google if you know how to look for them. A new Google hack has come to my attention that brings back some

[ more ]  [ reply ]

Discovered and Exploit Coded by: Tal0n

[cyber_talon (at) hotmail (dot) com [email concealed]]

URL: http://musicdaemon.sourceforge.net

Note: This was 0day for several months.. I decided to

turn it in because

there may be 10 whole boxes in the world running

this.. and its not very

handy sitting around on my

[ more ]  [ reply ]

/* Public disclosure due lack of responce from Axis Communications */

I have found a couple of bugs in Axis Network Camera/Video Servers.
(I have all Axis stuff in one e-mail, instead of multiple, lazy me.. ;)

Vulnerable: Axis 2100/2110/2120/2420/2130 Network Camera, 2400/2401 Video Server.
(Ther

[ more ]  [ reply ]

In-Reply-To: <20040820225036.17877.qmail (at) www.securityfocus (dot) com [email concealed]>

>B. Unspecified File Download Vulnerability

>

>B1. An error in the MyDMS software allows to a

>registered users (and only to

>registered users) to download any file, such

>as /etc/passwd, by inserting in a

>parame

[ more ]  [ reply ]

Description

========

Browser DoS through viewing of a malicious page that repeatedly loads iframes of C:\Windows\System32 using 100% cpu

Tested on Mozilla Firefox 0.9.3, Opera 7.54 and IE 6.0 - Opera gives the error "The address type is unknown or unsupported" over and over

POC

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all.
I test the last version that I (and everybody) can find in the web.

http://sourceforge.net/projects/phpmywebhosting/

(the version 0.3.4)
Please try the bug whit this version.
I put this version of you panel in the page :
http://www.root-solut

[ more ]  [ reply ]

Donato Ferrante

Application: Bird Chat
http://birdchat.sourceforge.net/

Version: 1.61

Bug: Denial Of Service

Date: 23-Aug-2004

Author: Donato Ferrante
e-mail: fdonato (at) autistici (dot) org [email concealed]
web: www.au

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200408-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

------------------------------------------------------------------------
---

Multiple Cross Site Scripting Vulnerabilities

in eGroupWare

------------------------------------------------------------------------
---

Author: Joxean Koret

Date: 2004

Location: Basque Country

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

KDE Security Advisory: Konqueror Cross-Domain Cookie Injection
Original Release Date: 2004-08-23
URL: http://www.kde.org/info/security/advisory-20040823-1.txt

0. References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0746

1. Syste

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200408-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200408-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[ more ]  [ reply ]

Indonesia Security Development Team (Indohack)
http://indohack.sourceforge.net/drponidi
========================================================================
===
Security Advisory

Advisory Name: JShop Input Validation Hole in 'page.php' Permits Cross-Site Scripting Attacks
Platform: Linux

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: aspell: Buffer overflow in word-list-compress
Date: August 23, 2004
Bugs: #53389
ID: 200406-14:02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Erra

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200408-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

------------------------------------------------------------------------
---

Multiple vulnerabilities in MyDMS

------------------------------------------------------------------------
---

Author: Joxean Koret

Date: 2004

Location: Basque Country

------------------

[ more ]  [ reply ]