|
|
Colapse all |
Post message
Multiple vulnerabilities in RealPlayer (#NISR11062004) 2004-06-11 NGSSoftware Insight Security Research (nisr nextgenss com) NGSSoftware Insight Security Research Advisory Name: REAL One Player code execution through malformed media file Systems Affected: RealOne Player (English), RealOne Player v2 (all languages), RealPlayer 10 (English, German and Japanese), RealPlayer 8 (all languages), RealPlayer Enterprise (all [ more ] [ reply ] [OpenPKG-SA-2004.028] OpenPKG Security Advisory (subversion) 2004-06-11 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] Re: Blackboard Learning System - [addition] 2004-06-11 Maarten Verbeek (system_error pandora be) In-Reply-To: <20040610201427.7801.qmail (at) www.securityfocus (dot) com [email concealed]> Dates ----- 04/05/2004: Discovery of the bug 06/05/2004: Reported the bug to blackboard.com 09/06/2004: Blackboard.com provided a solution for the problem 10/06/2004: Public release Kind regards killer http://www.mostly-harm [ more ] [ reply ] Notes: COELACANTH: Phreak Phishing Expedition 2004-06-10 http-equiv (at) excite (dot) com [email concealed] (1 malware com) Let me add some notes to this: 1. Placing microsoft.com in the so-called 'trusted zone', will render the site contents of e-gold.com in the 'trusted zone' 2. Opera fails, Mozilla functions 3. While it may appear to be related to the html form, the same can be achieved with a normal href or no [ more ] [ reply ] Re: Multiple Vulnerabilities in Invision Power Board v1.3.1 Final. 2004-06-11 Hillel Himovich (hll netvision net il) In-Reply-To: <000d01c44d68$51a14ec0$05a0968c@p42800mhz> >Compromise: SQL Injection, Cross site Scripting. >Vulnerable Systems: Invision Power Board v1.3.1 Final. >Details: >An Input Validation Error exists in ssi.php. > >$sql_fields is vulnerable to An Input Validation Error. >How to exploit [ more ] [ reply ] [SNS Advisory No.74] Webmin Access Control Rule Bypass Vulnerability 2004-06-11 snsadv lac co jp (snsadv) ---------------------------------------------------------------------- SNS Advisory No.74 Webmin Access Control Rule Bypass Vulnerability Problem first discovered on: Sun, 11 Apr 2004 Published on: Fri, 11 Jun 2004 ---------------------------------------------------------------------- Overview: -- [ more ] [ reply ] FOUND: COELACANTH: Phreak Phishing Expedition 2004-06-11 http-equiv (at) excite (dot) com [email concealed] (1 malware com) From the original discover, 'bitlance winter' one big fat coelacanth: <a href="http://www.malware.com%2F redir=www.e-gold.com">test</a> "i guess that this issue is not e-gold's BUG, IE6 and Opera7.51 is vulnerable. Some server's DNS allow magic number subdomainname. the server allow , www.site [ more ] [ reply ] RE: COELACANTH: Phreak Phishing Expedition] 2004-06-11 Thor Larholm (thor pivx com) You can't replicate this with most other servers because the Host header is set to a non-existant site on most servers. Whenever IIS or Apache receives a request it will first locate the proper site based on the IP adress being used, after which it will lookup based on the Host header. In the case [ more ] [ reply ] RE: [Fwd: [Full-Disclosure] COELACANTH: Phreak Phishing Expedition] 2004-06-10 Drew Copley (dcopley eEye com) > Subject: [Full-Disclosure] COELACANTH: Phreak Phishing Expedition > From: "http-equiv (at) excite (dot) com [email concealed]" <1 (at) malware (dot) com [email concealed]> > Date: Thu, June 10, 2004 12:35 pm > To: full-disclosure (at) lists.netsys (dot) com [email concealed] > -------------------------------------------------------------- > ------------ > > > > Thur [ more ] [ reply ] RE: Potential Security Flaw in Symantec Gateway Security 360R 2004-06-10 Symantec Product Security Team (secure symantec com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec is currently investigating this issue. Our testing to this point indicates that default configurations do not appear to be vulnerable. The Symantec Product Security Team is working with the poster to try and identify the conditions where they a [ more ] [ reply ] [0xbadc0ded #04] smtp.proxy <= 1.1.3 2004-06-10 Joel Eriksson (je-secfocus bitnux com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ======================================================================== == 0xbadc0ded Advisory #04 - 2004/06/10 - smtp.proxy <= 1.1.3 ======================================================================== == Reference http://0xbadc0ded.org/adviso [ more ] [ reply ] RE: Question About Ethics and Full Disclosure 2004-06-10 Drew Copley (dcopley eEye com) > -----Original Message----- > From: Joe Klein [mailto:jsklein (at) mindspring (dot) com [email concealed]] > Sent: Wednesday, June 09, 2004 6:12 AM > To: 'Kevin E. Casey'; tommy (at) providesecurity (dot) com [email concealed]; > frogman (at) infosecwar (dot) net [email concealed] > Cc: bugtraq (at) securityfocus (dot) com [email concealed]; > security-basics (at) securityfocus (dot) com [email concealed]; > vuln-dev (at) securityfocus (dot) co [email concealed] [ more ] [ reply ] EEYE: RealPlayer embd3260.dll Error Response Heap Overflow 2004-06-10 Derek Soeder (dsoeder eEye com) RealPlayer embd3260.dll Error Response Heap Overflow Release Date: June 10, 2004 Date Reported: May 14, 2004 Severity: High (Remote Code Execution) Vendor: RealNetworks Systems Affected: RealOne Player RealOne Player v2 RealPlayer 10 RealPlayer 8 RealPlayer Enterprise Description: eEye Digita [ more ] [ reply ] [security bulletin] SSRT3456 HP-UX ftp remote unauthorized access 2004-06-10 Boren, Rich (SSRT) (rich boren hp com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBUX01050 REVISION: 0 SSRT3456 rev.0 HP-UX ftp remote unauthorized access ----------------------------------------------------------------- NOTICE: There are no restrictions for distribution of this Bulletin provided th [ more ] [ reply ] MDKSA-2004:060 - Updated ksymoops packages fix symlink vulnerability 2004-06-10 Mandrake Linux Security Team (security linux-mandrake com) RE: Internet explorer 6 execution of arbitrary code (An analysis of the 180 Solutions Trojan) 2004-06-10 Drew Copley (dcopley eEye com) > -----Original Message----- > From: Gadi Evron [mailto:ge (at) linuxbox (dot) org [email concealed]] > Sent: Monday, June 07, 2004 1:47 PM > To: Jelmer > Cc: bugtraq (at) securityfocus (dot) com [email concealed]; > full-disclosure (at) lists.netsys (dot) com [email concealed]; peter (at) diplomatmail (dot) net [email concealed] > Subject: Re: Internet explorer 6 execution of arbitrary code > (An analysis [ more ] [ reply ] RE: Question About Ethics and Full Disclosure 2004-06-10 Syste Op (sysop5 hotmail com) That's a good way of doing it. I think it would be better to shorten the period of time from 1-9 months to 1-5. When you're reporting a vulnerability, you should try and report the fix for it too. In my opinion, exploit code should be posted a few weeks after the vulnerability has been reported [ more ] [ reply ] 10 Month Old Vulnerability Continues to Be Core For Exploits 2004-06-10 Drew Copley (dcopley eEye com) http://lists.netsys.com/pipermail/full-disclosure/2004-June/022498.html http-equiv points this out well there. "All the while conveniently omitting the fact that the so- called 'vulnerability' that does the actual 'sneaking' is a time tested in both demonstration and in the wild 'feature' of M [ more ] [ reply ] [Full-Disclosure] FD info prompts M$ to summon the FBI on spy-vertisers 2004-06-10 http-equiv (at) excite (dot) com [email concealed] (1 malware com) <!-- http://zdnet.com.com/2100-1105-5229707.html http://news.com.com/2100-1002_3-5229707.html IE flaws used to spread pop-up toolbar by Robert Lemos, CNET News, 09 June 2004 "The possibility that a group or company has apparently used the vulnerabilities as a way to sneak unwanted advertising [ more ] [ reply ] Blackboard Learning System - Stealing documents out of the digital dropbox 2004-06-10 Maarten Verbeek (system_error pandora be) Advisory: Blackboard Learning System - Stealing documents out of the digital dropbox ======================================================================== == Blackboard ---------- The Blackboard Learning System is a Web-based server software platform that offers course management. Mo [ more ] [ reply ] [ GLSA 200406-06 ] CVS: additional DoS and arbitrary code execution vulnerabilities 2004-06-10 Kurt Lieber (klieber gentoo org) Edimax 7205APL 2004-06-10 msl velmans-industries nl Vendor: Edimax Type: 7205APL Firmware: 2.40a-00 Kind of bug: Security Description: Normally a user called addmin, has to create a password on the Accesspoint. When you create a back-up of the settings of your Accesspoint, it will result in a config.bin file. Opening the file in Notepad gave [ more ] [ reply ] [SECURITY] [DSA 517-1] New CVS packages fix buffer overflow 2004-06-10 joey infodrom org (Martin Schulze) Re: Multiple vulnerabilities PHP-Nuke 2004-06-09 Squid (squidsecurity hushmail com) In-Reply-To: <000001c44d6d$e6897a80$2002a8c0@alucxp1> Since you said patches have been available for "many, many months", please provide links to them. It appears you merely restricted access to this module on your site not that these were necessarily fixed. A check of the patched code though wil [ more ] [ reply ] |
|
Privacy Statement |
the first :)
Other than gaining access to the Trusted Sites zone, you can further
gain access to the execution privileges of the Local Intranet zone by
explicitly leaving out a TLD (Top Level Domain) in the first part of the
quer
[ more ] [ reply ]