|
|
Colapse all |
Post message
Looking for a security contact of RealNetworks Live Rhapsody 2004-05-27 Philip Stoev (philip stoev org) Users who have expired passwords can still log on to the domain if the FQDN is exactly eight characters long in Windows 2000 2004-05-31 albatross tim it SYMPTOMS Users who have expired passwords can unexpectedly log on to the Microsoft Windows 2000 domain. CAUSE This issue occurs if the fully qualified domain name (FQDN) is exactly eight characters long. RESOLUTION Hotfix information A supported hotfix is now available from Microsoft, bu [ more ] [ reply ] [ GLSA 200405-25 ] tla: Heap-based buffer overflow in included libneon 2004-05-30 Thierry Carrez (koon gentoo org) [SECURITY] [DSA 511-1] New ethereal packages fix buffer overflows 2004-05-30 Matt Zimmerman (mdz debian org) [SECURITY] [DSA 510-1] New jftpgw packages fix format string vulnerability 2004-05-29 Matt Zimmerman (mdz debian org) [Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability 2004-05-27 idlabs-advisories idefense com (1 replies) 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability iDEFENSE Security Advisory 05.27.04 www.idefense.com/application/poi/display?id=106&type=vulnerabilities May 27, 2004 I. BACKGROUND The 3Com OfficeConnect Remote 812 ADSL Router is a standalone bridge/router, with inter [ more ] [ reply ] Re: [Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability 2004-05-27 Seth Alan Woolley (seth tautology org) [SECURITY] [DSA 509-1] New gatos packages fix privilege escalation 2004-05-29 Matt Zimmerman (mdz debian org) [waraxe-2004-SA#031 - Multiple vulnerabilities in e107 version 0.615] 2004-05-29 Janek Vind (come2waraxe yahoo com) EnderUNIX Security Anouncement (Isoqlog and Spamguard) 2004-05-28 Murat Balaban (murat enderunix org) SGI Advanced Linux Environment 3 Security Update #2 2004-05-28 SGI Security Coordinator (agent99 sgi com) SGI Advanced Linux Environment security update #20 2004-05-28 SGI Security Coordinator (agent99 sgi com) [ GLSA 200405-24 ] MPlayer, xine-lib: vulnerabilities in RTSP stream handling 2004-05-28 Thierry Carrez (koon gentoo org) Re: Microsoft Internet Explorer ImageMap URL Spoof Vulnerability 2004-05-27 http-equiv (at) excite (dot) com [email concealed] (1 malware com) <!-- <a onmouseover="window.status='http://www.the-url-you- see.com;return true" title="The Link" onmouseout="window.status='Whatever-you-like-here';return true" href='http://www.some-other-url.com'>The link</a> --> the point of the exercise is that default settings for the most popular MU [ more ] [ reply ] [PHP] include() bypassing filter with php://input 2004-05-27 Himeur Nourredine (lostnoobs security-challenge com) (1 replies) Informations : °°°°°°°°°°°°°° Website : http://www.php.net Version : PHP 3.0.13 => Problem : Inlude() bypassing filter Proof of concept: °°°°°°°° Exploit °°°°°°°°° <------------ cut here ----------------> <form action="" methode="post" > target server : <input type="text" name="serv [ more ] [ reply ] Re: [PHP] include() bypassing filter with php://input 2004-05-28 Keary Suska (hierophant pcisys net) (1 replies) Re: [PHP] include() bypassing filter with php://input 2004-05-28 clez (bt_sf_com_20040528 clez net) (2 replies) Re: [PHP] include() bypassing filter with php://input 2004-05-28 bugtraq subscriber (bugtraq theorb net) Re: [PHP] include() bypassing filter with php://input 2004-05-28 Ali Campbell (bugtraq alicampbell org uk) |
|
Privacy Statement |
Hash: SHA1
There is a vulnerability in PHPNuke that permits execution of arbitrary
SQL queries on a database located in the same server of an attacker's
account. This is the procedure: first of all attacker must create a
symlink pointing to victim's db directory i
[ more ] [ reply ]