- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200404-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

This crashed IE 5.0.3700.1000 on Win2k SP4

Both the EBP and EIP were overwritten with 0x00410041.
ESP holds the Share name as passed by the server.
ESI holds servers.ip\sharename (tolowered)

I guess its unicode ninjitsu time.

-KF

Milan 't4c' Berger wrote:

> Hello,
>
> I expierenced the same

[ more ]  [ reply ]

In-Reply-To: <20040425173451.6E5BB396A (at) sitemail.everyone (dot) net [email concealed]>

And now for the Python Community,

"There exists an exploit in C and Perl, so why do we need another one?!?"

I started with it on Friday, and there were no exploits on Bugtraq. Now it's ready, so why don't publish it :)

Here you

[ more ]  [ reply ]

Adivore: http://bichosoft.webcindario.com/advisory-03.txt

========================================================================
===
=================== Multiple vulnerabilities PHP-Nuke =====================
=================== Video Gallery Module for PHP-Nuke =====================

PROGRAM: PHP

[ more ]  [ reply ]

Hello

In OLD procesors (i mean like x286 and some version x386) when the sizeof (unsigned long) == sizeof (unsgined int) there is bug becouse it's 2 bytes and... 2*16=32 but i don't have in this time box with that procesors for research this situactions and this is only theory that bug beco

[ more ]  [ reply ]

vulnerabilities in LCDproc
Date: Mon, 26 Apr 2004 22:19:53 -0700
User-Agent: KMail/1.6.1
Cc: bugtraq (at) securityfocus (dot) com [email concealed],
full-disclosure (at) lists.netsys (dot) com [email concealed],
security-alerts (at) linuxsecurity (dot) com [email concealed],
gentoo-core (at) gentoo (dot) org [email concealed]
MIME-Version: 1.0
X-KMail-Identity: 422776557
Content-Type: multipart/signed;
proto

[ more ]  [ reply ]

Greetings and Salutations:

I have updated the instructions for the Rose Fragmentation Attack and
clarified the attack (per some questions that have been asked). The
instructions are now at the following URL:
http://digital.net/~gandalf/Rose_Frag_Attack_Explained.txt

Specifically I have added the

[ more ]  [ reply ]

Just a few more for HP Web JetAdmin 6.5 - I'm tired of waiting for HP and
since the current version is way past 6.5, there is no point in hiding it
any more :)

---[SNIP]---

Phenoelit Advisory <wir-haben-auch-mal-was-gefunden #0815 ++-+>

[ Title ]
Multiple vulnerabilities in HP Web JetAdmin

[

[ more ]  [ reply ]

Package: eXtremail

Auth: http://www.extremail.com/

Version(s): 1.5.9 (current release)

Vulnerability: Format String

What?s eXtremail:

eXtremail is a Unix mail server that supports SMTP/POP3/IMAP protocols.

It includes support for virtual domains, spoofing attack ,SSL connection

and

[ more ]  [ reply ]

_____________________________________________________________
Fight the power! BlazeMail.com

[ more ]  [ reply ]

Fixed Advisory.

Rodrigo Gutierrez.

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 495-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
April 26th, 2004

[ more ]  [ reply ]

Vendor : OpenBB Group

URL : http://www.openbb.com

Version : Open Bulletin Board 1.0.6 && Earlier

Risk : Multiple Vulnerabilities

Description:

OpenBB is a fast, lightweight, powerful bulletin board written

in PHP/MySQL. Main features include: full customization via styles

tem

[ more ]  [ reply ]

Dear Mr. Mookhey,

The 'SQL Injection Signatures Evasion' paper is the result of a several
months-long research conducted by Imperva's ADC. This research began
long before the pulibcation of the 'Detection of SQL Injection and
Cross-Site scripting attacks', and was obviously never intended as a
mea

[ more ]  [ reply ]

Hello

I've found a very interesting feature in Horde webmail system...

Horde is a very popular PHP based webmail system, with many accessories. Most of these web applications (for example: turba, mnemo, etc) are using mysql
database server, to store e-mail addresses, user memos, informations about

[ more ]  [ reply ]

# Author: Vengy

# Email: cyber_flash (at) hotmail (dot) com [email concealed]

# Description: Spammers can hide behind 'Email a friend/article' scripts.

#

#

# How it works:

# -------------

# This simple perl script will send just 3 identical fake spam messages

# to 'yourname (at) yourdomain (dot) com [email concealed]' from 'vengy@spam4

[ more ]  [ reply ]

Windows 98 and Me are also vulnerable.

-----Mensaje original-----
De: Rodrigo Gutierrez [mailto:rodrigo (at) intellicomp (dot) cl [email concealed]]
Enviado el: Domingo, 25 de Abril de 2004 17:38
Para: 'full-disclosure (at) lists.netsys (dot) com [email concealed]'; 'bugtraq (at) securityfocus (dot) com [email concealed]';
'submissions (at) packetstormsecurity (dot) org [email concealed]'; 'info (at) securiteam (dot) com [email concealed]

[ more ]  [ reply ]

This is in response to Imperva's email that it is trivial to evade
signature-based detection of SQL injection. There are a few points I'd like
to respond to in relation to their tone and content of the paper. Well first
lets take the tone:

The abstract of Imperva's paper says, among other things:
"

[ more ]  [ reply ]

There is a vulnerability within the OS that this (and other) samsung

managed switches. The problem resides in the way that the admin user

is authenticated when trying to login using telnet (remote) or from

console (local). Now just so everyone who reads this knows, I am not

that up to date

[ more ]  [ reply ]

Thought i publish the code so it has more use than idling on a single box. It should patch against the latest bug in setsockopt without the need of a new kernel/reboot.

It logs process and uid if someone tries to exploit the system.

I've tested it against the public POC, seems to work fine.

[ more ]  [ reply ]

Sunday afternoon is a bit boring, and weather sucks down here in Santiago,
Chile so here we go...
The vuln is attached in TXT format, I would be gratefull if someone could
verify if it affects windows 2003 as well.

Rodrigo.-

[ more ]  [ reply ]

A similar issue exists that allows someone to kill TCP connections that
go through many types of firewalls. If the firewalls involved don't
adequately follow the sequence numbers being used in a connection, you
can usually indirectly kill the connection by sending a reset packet
with correct source

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

@stake, Inc.
www.atstake.com

Security Advisory

Advisory Name: Netegrity SiteMinder Affiliate Agent Cookie
Overflow
Release Date: 04/22/2004

[ more ]  [ reply ]

Apache - all versions vulnerability in OLD procesors.

I. Entry.

Vulnerability in probably all versions of apache web server, default

install (as of version 1.3.29).

II. Vulnerability details.

There are few scenarios, few calls leading to that bug.

The first call is in mod_auth

[ more ]  [ reply ]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200404-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

@stake, Inc.
www.atstake.com

Security Advisory

Advisory Name: Netegrity SiteMinder Affiliate Agent Cookie
Overflow
Release Date: 04/22/2004

[ more ]  [ reply ]

{=======================================================================
=========}

{ [waraxe-2004-SA#024] }

{=======================================================================
=========}

{

[ more ]  [ reply ]