SecurityFocus

VirtuaNews Admin Panel 1.0.3 Pro Cross Site Scripting Vulnerabillity 2004-03-05
Rafel Ivgi, The-Insider (theinsider 012 net il)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Software: VirtuaNews Admin Panel
Vendor: http://www.virtuanews.co.uk
Versions: 1.0.3 Pro
Platforms: Unix/Windows
Bug: Cross Site Scripting Vulnerabillity
Risk: Medium

[ more ] [ reply ]

Re: Invision Power Board 1.3 Final Path Disclosure Vulnerability 2004-03-05
JeiAr (security gulftech org)

In-Reply-To: <20040305130832.64623.qmail (at) web25104.mail.ukl.yahoo (dot) com [email concealed]>

This "vulnerability" was actually reported by GulfTech Security on March 2nd

http://www.gulftech.org/03022004.php

and posted on the governmentsecurity.org message board March 3rd

http://www.governmentsecurity.org/forum/

[ more ] [ reply ]

Desert Rats vs. Afrika Korps (Haegemonia bug) 2004-03-05
Luigi Auriemma (aluigi altervista org)

Yesterday has been released the multiplayer demo 1.18 of the game Desert
Rats vs. Afrika Korps (http://www.desertratsgame.com).

Also this game as Haegemonia (created by the same developers) is vulnerable
to the same server crash bug.

I have updated the advisory and proof-of-concept I released ten

[ more ] [ reply ]

NetScreen Advisory 58412: XSS Bug in NetScreen-SA SSL VPN 2004-03-04
NetScreen Security Response Team (security-alert netscreen com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title: NetScreen Advisory 58412
Date: 02 March 2004

Impact: Possible theft of user credentials and remote script execution.

Affected Products: NetScreen IVE running version 3.0 to 3.3.1.

Max Risk: Low

Summary:
A cross-site scripting (XSS) vulnerabi

[ more ] [ reply ]

IEEE Security & Privacy CFP 2004-03-04
Sharif Torpis (faust grift com)

http://www.computer.org/security/cfp.htm

Attacking Systems (July/August 2004)

Submissions due 4 April 2004

Guest editors: Ivn Arce and Gary McGraw
ivan.arce-AT-coresecurity.com, gem-AT-cigital.com

Some security practitioners believe that the only way to know how to
protect a system against atta

[ more ] [ reply ]

[FLSA-2004:1256] Updated util-linux resolves security vulnerability 2004-03-05
Jesse Keating (jkeating j2solutions net)

Invision Power Board 1.3 Final Path Disclosure Vulnerability 2004-03-05
Shaun Colley (shaunige yahoo co uk)

~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

Product: Invision Power Board
http://www.invisionboard.com
Versions: 1.3 Final (and probably lower)
Bug: Disclosure of install path
Impact: Attacker learns the local install
path of Inv

[ more ] [ reply ]

SLMail Pro Supervisor Report Center Buffer Overflow (#NISR05022004a) 2004-03-05
NGSSoftware Insight Security Research (nisr ntexgenss com)

NGSSoftware Insight Security Research Advisory

Name: SLMail Pro Supervisor Report Center Buffer Overflow
Systems Affected: SLMail Pro version 2.0.9 and earlier on Windows.
Severity: High Risk
Vendor URL: http://www.slmail.com/
Author: David Litchfield [ david (at) ngssoftware (dot) com [email concealed] ]
Date Vendor Notified:

[ more ] [ reply ]

SLWebMail Multiple Buffer Overflow Vulnerabilities (#NISR05022004b) 2004-03-05
NGSSoftware Insight Security Research (nisr ntexgenss com)

NGSSoftware Insight Security Research Advisory

Name: SLWebMail Multiple Buffer Overflow Vulnerabilities
Systems Affected: SLWebMail (Installed with SLMail Pro version 2.0.9 and
earlier) on Windows.
Severity: High Risk
Vendor URL: http://www.slmail.com/
Author: David Litchfield [ david@ngssoftware.

[ more ] [ reply ]

GNU Anubis buffer overflows and format string bugs 2004-03-04
Ulf Härnhammar (Ulf Harnhammar 9485 student uu se)

GNU Anubis buffer overflows and format string bugs

PROGRAM: GNU Anubis
VENDOR: Free Software Foundation, Inc.
HOMEPAGE: http://www.gnu.org/software/anubis/
VULNERABLE VERSIONS: 3.6.2, 3.9.93, 3.9.92, 3.6.0, 3.6.1,
possibly others
IMMUNE VERSIONS: 3.6.2 with vendor patch, 3.9.9

[ more ] [ reply ]

LNSA-#2004-0004: libxml2 buffer overflow 2004-03-04
Vincenzo Ciaglia (ciaglia netwosix org)

MDKSA-2004:017 - Updated pwlib packages fix vulnerability 2004-03-04
Mandrake Linux Security Team (security linux-mandrake com)

MDKSA-2004:018 - Updated libxml2 packages fix vulnerability 2004-03-04
Mandrake Linux Security Team (security linux-mandrake com)

Nokia 3410 cell phones software flaw 2004-03-04
David Arranz (keyser sdf lonestar org) (1 replies)

Product: Nokia 3410 cell phones
Version: Cell phone: Nokia 3410
Software: 40.26
Bug: Software flaw in calls recognizing
Impact: Phone can report a wrong name from the
'phone book' when receiving a call.
Date: march 03, 2004
Author: David Arranz Oveja
Email: i1655087 (at) petra (dot) euit

[ more ] [ reply ]

Re: [bugtraq] Nokia 3410 cell phones software flaw 2004-03-04
Erwann Abalea (erwann abalea certplus com)

Abobe Reader 5.1 XFDF Buffer Overflow Vulnerability 2004-03-03
NGSSoftware Insight Security Research (nisr nextgenss com)

NGSSoftware Insight Security Research Advisory

Name: Adobe Acrobat Reader XML Forms Data Format Buffer Overflow
Systems Affected: Adobe Acrobat Reader version 5.1
Severity: High Risk
Vendor URL: http://www.adobe.com/
Author: David Litchfield [ david (at) ngssoftware (dot) com [email concealed] ]
Date Vendor Notified: 7th Fe

[ more ] [ reply ]

Re: The Cult of a Cardinal Number 2004-03-04
Phantasmal Phantasmagoria (phantasmal hush ai)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>A cc of this email to security (at) proftpd (dot) org [email concealed] would have been
appreciated
>if you felt the need not to give any prior warning to the team so
>problematic versions could be removed from the ftp archives and/or
>patched.
>
> Mark Lowes
>
>--
>Mark Lowes

[ more ] [ reply ]

OpenLinux: cups denial of service vulnerability 2004-03-04
please_reply_to_security sco com

SHOUTcast v1.9.2 remote connect back exploit 2004-03-04
0seen security team (o5een hotmail com)

/* _ ________ _____ ______

*

* oseen_shoucast.c( public version) - SHOUTcast v1.9.2 remote exploit / \ / "fuck mm"

* by exworm of oseen (www.oseen.org) \/

* con back exploit

* bash-2.05b# .

[ more ] [ reply ]

Serv-U Real Target and Search ASM Code Tool for Overflow Exploit. 2004-03-04
lion (lion cnhonker net)

hi,

someone said my exploit make a carsh.
because i remove some target.
please use this target:

==============================================
struct
{
DWORD dwJMP;
char *szDescription;
}targets[] =
{
{0x7801D07B,"Serv-U 3.x/4.x/5.x ALL 2K SP3/SP4"}, //msvcrt.dll pop,pop,ret addr
//

[ more ] [ reply ]

[SECURITY] [DSA 455-1] New libxml packages fix arbitrary code execution 2004-03-04
joey infodrom org (Martin Schulze)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA 455-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Martin Schulze
March 3rd, 2004

[ more ] [ reply ]

A new white paper by Sanctum: "Divide and Conquer - HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics" 2004-03-04
Amit Klein (amit klein sanctuminc com)

Hi

Today, Sanctum released a new whitepaper, titled "Divide and Conquer
- HTTP Response Splitting, Web Cache Poisoning Attacks, and Related
Topics". The full paper can be found in the following link:
http://www.sanctuminc.com/pdf/whitepaper_httpresponse.pdf

The paper's abstract is copied below:

"

[ more ] [ reply ]

Cisco Security Advisory: Cisco CSS 11000 Series Content Services Switches Malformed UDP Packet Vulnerability 2004-03-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)

RE: SonicWall Firewall DoS, ARP Flood, Network Mapping 2004-03-03
Robert C. Auch (RAuch totalnetsolutions net)

A few clarifications, according to CSSA Support (Level 2 support):

1) You need to have Ethernet connectivity to the WAN interface to
exploit this. T1, and many cable implementations will stop this.

2) The "default" or "normal" mode that most SonicWall devices are
installed in is "NAT Mode" - Soni

[ more ] [ reply ]

SGI Advanced Linux Environment security update #13 2004-03-03
SGI Security Coordinator (agent99 sgi com)

RE: New Internet Explorer Cross Zone/Site Scripting Vulnerability 2004-03-03
Thor Larholm (tlarholm pivx com)

This is not a new vulnerability but was covered on Bugtraq in September
by jelmer and Liu Die Yu.

Jelmer highlighted the Media Bar Ressource Injection vulnerability in
his exploit published on September 11, 2003 at

http://securityfocus.com/archive/1/337285

Which followed Liu Die Yus post on Septe

[ more ] [ reply ]

Coreutils 'dir' integer overflow vulnerability. 2004-03-02
Shaun Colley (shaunige yahoo co uk)

~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

Product: Coreutils 'dir' - versions < 5.2.0
http://www.gnu.org
Versions: < 5.2.0 (**see "Vulnerable Versions" for

very important info on versions
vulnerable!**)
Bug: DoS / possible arbi

[ more ] [ reply ]

RE: SonicWall VPN/Firewall Appliance - DoS, ARP Flood, Network mapping vulnerability 2004-03-03
xeno hush ai

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello List,

As I was informed in a voice mail from SonicWall this afternoon, there
currently is NO publically available patch.
It seems there was some mis understanding on my part as to the availability
of a public patch.
As for this being a hoax, that

[ more ] [ reply ]