=====[BEGIN-ACROS-REPORT]=====

PUBLIC

========================================================================
=
ACROS Security Problem Report #2004-01-20-1
------------------------------------------------------------------------
-
ASPR #2004-01-20-1: Internet Explorer/Outlook double null character

[ more ]  [ reply ]

Hello,

> We can use Help Center to open any page or run any file.

On which operation system? I guess windows, so on which windows version(s)?

> hcp://services/layout/contentonly?topic=...
<snip>

To me this looks like
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/bu

[ more ]  [ reply ]

title:Possible new cross zone scripting in IE

program:MS Internet Explorer

test on:IE 6.0(sp1),winXP/ME

Proof of Concept:

From res://C:\WINDOWS\SYSTEM\BROWSELC.DLL/mbOffline.htm

,i found

<a href="shell:My Music" onmouseover="window.status=L_MyMusic_Text;return true" onmouseout="wind

[ more ]  [ reply ]

In-Reply-To: <20040207214926.28580.qmail (at) www.securityfocus (dot) com [email concealed]>

It was tested on Win XP Prof (ver 2002) Polish with Hotfixes: KB824146 and KB823980.

hcp://services/layout/contentonly?topic=http://www.securityfocus.com

Help Center opens page with given URL. For sure.

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title: XSS, Sql Injection and Avatar ScriptCode Injection in MaxWebPortal

By: Manuel López

Vendor Description:
MaxWebPortal is a web portal and online community system which includes
advanced features such as web-based administration, poll, priva

[ more ]  [ reply ]

OVERVIEW
========

RealPlayer is a popular multimedia player developed by RealNetworks.
One of its features are RMP files, RealJukebox Metadata Packages. These
are XML formatted files which may contain e.g. playlists, references
to skin files (*.rjs), and information about related web pages.

A

[ more ]  [ reply ]

We can use Help Center to open any page or run any file.

hcp://services/layout/contentonly?topic=...

where ... is a correct URL

http:// for page

file:/// for run (remember use / (slash) in path e.g. c:/windows/system32/...

[ more ]  [ reply ]

> TrackMania Demo Denial of Service
> The original document can be found at
> http://www.securiteinfo.com/attaques/hacking/trackmaniados.shtml

Also Virtual Skipper 3 is vulnerable so the problem is in the game engine
developed by Nadeo (http://www.nadeo.com)

> The multiplayer game use TCP port 23

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ------------------------------------------------------
BRINKSTER MULTIPLE VULNERABILITIES
- - ------------------------------------------------------
Online URL : http://ferruh.mavituna.com/article/?435

1. Retrieving other users ASP Source Codes
Sev

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"share" - smb server
"slovakia" - smb client

misko@slovakia:~$ smbmount --version
Usage: mount.smbfs service

[ more ]  [ reply ]

author: l0om <l0om (at) excluded (dot) org [email concealed]>

software: eTrust Virus Protection 6.0 InoculateIT for

linux

local phun with etrust antivirus 6.0 inoculateIT

linux

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

eTrust InnoculateIT 6.0 comes for the following OSes:

-windows 95/98/ME

[ more ]  [ reply ]

Red-M Red-Alert Multiple Vulnerabilities

Product: RedAlert
Versions Affected: Tested with hardware version 2.7.5, software v3.1 build 24
Status: Fixed by vendor
Vendor URL: http://www.red-m.com
Advisory URL: http://genhex.org/releases/031003.txt
Author:

[ more ]  [ reply ]