SecurityFocus

RE: A new TCP/IP blind data injection technique? 2003-12-11
Michael Wojcik (Michael Wojcik microfocus com)

> From: Valdis.Kletnieks (at) vt (dot) edu [email concealed] [mailto:Valdis.Kletnieks (at) vt (dot) edu [email concealed]]
> Sent: Thursday, December 11, 2003 12:06 PM
>
> On Thu, 11 Dec 2003 07:37:02 GMT, Nick Cleaton said:
>
> > Even if the attacker knows or controls every other byte in
> > the packet and thus controls the checksum before the final 1

[ more ] [ reply ]

RE: Internet Explorer URL parsing vulnerability 2003-12-11
Mimmus (dviggiani tiscali it)

Can any workaround be used at proxy level?

I.e. can malicious URLs be blocked using Squid?

Thanks in advance

Domenico Viggiani

> -----Original Message-----

> From: bugtraq (at) zapthedingbat (dot) com [email concealed] [mailto:bugtraq (at) zapthedingbat (dot) com [email concealed]]

> Sent: Tuesday, December 09, 2003 3:44 PM

> Subject: Internet

[ more ] [ reply ]

Remotely Anywhere Message Injection Vulnerability 2003-12-11
Oliver Karow (Oliver Karow gmx de)

Remotely Anywhere Message Injection Vulnerability
=================================================

In addition to http://www.securityfocus.com/bid/9120 i found that it is
possible to inject a message into the login page of Remotely Anywhere.
Its not a XSS attack, because there is no directly execu

[ more ] [ reply ]

Cyclonic Webmail 4 multiple vulnerabilities 2003-12-11
Somers Raf (raf Somers pandora be)

Software: Cyclonic Webmail
Version : 4
vendor : Stallion Networking

1. Software description
----------------------

Cyclonic is a webbased interface allowing users to handle emails
stored on a POP Server.
This software is Freeware

2. Vulnerability description
-------------------------

[ more ] [ reply ]

GLSA: cvs (200312-04) 2003-12-11
Rajiv Aaron Manglani (rajiv gentoo org)

A .NET class bug that can hang a machine instantly 2003-12-11
Walt Smith (walt vectiva com)

I posted the following information to a couple of Microsoft news groups in the last couple of days with no response, so I thought I would post it here perhaps to encourage the examination of this .NET class, which I believe is vulnerable to exploits because of quality problems in the code. I beli

[ more ] [ reply ]

Finjan Software Discovers a New Critical Vulnerability In Yahoo E-mail Service 2003-12-11
Dror Shalev (drorshalev finjan com)

Yahoo E-mail Service Vulnerability

Release Date:

December 10, 2003

Severity:

Critical (Potential web-based e-mail worm)

Systems Affected:

Other web-based e-mail systems may be vulnerable.

Internet Explorer and any software application used for reading Yahoo e-mail messages.

Status:

[ more ] [ reply ]

[RHSA-2003:390-01] Updated gnupg packages disable ElGamal keys 2003-12-11
bugzilla redhat com

irssi - potential remote crash 2003-12-11
Timo Sirainen (tss iki fi)

irssi 0.8.9 release fixes a vulnerability that allows normal IRC users
to remotely crash another user's irssi client, provided that either of
these conditions is met:

a) irssi is running on an architecture that requires memory
alignmentation (ie. not x86)

b) "gui print text" signal is being used b

[ more ] [ reply ]

Re: Dell BIOS DoS 2003-12-11
Thor (thor hammerofgod com)

>I'll continue the tangent: Encryption's great against an attacker who
>has physical access to the device holding your data, as long as they
>don't have physical access to the device holding your keys!

This is a bit different than your point, but one thing I've been trying to
find out, so far with

[ more ] [ reply ]

[CORE-2003-12-05] DCE RPC Vulnerabilities New Attack Vectors Analysis 2003-12-11
Core Security Technologies (advisories coresecurity com)

Core Security Technologies Advisory
http://www.coresecurity.com

DCE RPC Vulnerabilities New Attack Vectors Analysis

Date Published: 2003-12-10

Last Update: 2003-12-10

Advisory ID: CORE-2003-12-05

Title: DCE RPC Vulnerabilitie

[ more ] [ reply ]

Re: Multiple Vendor SOAP server (XML parser) attribute blowup DoS 2003-12-10
Amit Klein (Amit Klein SanctumInc com)

Hi Marc,

I presume Sun refers to http://www.securityfocus.com/archive/1/303509.
In this case,
the only commonality between the two issues is that they both result
from a problem in the
underlying XML parser, but the problems in the XML parser are
fundamentally different.

Thanks,
-Amit

Hi,

[ more ] [ reply ]

Mambo Open Source 4.0.14 SQL injection 2003-12-10
Chintan Trivedi (chesschintan hotmail com)

Product

-------

Mambo Open Source 4.0.14

Vendor

------

http://www.mamboserver.com

Details

-------

Mambo Open Source is the open source Web Content Management System. Mambo Open Source CMS is used by many websites including the commercial ones.

The function show() in mambo/art

[ more ] [ reply ]

RE: Internet Explorer URL parsing vulnerability 2003-12-10
Lance James (lance james bakbone com)

This also adds another effect, Since it's dropping to the right most url and
it's a parsing issue with the display url, SSL is additionally compromised
for this problem.

Scenario: Fake bank setup in .ru somewhere, attacker has a valid cert that
is signed by a authoritative Trent, and of attacker go

[ more ] [ reply ]

[SCSA-023] Multiple vulnerabilities in Mambo Server 2003-12-10
Security Corporation Security Advisory (advisory security-corporation com)

======================================================================
Security Corporation Security Advisory [SCSA-023]

Multiple vulnerabilities in Mambo Server
======================================================================

PROGRAM: Mambo Server
HOMEPAGE: http://www.mamboserver.com
VULN

[ more ] [ reply ]

GeoHttpServer[webcam] Causes MFC42.DLL to overflow 2003-12-10
Rafel Ivgi (nuritrv18 bezeqint net)

GeoHttpServer[webcam] Causes MFC42.DLL to overflow

Discovered by Rafel Ivgi, The-Insider.
http://theinsider.deep-ice.com

The GeoHttpServer Login Java Applet Causes MFC42.DLL to overflow.
The Overflow occures when the "Password" parameter of the applet is
filled
with 500000 times "a". This bug caus

[ more ] [ reply ]

MDKSA-2003:112-1 - Updated cvs packages fix malformed module request vulnerability 2003-12-10
Mandrake Linux Security Team (security linux-mandrake com)

Flashget 0.9 - 1.2 Local DialUp Password Hi-Jacking 2003-12-10
Rafel Ivgi (nuritrv18 bezeqint net)

Flashget 0.9 - 1.2 Local DialUp Password Hi-Jacking
***************************************************
Discovered by Rafel Ivgi, The-Insider.
http://theinsider.deep-ice.com
(This Is My First Advisory!)

Whenever a user sets flashget to dial-up to the internet he types his
username & password.
Thi

[ more ] [ reply ]

MDKSA-2003:114 - Updated ethereal packages fix multiple remotely exploitable vulnerabilities 2003-12-10
Mandrake Linux Security Team (security linux-mandrake com)

A new TCP/IP blind data injection technique? 2003-12-10
Michal Zalewski (lcamtuf ghettot org) (3 replies)

Good morning,

I am not quite sure there was no prior discussion of this problem, but I
could not find anything even remotely related, and so I think it makes
sense to post here. This post roughly describes a thought I had recently -
and I have to admit this is pure theory, even though it should be

[ more ] [ reply ]

RE: A new TCP/IP blind data injection technique? 2003-12-11
David Gillett (gillettdavid fhda edu)

Re: A new TCP/IP blind data injection technique? 2003-12-10
Kris Kennaway (kris FreeBSD org) (1 replies)

Re: A new TCP/IP blind data injection technique? 2003-12-11
Casper Dik (casper holland sun com)

Re: A new TCP/IP blind data injection technique? 2003-12-11
Nick Cleaton (nick cleaton net) (1 replies)

Re: A new TCP/IP blind data injection technique? 2003-12-11
Valdis Kletnieks vt edu